Windows OS: Must not have the Microsoft FTP service installed


Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.


To fix this:
Uninstall the "FTP Server" role.
- Start "Server Manager".
- Select the server with the role.
- Scroll down to "ROLES AND FEATURES" in the right pane.
- Select "Remove Roles and Features" from the drop-down "TASKS" list.
- Select the appropriate server on the "Server Selection" page and click "Next".
- Deselect "FTP Server" under "Web Server (IIS)" on the "Roles" page.
- Click "Next" and "Remove" as prompted.

STIG: Server 2019:
Server 2016: