The Enable rapid-fail protection monitor must be enabled.
A worker process handles all application execution, including authentication and authorization, as well as, ISAPI filter and extension loading. This executable process is called W3WP.exe. When acting as the worker process manager, the www service is responsible for controlling the lifetime of all worker processes that are processing requests. The management console allows it to configure options, such as when to start or recycle a worker process, how many requests to serve before recycling, and what to do if the worker becomes blocked or unable to continue processing requests.
1. Open the IIS Manager > Right click on the desired Application Pool > Select Properties > Select the Health tab. 2. Ensure the Enable rapid-fail protection monitor is enabled and the value is set to 5 or less.
1. Open the IIS Manager > Right click on the Application Pool that corresponded to the website being reviewed > Select Properties > Select the Health tab. 2. Ensure the Enable rapid-fail protection monitor is enabled and the value is set to 5 or less. If the value is not set properly, this is a finding. NOTE: This vulnerability can be documented locally by the ISSM/ISSO if the site has operational reasons for an increased value. If the ISSM/ISSO has approved this change in writing, this should be marked as not a finding.