STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide

V-221216

CAT II (Medium)

The Exchange local machine policy must require signed scripts.

Rule ID

SV-221216r960954_rule

STIG

Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide

Version

V2R6

CCIs

CCI-001749

Discussion

Scripts, especially those downloaded from untrusted locations, often provide a way for attackers to infiltrate a system. By setting machine policy to prevent unauthorized script executions, unanticipated system impacts can be avoided.

Check Content

Open the Exchange Management Shell and enter the following command:

Get-ExecutionPolicy

If the value returned is not "RemoteSigned", this is a finding.

Fix Text

Open the Exchange Management Shell and enter the following command:

Set-ExecutionPolicy RemoteSigned