From MS SharePoint 2010 Security Technical Implementation Guide
Part of SRG-APP-000264-COL-000169
Associated with: CCI-002421
Preventing the disclosure of transmitted information requires that applications take measures to using a cryptographic mechanism to protect the information during transmission. This is usually achieved through the use of TLS, SSL, or Internet Protocol Security (IPSec) Virtual Private Network (VPN).
1. In SharePoint Central Administration, click Application Management. 2. On the Application Management page, in the Web Applications list, click Manage web applications. 3. On the Web Applications Management page, verify that each Web Application URL begins with https. 4. Mark as a finding if the URL does not begin with https. 5. Mark as not a finding if SharePoint communications between all components and clients are protected by alternative physical measures that have been approved by the DAA.
1. Open IIS Manager. 2. In the Connections pane, expand Sites. 3. Click the Web Application site. 4. In the Actions pane, click Bindings…. 5. In the Site Bindings window, click Add. 6. In the Add Site Binding window, change Type to https and select the site’s SSL certificate. 7.Click OK and then click Close.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer