Product:
BigFix Compliance
Title:
Updated DISA STIG Checklist for MS IIS 10.0
Security Benchmark:
Microsoft IIS 10.0 STIG, Site V2R7, Server V2R8
Published Sites:
DISA STIG Checklist for MS IIS 10.0, site version 8
(The site version is provided for air-gap customers.)
Details:
- Both analysis and remediation checks are included
- Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.
- Modified check ‘V-218798 The IIS 10.0 web server must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.’ To avoid the scenario as this check not coming back as compliant.
- Removed the duplicate relevance statements on the checks.
Actions to take:
- To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.
- If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://help.hcltechsw.com/bigfix/10.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
- BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance - BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=enus#!/wiki/BigFix%20Wiki/page/SCM%20Checklists
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team