Windows OS: Must not have the Microsoft FTP service installed

b9695d6b-88c2-41e6-9fd9-611790f33f59

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.

Remediation

To fix this:
Uninstall the "FTP Server" role.
- Start "Server Manager".
- Select the server with the role.
- Scroll down to "ROLES AND FEATURES" in the right pane.
- Select "Remove Roles and Features" from the drop-down "TASKS" list.
- Select the appropriate server on the "Server Selection" page and click "Next".
- Deselect "FTP Server" under "Web Server (IIS)" on the "Roles" page.
- Click "Next" and "Remove" as prompted.

STIG: Server 2019: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93421
Server 2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2021-09-29/finding/V-224851