Download
| Alert*
CCE-20007-1
The '.htw' extension mapping should be configured as appropriate. CCE-19952-1 The "Enable Logging" setting should be enabled or disabled for the specified web server CCE-19994-3 The specified websites should be configured to use the appropriate network interfaces. CCE-19474-6 Integrated Windows Authentication should be enabled or disabled as appropriate the specified websites. CCE-19052-0 User agent logging should be enabled or disabled as appropriate for the specified websites. CCE-19889-5 The"Log Visits" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19075-1 The '.idq' extension mapping should be configured as appropriate. CCE-19726-9 The master home directory "Execute Permissions" permission should be enabled or disabled as appropriate. CCE-19914-1 Individual IP addresses should be configured as appropriate for the specified websites. CCE-19760-8 The '.stm' extension mapping should be configured as appropriate. CCE-19599-0 IIS Sample files should be installed or not as appropriate. CCE-19979-4 The path of the HTTP Log folder should be configured correctly for the specified websites. CCE-19918-2 The startup type of the IIS Admin (IISAdmin) service should be correct. CCE-19508-1 Client IP Address logging should be enabled or disabled as appropriate for the specified websites. CCE-19812-7 Permissions on the Web Root "executables" directory should be set appropriately. CCE-19584-2 The '.printer' extension mapping should be configured as appropriate. CCE-20030-3 URI stem logging should be enabled or disabled as appropriate for the specified websites. CCE-19794-7 The size of the IIS client request buffer should should be set correctly. CCE-19951-3 The required auditing for the file Metabase.bin should be enabled. CCE-19993-5 The master home directory "Index this resource" permission should be enabled or disabled as appropriate. CCE-19051-2 The '.ida' extension mapping should be configured as appropriate. CCE-19642-8 The master home directory "Write" permission should be enabled or disabled as appropriate. CCE-19767-3 Date logging should be enabled or disabled as appropriate for the specified websites. CCE-19252-6 The master home directory "Log Visits" permission should be enabled or disabled as appropriate. CCE-19630-3 Web-based password reset IIS application mappings (.htr) should be configured correctly. CCE-19441-5 The VbBusObj.VbBusObjCls object should be enable or disabeld as appropriate. CCE-19830-9 IIS Help files should be installed or not as appropriate. CCE-19483-7 User name logging should be enabled or disabled as appropriate for the specified websites. CCE-19906-7 IIS WWW service SSL error logging should be enabled or disabled as appropriate. CCE-19834-1 Permissions on %SystemDirectory%\inetsrv\asp.dll should be set appropriately. CCE-19736-8 The master home directory "Enable Logging" setting should be enabled or disabled as appropriate. CCE-19921-6 The "Read" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19925-7 Permissions on the Web Root directory should be set appropriately. CCE-19755-8 Permissions on the Web Root "include" directory should be set appropriately. CCE-19701-2 The "Index this resource" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-20047-7 The '.idc' extension mapping should be configured as appropriate. CCE-19992-7 Relative path traversal should be enabled or disabled as appropriate for the specified websites. CCE-19743-4 Permissions on the Web Root "Images" directory should be set appropriately. CCE-19973-7 The master home directory "Integrated Windows Authentication" setting should be enabled or disabled. CCE-19849-9 Permissions on the default Logfiles directory should be set appropriately. CCE-19931-5 Server IP address logging should be enabled or disabled as appropriate for the specified websites. CCE-19434-0 The required permissions for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC should be assigned. CCE-19668-3 The '.shtml' extension mapping should be configured as appropriate. CCE-19841-6 The "Execute Permissions" permission should be set correctly for the specified websites. CCE-19709-5 The IIS Web Root directory should be named appropriately. CCE-19570-1 Basic Authentication should be enabled or disabled as appropriate for the specified websites. CCE-19728-5 The master home directory "Anonymous Access" permission for IIS websites should be enabled or disabled as appropriate. CCE-19996-8 The master home directory "Directory Browsing" permission should be enabled or disabled as appropriate. CCE-19747-5 The path of the IIS Web Root folder should be configured correctly. CCE-19367-2 The '.shtm' extension mapping should be configured as appropriate. CCE-19724-4 The "Write" privilege should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19758-2 The IUSR account should be enabled or disabled as appropriate. CCE-19985-1 Remote Account password changes should be enabled or disabled as appropriate. CCE-19378-9 The Default IWAM account should be configured correctly. CCE-19604-8 The RDSServer.DataFactory object should be enable or disabeld as appropriate. CCE-19694-9 Server port logging should be enabled or disabled as appropriate for the specified websites. CCE-19810-1 IIS Application Protection should be set correctly. CCE-19393-8 Protocol status logging should be enabled or disabled as appropriate for the specified websites. CCE-19905-9 Method logging should be enabled or disabled as appropriate for the specified websites. CCE-19920-8 The "Script Source Access" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19586-7 Permissions on the \Inetpub directory should be set appropriately. CCE-19355-7 Time logging should be enabled or disabled as appropriate for the specified websites. CCE-19540-4 The file auditing for the Metaback directory should be configured appropriately. CCE-19739-2 The master home directory "Script Source Access" permission should be enabled or disabled as appropriate. CCE-19777-2 The file auditing for the Inetpub directory should be configured appropriately. CCE-19502-4 Win32 status logging should be enabled or disabled as appropriate for the specified websites. CCE-19700-4 URL query logging should be enabled or disabled as appropriate for the specified websites. CCE-19957-0 Permissions on the %SystemDirectory%\inetsrv directory should be set appropriately. CCE-19247-6 The file auditing for the directory Web Root should be configured appropriately. CCE-19644-4 Server Side Includes should be enabled or disabled as appropriate. CCE-20027-9 The "Directory Browsing" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19953-9 Permissions on the Web Root "home" directory should be set appropriately. CCE-19368-0 The master home directory "Read" permission should be enabled or disabled as appropriate. CCE-20039-4 The sample Data Access files should be installed or not as appropriate. CCE-19900-0 The "Anonymous Access" permission should be enabled or disabled as appropriate for the home directory of the specified websites. CCE-19693-1 Permissions on the Web Root "docs" directory should be set appropriately. CCE-19651-9 IIS sample Web Printing files should be installed or not as appropriate. CCE-19851-5 The WWW service Special Characters In Shells setting should be enabled or disabled as appropriate. CCE-19874-7 Permissions on the Web Root "scripts" directory should be set appropriately. CCE-19870-5 The file auditing for the directory \%SystemRoot%\System32\Inetsrv should be configured appropriately. CCE-20031-1 The membership of the IUSR account should be configured correctly. CCE-19568-5 The AdvancedDataFactory object should be enable or disabeld as appropriate. CCE-19795-4 The master home directory "Basic Authentication" setting should be enabled or disabled. CCE-19757-4 HTTP protocol logging should be enabled or disabled as appropriate for the specified websites. |