[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-37130-2

Platform: win2012r2Date: (C)2015-10-08   (M)2018-03-26



Domain member: Digitally encrypt secure channel data (when possible) This policy setting determines whether a domain member should attempt to negotiate encryption for all secure channel traffic that it initiates. If you enable this policy setting, the domain member will request encryption of all secure channel traffic. If you disable this policy setting, the domain member will be prevented from negotiating secure channel encryption. Microsoft recommends to configure the Domain member: Digitally encrypt secure channel data (when possible) setting to Enabled.


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Domain member: Digitally encrypt secure channel data (when possible) (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters!sealsecurechannel

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:22874


OVAL    1
oval:org.secpod.oval:def:22874
XCCDF    3
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
xccdf_org.secpod_benchmark_general_Windows_2012_R2
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2

© SecPod Technologies