DISA STIG for Microsoft Dot Net Framework 4.0 v2r1

Audit Details

Name: DISA STIG for Microsoft Dot Net Framework 4.0 v2r1

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.3

Estimated Item Count: 26

File Details

Filename: DISA_STIG_Microsoft_Dot_Net_Framework_4.0_v2r1.audit

Size: 97.4 kB

MD5: 9f2961b082fecb9cb077b9470e319ed0
SHA256: bc6d9ff15111b7e45ba613045cfe38a9f2dd3fc70f5b4a7e6b2c83082b0bbdbd

Audit Items

DescriptionCategories
APPNET0031 - Digital signatures assigned to strongly named assemblies must be verified.

IDENTIFICATION AND AUTHENTICATION

APPNET0046 - The Trust Providers Software Publishing State must be set to 0x23C00.

IDENTIFICATION AND AUTHENTICATION

APPNET0048 - Developer certificates used with the .NET Publisher Membership Condition must be approved by the IAO.

IDENTIFICATION AND AUTHENTICATION

APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected.

IDENTIFICATION AND AUTHENTICATION

APPNET0055 - CAS and policy configuration files must be backed up.

AUDIT AND ACCOUNTABILITY

APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - applications

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - machine

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0061 - .Net Framework versions installed on the system must be supported.

CONFIGURATION MANAGEMENT

APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - applications

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - machine

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0063 - .NET must be configured to validate strong names on full-trust assemblies - Wow6432Node

IDENTIFICATION AND AUTHENTICATION

APPNET0063 - .NET must be configured to validate strong names on full-trust assemblies.

IDENTIFICATION AND AUTHENTICATION

APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance - applications

CONFIGURATION MANAGEMENT

APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance - machine

CONFIGURATION MANAGEMENT

APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4 - applications

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4 - machine

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0066 - .NET default proxy settings must be reviewed and approved - applications

CONFIGURATION MANAGEMENT

APPNET0066 - .NET default proxy settings must be reviewed and approved - machine

CONFIGURATION MANAGEMENT

APPNET0067 - Event tracing for Windows (ETW) for Common Language Runtime events must be enabled - applications

AUDIT AND ACCOUNTABILITY

APPNET0067 - Event tracing for Windows (ETW) for Common Language Runtime events must be enabled - machine

AUDIT AND ACCOUNTABILITY

APPNET0070 - Software utilizing .Net 4.0 must be identified and relevant access controls configured.

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - applications

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - machine

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0075 - Disable TLS RC4 cipher in .Net

CONFIGURATION MANAGEMENT

APPNET0075 - Disable TLS RC4 cipher in .Net - Wow6432Node

CONFIGURATION MANAGEMENT

DISA_STIG_Microsoft_Dot_Net_Framework_4.0_v2r1.audit from DISA Microsoft DotNet Framework 4.0 v2r1 STIG