Check: EMG3-058 Exch2K3
Microsoft Exchange Server 2003:
EMG3-058 Exch2K3
(in version v1 r5)
Title
E-mail software is not monitored for change on INFOCON frequency schedule. (Cat II impact)
Discussion
The INFOCON system provides a framework within which the Commander USSTRATCOM regional commanders, service chiefs, base/post/camp/station/vessel commanders, or agency directors can increase the measurable readiness of their networks to match operational priorities. The readiness strategy provides the ability to continuously maintain and sustain one’s own information systems and networks throughout their schedule of deployments, exercises and operational readiness life cycle independent of network attacks or threats. The system provides a framework of prescribed actions and cycles necessary for reestablishing the confidence level and security of information systems for the commander and thereby supporting the entire Global Information Grid (GIG) (SD 527-1 Purpose). The Exchange software files and directories as well as the files and directories of dependent applications are vulnerable to unauthorized changes if not adequately protected. An unauthorized change could affect the integrity or availability of e-mail services overall. For this reason, all application software installations must monitor for change against a software baseline that is preserved when installed, and updated periodically as patches or upgrades are installed. Automated and manual schedules for software change monitoring must be compliant with SD527-1 frequencies.
Check Content
Verify the software change monitoring schedule. Procedure: Interview the E-Mail Administrator or IAO to ascertain current INFOCON level history, and ask for software modification detection procedures in place. Review reports for inclusion of the Exchange 2003 executable and configuration files. Criteria: If E-mail software is monitored for changes as required by the INFOCON levels, this is not a finding.
Fix Text
Procedure: Establish procedures to monitor any changes made to E-mail Services software. Identify files and directories to be included in the host system and provide these to the person responsible for backups. Verify that E-mail software libraries are monitored for change according to SD527-1 INFOCON levels.
Additional Identifiers
Rule ID: SV-20425r1_rule
Vulnerability ID: V-18741
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |