V-228365
CAT IIExchange must protect audit data against unauthorized read access.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
Review the Email Domain Security Plan (EDSP) or document that contains this information.
Determine the authorized groups or users that should have "Read" access to the audit data.
If any group or user has "Read" access to the audit data that is not documented in the EDSP, this is a finding.
Fix Text
Update the EDSP to specify the authorized groups or users that should have "Read" access to the audit data or verify that this information is documented by the organization.
Restrict any unauthorized groups' or users' "Read" access to the audit logs.
STIG Reference
- STIG
- Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
- Version
- 2
- Release
- 6
- Rule ID
- SV-228365r879576_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl | Unassigned | 2026-01-14T12:57:33.455034 | View in Context |