Microsoft Lync 2013 STIG

Version	Date	Finding Count (3)			Downloads
1	2018-04-04 2014-04-03 2014-04-03 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2015-04-13 2014-04-03 2014-04-03	CAT I (High): 0	CAT II (Med): 3	CAT III (Low): 0	Excel	JSON	XML

STIG Description
The Microsoft Lync 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive	II - Mission Support Classified	II - Mission Support Public	II - Mission Support Sensitive	III - Administrative Classified	III - Administrative Public	III - Administrative Sensitive

Finding ID	Severity	Title	Description
V-40778	Medium	In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP.	Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat. The Lync client has a...
V-40776	Medium	The ability of Lync to store user passwords must be disabled.	Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat. These features require...
V-40777	Medium	Session Initiation Protocol (SIP) security mode must be configured.	Lync 2013 provides a single, unified client for real-time communications, including voice and video calls, Lync Meetings, presence, instant messaging, and persistent chat, using the Session...