Microsoft SharePoint 2010 STIG Version 1, Release 9 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Standalone XCCDF 1.1.4 - Sunset - Microsoft SharePoint 2010 STIG - Ver 1, Rel 9
- Defense Information Systems Agency
Target:
Target | CPE Name |
---|---|
Microsoft SharePoint Server 2010 | cpe:/a:microsoft:sharepoint_server:2010 (View CVEs) |
Checklist Highlights
- Checklist Name:
- Microsoft SharePoint 2010 STIG
- Checklist ID:
- 411
- Version:
- Version 1, Release 9
- Type:
- Compliance
- Review Status:
- Archived
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 01/05/2012
Checklist Summary:
The SharePoint Security Technical Implementation Guide (STIG) provides guidance for secure configuration and usage of Microsoft's SharePoint implementation. The STIG provides security guidance for SharePoint deployments in a single server or server farm consisting of multiple servers. This overview document gives technology-specific background and information on conducting a security review for SharePoint 2010 Server. SharePoint Foundation and previous versions of SharePoint are not addressed, although there is significant overlap in the security impacts for these products.
Checklist Role:
- Application Server
Known Issues:
Not provided.
Target Audience:
This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist System Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and Systems Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
SharePoint 2010 requires 64-bit hardware for each server in the farm, including the database server, and therefore requires 64-bit versions of Windows and Microsoft SQL (Structured Query Language) Server. Windows Server 2008 is the minimum Operating System (OS) version for production servers. Minimum hardware and software requirements are available at TechNet, http://technet.microsoft.com/en-us/library/cc262485.aspx.
Regulatory Compliance:
DoD Directive (DoDD) 8500.1 DoD Instruction (DoDI) 8500.2
Comments/Warnings/Miscellaneous:
Comments or proposed revisions to this document should be sent via email to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.
Disclaimer:
Not provided.
Product Support:
fso_spt@disa.mil
Point of Contact:
fso_spt@disa.mil
Sponsor:
DoD
Licensing:
Not provided.
Change History:
Version 1, Release 5 - 25 July 2014 Version 1, Release 4 - 25 April 2014 Version 1, Release 3 - 25 October 2013 Version 1, Release 2 - 26 October 2012 Version 1, Release 1 - 23 November 2011 Version 1, Release 6 - 29 January 2015 Version 1, Release 7 - 28 October 2015 Changed status from "Under Review" to "Final" - 04 December 2015 null Updated URL to reflect change to the DISA website - http --> https updated to v1,r8 - 4/25/18 Updated to FINAL - 5/25/18 updated to Version 1, Release 9- 1/22/19 Updated to FINAL - 2/19/19 "Updated URLs - 6/11/19 Sunset per DISA - 6/11/19" Removed non-checklist content - 6/17/19 Updated URLs - 6/24/19 updated URLs - 9/11/19
Dependency/Requirements:
URL | Description |
---|
References:
Reference URL | Description |
---|---|
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/u_microsoft_sharepoint_2010_stig_release_memo.pdf | Microsoft SharePoint 2010 STIG Release Memo |