V-228402
CAT IIExchange software must be monitored for unauthorized changes.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 1
- Closed
- 0
Check Text
Review the Email Domain Security Plan (EDSP).
Determine whether the site monitors system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on servers for unauthorized changes against a baseline on a weekly basis.
If software files are not monitored for unauthorized changes, this is a finding.
Fix Text
Update the EDSP to specify that the organization monitors system files on servers for unauthorized changes against a baseline on a weekly basis or verify that this information is documented by the organization.
Monitor the software files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on Exchange servers for unauthorized changes against a baseline on a weekly basis.
Note: This can be done with the use of various monitoring tools.
STIG Reference
- STIG
- Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
- Version
- 2
- Release
- 6
- Rule ID
- SV-228402r928977_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl | Unassigned | 2026-01-14T12:57:33.455034 | View in Context |