Select the 'Set client connection encryption level' to low_level This policy setting specifies whether the computer that is about to host the remote connection will enforce an encryption level for all data sent between it and the client computer for the remote session. Counter Measure: Configure the Set Client Connection Encryption Level setting to High Level. Potential Impact: Clients that do not support 128-bit encryption will be unable to establish Terminal Server sessions.

[low level/client compatible/high level/disable]

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSecuritySet client connection encryption level (2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal ServicesMinEncryptionLevel