Detections
Analytics
WN11-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.
Information
This setting ensures that the system uses algorithms that are FIPS-compliant for encryption, hashing, and signing. FIPS-compliant algorithms meet specific standards established by the U.S. Government and must be the algorithms used for all OS encryption functions.Solution
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' to 'Enabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_11_V2R7_STIG.zip
Item Details
Audit Name: DISA Microsoft Windows 11 STIG v2r7
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-13, CAT|II, CCI|CCI-002450, Rule-ID|SV-253466r1137699_rule, STIG-ID|WN11-SO-000230, Vuln-ID|V-253466
Plugin: Windows
Control ID: 95af0f4d63c822c94e2d83f12434525262d484b5c92b482e1519f97a3901fada