[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-41597-6

Platform: win10Date: (C)2016-09-23   (M)2017-10-18



Disable: 'Network security: Allow Local System to use computer identity for NTLM' for UseMachineId When enabled, this policy setting causes Local System services that use Negotiate to use the computer identity when NTLM authentication is selected by the negotiation. This policy is supported on at least Windows 7 or Windows Server 2008 R2. Counter Measure: Configure Network security: Allow Local System to use computer identity for NTLM to Enabled. Potential Impact: If you enable this policy setting, services running as Local System that use Negotiate will use the computer identity. This might cause some authentication requests between Windows operating systems to fail and log an error. If you disable this policy setting, services running as Local System that use Negotiate when reverting to NTLM authentication will authenticate anonymously. This was the behavior in previous versions of Windows."


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network security: Allow Local System to use computer identity for NTLM (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\UseMachineId

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:34997


OVAL    1
oval:org.secpod.oval:def:34997
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© 2013 SecPod Technologies