Detections
Analytics

1.1.3.11.7 Set 'Network security: Minimum session security for NTLM SSP based clients' to 'Require NTLMv2 session security'

Information

Set 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' to 'Require NTLMv2 session security,Require 128-bit encryption'
This policy setting determines which behaviors are allowed for applications using the NTLM Security Support Provider.

Solution

Make sure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to require NTLMv2 session security and 128-bit encryption.

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|13

Plugin: Windows

Control ID: 06a907ea4758ad563c6d298d4cb8b76ad5f7409999a4a4b2886eb100399e89db