System32
Sysmon
Events
Compliance
Validator
TLS/SSL
GeoIP
Tools
Security Technical Implementation Guides (STIGs)
Product
Microsoft IIS 10.0 Site Security
(3)
Severity
Medium
(2)
Low
(1)
SRG
SRG-APP-000516-WSR-000174
(3)
CCIs
CCI-000366
(3)
STIG IDs
IIST-SV-000158
(1)
IIST-SV-000159
(1)
IIST-SV-000205
(1)
Rule IDs
SV-218824r961863_rule
(1)
SV-218825r1067593_rule
(1)
SV-218827r1112380_rule
(1)
Tags
AppLocker
All AppLocker events
EventSentry
All EventSentry events
Security
All Windows Security events
stig
All stig events
Vulnerability ID
Severity
Description
V-218824
Medium
Unspecified file extensions on a production IIS 10.0 web server must be removed
V-218825
Medium
The IIS 10.0 web server must have a global authorization rule configured to restrict access
V-218827
Low
The IIS 10.0 web server must enable HTTP Strict Transport Security (HSTS)