U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

SharePoint Server 2007 Security Guide 1.0 Checklist Details (Checklist Revisions)

SCAP 1.1 Content:

Supporting Resources:

Target:

Target CPE Name
Microsoft Office SharePoint Server 2007 cpe:/a:microsoft:sharepoint_server:2007 (View CVEs)

Checklist Highlights

Checklist Name:
SharePoint Server 2007 Security Guide
Checklist ID:
242
Version:
1.0
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: National Security Agency
Original Publication Date:
09/30/2009

Checklist Summary:

Microsoft Office SharePoint Server 2007 is a server program that is part of the 2007 Microsoft Office system. Office SharePoint Server 2007 provides a single, integrated location where employees can collaborate with team members, share documents, manage content and workflow, and supply access to information that is essential to organizational goals and processes. This documents main focus is on the SharePoint Server 2007 Portal which is the backbone of SharePoint deployments. This document provides security guidance on SharePoint Server 2007 Standard Edition hosted on Microsoft Windows Server 2003 Standard Edition. This guide does not consider the installation, configuration, or operation of this product on other Windows or non-Windows platforms. This document assumes that the reader is familiar with SharePoint Server 2007 and will refer to product documentation as needed in order to implement recommendations contained in this guide. The reader should also be familiar with Windows 2003 Server administration. This document also assumes that the baseline platform configuration of the Windows Server 2003 server and SharePoint Server 2007 are up-to-date in terms of installed service packs and hotfixes.

Checklist Role:

  • Application Server

Known Issues:

No known issues.

Target Audience:

System Administrator or System Auditor. Knowledge of Windows Operating Systems.

Target Operational Environment:

  • Managed

Testing Information:

Windows Server 2003 Standard Edition. Not tested in an operational environment.

Regulatory Compliance:

Yes. Maps to NIST SP 800-53 controls.

Comments/Warnings/Miscellaneous:

Comments contained in checklist.

Disclaimer:

None.

Product Support:

Applying this checklist will not affect software support from Microsoft.

Point of Contact:

Shirley@thecouch.ncsc.mil

Sponsor:

Produced without Microsoft Sponsorship.

Licensing:

Open Source

Change History: 

Not provided.
Change 'author' from MITRE to NSA

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 07/11/2011