I need a solution
I have been doing the RT*M and see that it is "suggested" that we start with the CORE policy and tailor from there. I cannot find any White Papers on CSP/Exchange best practice. Core is applied and prevention is "disabled" on the 9 nodes in the cluster for the time being while I gather logs. With the generic config described, if I enable as is, will it break Exchange? Does anyone have documantation that describes a CSP/Exchange deployment?
Suggestions on appropriate tailoring would be appreciated.
Warnings on what to avoid would be VERY welcome.
Thank you.