Conducted by: Jeremy Drennan

Overview:

Initial State: This server is freshly configured and patched satisfying our companies Vulnerability Management Program. However, this device is not compliant with DISA’'s STIG and requires some attention.

End State: We will have implemented at least 10 STIG’s with PowerShell in order to make this process repeatable and expansible so we can quickly STIG the rest of the servers on our network.

Technology / Resources Utilized

• Tenable (enterprise vulnerability management platform)
• Azure Virtual Machines (Tenable Scan Engine + scan targets)
• PowerShell (remediation scripts)
• DISA STIG Windows Server 2022 V2R4

System Scan Results

J-Scan-STIG-2K22 - Initial Scan.pdf

J-Scan-STIG-2K22 - Final Scan-1.pdf