V-243505
CAT IIIChanges to the AD schema must be subject to a documented configuration management process.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
1. Interview the ISSO.
2. Obtain a copy of the site's configuration management procedures documentation.
3. Verify that there is a local policy that requires changes to the directory schema to be processed through a configuration management process. This applies to directory schema changes whether implemented in a database or other types of files. For AD, this refers to changes to the AD schema.
4. If there is no policy that requires changes to the directory schema to be processed through a configuration management process, then this is a finding.
Fix Text
Document and implement a policy to ensure that changes to the AD schema are subject to a configuration management process.
STIG Reference
- STIG
- Active Directory Forest Security Technical Implementation Guide
- Version
- 3
- Release
- 2
- Rule ID
- SV-243505r1026206_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_ADForest_V3R2_20251023-171845.ckl | Unassigned | 2026-01-14T12:57:36.607366 | View in Context |