--%> SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)
[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-43775-6

Platform: win10Date: (C)2016-09-23   (M)2017-10-18



Disable: 'Network Security: Restrict NTLM: Incoming NTLM traffic' for RestrictReceivingNTLMTraffic This policy setting allows you to deny or allow incoming NTLM traffic. This policy is supported on at least Windows 7 or Windows Server 2008 R2. Note: Block events are recorded on this computer in the "Operational" Log located under the Applications and Services Log/Microsoft/Windows/NTLM. Counter Measure: Configure Network Security: Restrict NTLM: Incoming NTLM traffic to Deny all accounts Potential Impact: If you select "Allow all" or do not configure this policy setting, the server will allow all NTLM authentication requests. If you select "Deny all domain accounts," the server will deny NTLM authentication requests for domain logon and display an NTLM blocked error, but allow local account logon. If you select "Deny all accounts," the server will deny NTLM authentication requests from incoming traffic and display an NTLM blocked error."


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network Security: Restrict NTLM: Incoming NTLM traffic (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictReceivingNTLMTraffic

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35308


OVAL    1
oval:org.secpod.oval:def:35308
XCCDF    2
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10

© 2013 SecPod Technologies