Microsoft IIS 10.0 Site STIG

Microsoft IIS 10.0 Site Security Technical Implementation Guide

ID Vuln ID Title Cat Status
IIST-SI-000208 V-218740 An IIS 10.0 website behind a load balancer or proxy server must produce log records containing the source client IP, and destination information. Cat II
IIST-SI-000253 V-218773 The amount of virtual memory an application pool uses for each IIS 10.0 website must be explicitly set. Cat II
IIST-SI-000216 V-218745 The IIS 10.0 website must have resource mappings set to disable the serving of certain file types. Cat II
IIST-SI-000225 V-218753 The IIS 10.0 website must be configured to limit the maxURL. Cat II
IIST-SI-000239 V-218766 The IIS 10.0 websites must use ports, protocols, and services according to Ports, Protocols, and Services Management (PPSM) guidelines. Cat II
IIST-SI-000261 V-218779 Interactive scripts on the IIS 10.0 web server must be located in unique and designated folders. Cat II
IIST-SI-000206 V-218739 Both the log file and Event Tracing for Windows (ETW) for each IIS 10.0 website must be enabled. Cat II
IIST-SI-000210 V-218742 The IIS 10.0 website must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event. Cat II
IIST-SI-000223 V-218751 The IIS 10.0 website must generate unique session identifiers that cannot be reliably reproduced. Cat II
IIST-SI-000263 V-218781 Backup interactive scripts on the IIS 10.0 server must be removed. Cat II
IIST-SI-000254 V-218774 The amount of private memory an application pool uses for each IIS 10.0 website must be explicitly set. Cat II
IIST-SI-000201 V-218735 The IIS 10.0 website session state must be enabled. Cat II
IIST-SI-000251 V-218771 The IIS 10.0 website must have a unique application pool. Cat II
IIST-SI-000244 V-218769 IIS 10.0 website session IDs must be sent to the client using TLS. Cat II
IIST-SI-000252 V-218772 The maximum number of requests an application pool can process for each IIS 10.0 website must be explicitly set. Cat II

Print

Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Print

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.
Changes