WN10-CC-000360 - The Windows Remote Management (WinRM) client must not use Digest authentication.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Digest authentication is not as strong as other options and may be subject to man-in-the-middle attacks.


Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> 'Disallow Digest authentication' to 'Enabled'.

See Also


Item Details

References: CAT|II, CCI|CCI-000877, Rule-ID|SV-220868r569187_rule, STIG-ID|WN10-CC-000360, STIG-Legacy|SV-77831, STIG-Legacy|V-63341, Vuln-ID|V-220868

Plugin: Windows

Control ID: abbe3a4baf8f6589ec9f295fcef16ade702dcb9f62c37661622a95e64a3d4137