|Finding ID||Version||Rule ID||IA Controls||Severity|
|Making certain that the web server has not been updated by an unauthorized user is always a concern. Adding patches, functions, and modules that are untested and not part of the baseline opens the possibility for security risks. The web server must offer, and not hinder, a method that allows for the quick and easy reinstallation of a verified and patched baseline to guarantee the production web server is up-to-date and has not been modified to add functionality or expose security risks. When the web server does not offer a method to roll back to a clean baseline, external methods, such as a baseline snapshot or virtualizing the web server, can be used.|
|Microsoft IIS 10.0 Server Security Technical Implementation Guide||2022-12-09|
|Check Text ( C-20278r310893_chk )|
| Interview the System Administrator for the IIS 10.0 web server. |
Ask for documentation on the disaster recovery methods tested and planned for the IIS 10.0 web server in the event of the necessity for rollback.
If documentation for a disaster recovery has not been established, this is a finding.
|Fix Text (F-20276r310894_fix)|
| Prepare documentation for disaster recovery methods for the IIS 10.0 web server in the event of the necessity for rollback. |
Document and test the disaster recovery methods designed.