Detections
Analytics

1.28 WN10-00-000130

Information

Software certificate installation files must be removed from Windows 10.

GROUP ID: V-220723RULE ID: SV-220723r991589

Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Remove any certificate installation files (*.p12 and *.pfx) found on a system.

Note: This does not apply to server-based applications that have a requirement for .p12 certificate files (e.g., Oracle Wallet Manager) or Adobe PreFlight certificate files.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CCI|CCI-000366, Rule-ID|SV-220723r991589_rule, STIG-ID|WN10-00-000130, Vuln-ID|V-220723

Plugin: Windows

Control ID: c8542a29846a5bdb420da1a8013445f014b0193d62492c5987a77e1ec71074d1