Check: Exch-1-002
Exchange 2010 Client Access Server STIG:
Exch-1-002
(in version v1 r9)
Title
Encryption must be used for RPC client access. (Cat II impact)
Discussion
This setting controls whether client machines are forced to use secure channels to communicate with the server. If this feature is enabled, clients will only be able to communicate with the server over secure communication channels. Failure to require secure connections to the client access server increases the potential for unintended eavesdropping or data loss.
Check Content
Open the Exchange Management Shell and enter the following command: Get-RpcClientAccess | Select Server, EncryptionRequired If the value of 'EncryptionRequired' is not set to 'True', this is a finding.
Fix Text
Open the Exchange Management Shell and enter the following command: Set-RpcClientAccess -Server <'ServerName'> -EncryptionRequired $true
Additional Identifiers
Rule ID: SV-43979r1_rule
Vulnerability ID: V-33559
Group Title: Exch-1-002
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |