CONTROL ID
08988
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):- Establish, implement, and maintain system hardening procedures., CC ID: 12001
This Control has the following implementation support Control(s):- Configure the "IIS Web Root folder path" setting to organizational standards., CC ID: 09153
- Configure the "IIS Web Root" directory to organizational standards., CC ID: 09154
- Configure the "use the appropriate network interface" setting to organizational standards., CC ID: 09155
- Configure the "Enable Logging" setting to organizational standards., CC ID: 09167
- Configure the "Integrated Windows Authentication" setting to organizational standards., CC ID: 09176
- Configure the "Special Characters In Shells" setting for the "WWW service" to organizational standards., CC ID: 09177
- Configure the "IIS WWW service SSL error logging" setting to organizational standards., CC ID: 09178
- Configure the "RDSServer.DataFactory object" setting to organizational standards., CC ID: 09179
- Configure the "AdvancedDataFactory object" setting to organizational standards., CC ID: 09180
- Configure the "VbBusObj.VbBusObjCls object" setting to organizational standards., CC ID: 09181
- Configure the ".printer extension mapping" setting to organizational standards, CC ID: 09182
- Configure the ".htw extension mapping" setting to organizational standards, CC ID: 09183
- Configure the ".ida extension mapping" setting to organizational standards, CC ID: 09184
- Configure the ".idq extension mapping" setting to organizational standards, CC ID: 09185
- Configure the ".idc extension mapping" setting to organizational standards, CC ID: 09186
- Configure the ".shtm extension mapping" setting to organizational standards, CC ID: 09187
- Configure the ".stm extension mapping" setting to organizational standards, CC ID: 09188
- Configure the ".shtml extension mapping" setting to organizational standards, CC ID: 09189
- Configure the "Relative path traversal" setting to organizational standards., CC ID: 09190
- Configure the "HTTP protocol logging" setting to organizational standards., CC ID: 09199
- Configure the "Date logging" setting to organizational standards., CC ID: 09200
- Configure the "Time logging" setting to organizational standards., CC ID: 09201
- Configure the "Client IP Address logging" setting to organizational standards., CC ID: 09202
- Configure the "User name logging" setting to organizational standards., CC ID: 09203
- Configure the "User agent logging" setting to organizational standards., CC ID: 09204
- Configure the "Method logging" setting to organizational standards., CC ID: 09205
- Configure the "URI stem logging" setting to organizational standards., CC ID: 09206
- Configure the "URL query logging" setting to organizational standards., CC ID: 09207
- Configure the "Server IP address logging" setting to organizational standards., CC ID: 09208
- Configure the "Server port logging" setting to organizational standards., CC ID: 09209
- Configure the "Protocol status logging" setting to organizational standards., CC ID: 09210
- Configure the "Win32 status logging" setting to organizational standards., CC ID: 09211
- Configure the "HTTP Log folder path" setting to organizational standards., CC ID: 09212
- Configure the "Web-based password reset IIS application mappings (.htr)" setting to organizational standards, CC ID: 09215
- Configure the "IIS Sample files" setting to organizational standards., CC ID: 09216
- Configure the "sample Data Access files" setting to organizational standards., CC ID: 09217
- Configure the "IIS Help files" setting to organizational standards., CC ID: 09218
- Configure the "Remote Account password changes" setting to organizational standards., CC ID: 09219
- Configure the "execution context of the IIS CGI processes" setting to organizational standards., CC ID: 09220
- Configure the "Server Side Includes command shell" setting to organizational standards., CC ID: 09229
- Configure the "IIS sample Web Printing files" setting to organizational standards., CC ID: 09230
- Configure the "AllowRestrictedChars" setting to organizational standards., CC ID: 09231
- Configure the "EnableNonUTF8" setting to organizational standards., CC ID: 09232
- Configure the "FavorUTF8" setting to organizational standards., CC ID: 09233
- Configure the "maximum possible size of request headers" setting to organizational standards., CC ID: 09234
- Configure the "maximum possible combined size of request line and headers" setting to organizational standards., CC ID: 09235
- Configure the "maximum number of characters in a URL path setting" setting to organizational standards., CC ID: 09236
- Configure the "maximum number of URL path segments" setting to organizational standards., CC ID: 09237
- Configure the "allowance of %U notation in request URLs" setting to organizational standards., CC ID: 09238
- Configure the "maximum response size that can be cached in the kernel" setting to organizational standards., CC ID: 09239
- Configure the "maximum size of the entire request body" setting to organizational standards., CC ID: 09240
- Configure the "URLScan ISAPI filters" setting to organizational standards., CC ID: 09241
- Configure the "HTTP SSL (HTTPFilter) service" setting to organizational standards., CC ID: 09242
- Configure the "identity" setting for the "IIS Application Pools service" to organizational standards., CC ID: 09243
- Configure the "worker process isolation" setting to organizational standards., CC ID: 09244
- Configure the "Recycle worker process (in minutes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09245
- Configure the "Recycle worker process (number of requests)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09246
- Configure the "Maximum virtual memory (in megabytes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09247
- Configure the "Maximum used memory (in megabytes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09248
- Configure the "Shutdown worker processes after being idle (time in minutes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09249
- Configure the "Limit the kernel request queue (number of requests)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09250
- Configure the "Enable pinging" setting for the "IIS Application Pool" to organizational standards., CC ID: 09251
- Configure the "Ping worker process every (frequency in seconds)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09252
- Configure the "Enable rapid-fail protection" setting for the "IIS Application Pool" to organizational standards., CC ID: 09253
- Configure the "Enable rapid-fail protection - Failures" setting for the "IIS Application Pool" to organizational standards., CC ID: 09254
- Configure the "Enable rapid-fail protection - Time Period" setting for the "IIS Application Pool" to organizational standards., CC ID: 09255
- Configure the "auditing" setting for the "MetaBase.xml" file to organizational standards., CC ID: 09256
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
This control is an implied control and is included to maintain the legal hierarchy for your selected controls.