V-228367
CAT IIExchange must protect audit data against unauthorized access.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
Review the Email Domain Security Plan (EDSP) or document that contains this information.
Determine the authorized groups or users that should have access to the audit data.
If any group or user has modify privileges for the audit data that is not documented in the EDSP, this is a finding.
Fix Text
Update the EDSP to specify the authorized groups or users that should have access to the audit data or verify that this information is documented by the organization.
Restrict any unauthorized groups' or users' modify permissions for the audit logs.
STIG Reference
- STIG
- Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
- Version
- 2
- Release
- 6
- Rule ID
- SV-228367r879577_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl | Unassigned | 2026-01-14T12:57:33.455034 | View in Context |