Detections
Analytics

1.1.3.11.2 Set 'Network security: Minimum session security for NTLM SSP based servers' to 'Require NTLMv2 session security'

Information

Set 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' to 'Require NTLMv2 session security,Require 128-bit encryption'
This policy setting determines which behaviors are allowed for applications using the NTLM Security Support Provider.

Solution

Make sure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to require NTLMv2 session security and 128-bit encryption.

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|13

Plugin: Windows

Control ID: 234dd1ff779687139612878a330646086c141e96a0998ebe50dd225b43cb3eb2