The Exchange local machine policy must require signed scripts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-69811 | EX13-EG-000075 | SV-84433r1_rule | Medium |
| Description |
|---|
| Scripts, especially those downloaded from untrusted locations, often provide a way for attackers to infiltrate a system. By setting machine policy to prevent unauthorized script executions, unanticipated system impacts can be avoided. |
| STIG | Date |
|---|---|
| MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide | 2019-03-11 |
Details
| Check Text ( C-70263r1_chk ) |
|---|
| Open the Exchange Management Shell and enter the following command: Get-ExecutionPolicy If the value returned is not RemoteSigned, this is a finding. |
| Fix Text (F-76023r1_fix) |
|---|
| Open the Exchange Management Shell and enter the following command: Set-ExecutionPolicy RemoteSigned |