WN11-CC-000360 - The Windows Remote Management (WinRM) client must not use Digest authentication.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Digest authentication is not as strong as other options and may be subject to man-in-the-middle attacks.


Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> 'Disallow Digest authentication' to 'Enabled'.

See Also


Item Details

References: CAT|II, CCI|CCI-000877, Rule-ID|SV-253421r829347_rule, STIG-ID|WN11-CC-000360, Vuln-ID|V-253421

Plugin: Windows

Control ID: 1a08b002ddbba18d553fbffac5a0c42e74b89901d73f48709c8b28d7c7f0f3cf