Back

Configure IIS to Organizational Standards.


CONTROL ID
08988
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain system hardening procedures., CC ID: 12001

This Control has the following implementation support Control(s):
  • Configure the "IIS Web Root folder path" setting to organizational standards., CC ID: 09153
  • Configure the "IIS Web Root" directory to organizational standards., CC ID: 09154
  • Configure the "use the appropriate network interface" setting to organizational standards., CC ID: 09155
  • Configure the "Enable Logging" setting to organizational standards., CC ID: 09167
  • Configure the "Integrated Windows Authentication" setting to organizational standards., CC ID: 09176
  • Configure the "Special Characters In Shells" setting for the "WWW service" to organizational standards., CC ID: 09177
  • Configure the "IIS WWW service SSL error logging" setting to organizational standards., CC ID: 09178
  • Configure the "RDSServer.DataFactory object" setting to organizational standards., CC ID: 09179
  • Configure the "AdvancedDataFactory object" setting to organizational standards., CC ID: 09180
  • Configure the "VbBusObj.VbBusObjCls object" setting to organizational standards., CC ID: 09181
  • Configure the ".printer extension mapping" setting to organizational standards, CC ID: 09182
  • Configure the ".htw extension mapping" setting to organizational standards, CC ID: 09183
  • Configure the ".ida extension mapping" setting to organizational standards, CC ID: 09184
  • Configure the ".idq extension mapping" setting to organizational standards, CC ID: 09185
  • Configure the ".idc extension mapping" setting to organizational standards, CC ID: 09186
  • Configure the ".shtm extension mapping" setting to organizational standards, CC ID: 09187
  • Configure the ".stm extension mapping" setting to organizational standards, CC ID: 09188
  • Configure the ".shtml extension mapping" setting to organizational standards, CC ID: 09189
  • Configure the "Relative path traversal" setting to organizational standards., CC ID: 09190
  • Configure the "HTTP protocol logging" setting to organizational standards., CC ID: 09199
  • Configure the "Date logging" setting to organizational standards., CC ID: 09200
  • Configure the "Time logging" setting to organizational standards., CC ID: 09201
  • Configure the "Client IP Address logging" setting to organizational standards., CC ID: 09202
  • Configure the "User name logging" setting to organizational standards., CC ID: 09203
  • Configure the "User agent logging" setting to organizational standards., CC ID: 09204
  • Configure the "Method logging" setting to organizational standards., CC ID: 09205
  • Configure the "URI stem logging" setting to organizational standards., CC ID: 09206
  • Configure the "URL query logging" setting to organizational standards., CC ID: 09207
  • Configure the "Server IP address logging" setting to organizational standards., CC ID: 09208
  • Configure the "Server port logging" setting to organizational standards., CC ID: 09209
  • Configure the "Protocol status logging" setting to organizational standards., CC ID: 09210
  • Configure the "Win32 status logging" setting to organizational standards., CC ID: 09211
  • Configure the "HTTP Log folder path" setting to organizational standards., CC ID: 09212
  • Configure the "Web-based password reset IIS application mappings (.htr)" setting to organizational standards, CC ID: 09215
  • Configure the "IIS Sample files" setting to organizational standards., CC ID: 09216
  • Configure the "sample Data Access files" setting to organizational standards., CC ID: 09217
  • Configure the "IIS Help files" setting to organizational standards., CC ID: 09218
  • Configure the "Remote Account password changes" setting to organizational standards., CC ID: 09219
  • Configure the "execution context of the IIS CGI processes" setting to organizational standards., CC ID: 09220
  • Configure the "Server Side Includes command shell" setting to organizational standards., CC ID: 09229
  • Configure the "IIS sample Web Printing files" setting to organizational standards., CC ID: 09230
  • Configure the "AllowRestrictedChars" setting to organizational standards., CC ID: 09231
  • Configure the "EnableNonUTF8" setting to organizational standards., CC ID: 09232
  • Configure the "FavorUTF8" setting to organizational standards., CC ID: 09233
  • Configure the "maximum possible size of request headers" setting to organizational standards., CC ID: 09234
  • Configure the "maximum possible combined size of request line and headers" setting to organizational standards., CC ID: 09235
  • Configure the "maximum number of characters in a URL path setting" setting to organizational standards., CC ID: 09236
  • Configure the "maximum number of URL path segments" setting to organizational standards., CC ID: 09237
  • Configure the "allowance of %U notation in request URLs" setting to organizational standards., CC ID: 09238
  • Configure the "maximum response size that can be cached in the kernel" setting to organizational standards., CC ID: 09239
  • Configure the "maximum size of the entire request body" setting to organizational standards., CC ID: 09240
  • Configure the "URLScan ISAPI filters" setting to organizational standards., CC ID: 09241
  • Configure the "HTTP SSL (HTTPFilter) service" setting to organizational standards., CC ID: 09242
  • Configure the "identity" setting for the "IIS Application Pools service" to organizational standards., CC ID: 09243
  • Configure the "worker process isolation" setting to organizational standards., CC ID: 09244
  • Configure the "Recycle worker process (in minutes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09245
  • Configure the "Recycle worker process (number of requests)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09246
  • Configure the "Maximum virtual memory (in megabytes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09247
  • Configure the "Maximum used memory (in megabytes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09248
  • Configure the "Shutdown worker processes after being idle (time in minutes)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09249
  • Configure the "Limit the kernel request queue (number of requests)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09250
  • Configure the "Enable pinging" setting for the "IIS Application Pool" to organizational standards., CC ID: 09251
  • Configure the "Ping worker process every (frequency in seconds)" setting for the "IIS Application Pool" to organizational standards., CC ID: 09252
  • Configure the "Enable rapid-fail protection" setting for the "IIS Application Pool" to organizational standards., CC ID: 09253
  • Configure the "Enable rapid-fail protection - Failures" setting for the "IIS Application Pool" to organizational standards., CC ID: 09254
  • Configure the "Enable rapid-fail protection - Time Period" setting for the "IIS Application Pool" to organizational standards., CC ID: 09255
  • Configure the "auditing" setting for the "MetaBase.xml" file to organizational standards., CC ID: 09256


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



This control is an implied control and is included to maintain the legal hierarchy for your selected controls.