Detections
Analytics

1.171 WN10-CC-000335

Information

The Windows Remote Management (WinRM) client must not allow unencrypted traffic.

GROUP ID: V-220863RULE ID: SV-220863r958848

Unencrypted remote access to a system can allow sensitive information to be compromised. Windows remote management connections must be encrypted to prevent this.

Solution

Configure the policy value for

Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> 'Allow unencrypted traffic'

to 'Disabled'.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: MAINTENANCE

References: 800-53|MA-4(6), CCI|CCI-002890, CCI|CCI-003123, Rule-ID|SV-220863r958848_rule, STIG-ID|WN10-CC-000335, Vuln-ID|V-220863

Plugin: Windows

Control ID: 62b52bd2c09e3ee3f9394a9299183114baa786d2a21891ca4282f4943b5f46ba