Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
SharePoint must retain the notification message or banner on the screen until users take explicit actions to log on to or further access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-28254 | SHPT-00-000240 | SV-36431r1_rule | ECWM-1 | Medium |
| Description |
|---|
| To establish acceptance of system usage policy, a click-through banner at application logon is required. The banner shall prevent further activity on the application unless and until the user executes a positive action to agree by clicking on a box indicating "OK" or agreement with the terms of the banner. The text of this banner should be customizable in the event of future user agreement changes. |
| STIG | Date |
|---|---|
| SharePoint 2010 Security Technical Implementation Guide (STIG) | 2013-10-03 |
Details
| Check Text ( C-36980r1_chk ) |
|---|
| 1. Obtain a list of all SharePoint Web applications. 2. Open a Web browser and navigate to the SharePoint Web applications home page. 3. No further access is possible to the SharePoint web application unless a positive action to agree (such as clicking on a box indicating “OK”) is required. 4. If further access to the SharePoint Web application is possible before positive action to agree, this is a finding. |
| Fix Text (F-32244r1_fix) |
|---|
| Configure the SharePoint Web application home page to not allow any further access until the user executes a positive action to agree. |