[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Validate smart card certificate usage rule compliance: Object identifier

ID: oval:org.secpod.oval:def:14691Date: (C)2013-08-13   (M)2017-10-21
Class: COMPLIANCEFamily: windows




This policy setting allows you to associate an object identifier from a smart card certificate to a BitLocker-protected drive. This policy setting is applied when you turn on BitLocker. The object identifier is specified in the enhanced key usage (EKU) of a certificate. BitLocker can identify which certificates may be used to authenticate a user certificate to a BitLocker-protected drive by matching the object identifier in the certificate with the object identifier that is defined by this policy setting. Default object identifier is 1.3.6.1.4.1.311.67.1.1 Note: BitLocker does not require that a certificate have an EKU attribute, but if one is configured for the certificate it must be set to an object identifier (OID) that matches the OID configured for BitLocker. If you enable this policy setting, the object identifier specified in the "Object identifier" box must match the object identifier in the smart card certificate. If you disable or do not configure this policy setting, a default object identifier is used. Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance\Object identifier (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE!CertificateOID

Platform:
Microsoft Windows 7
Reference:
CCE-9062-1
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9062-1
XCCDF    2
xccdf_org.secpod_benchmark_general_Windows_7
xccdf_org.secpod_benchmark_PCI_3_2_Windows_7

© 2013 SecPod Technologies