Windows Credential Guard Disabled

info Nessus Plugin ID 100994

Synopsis

Windows Credential Guard is disabled on the remote Windows host.

Description

Windows Credential Guard is disabled on the remote Windows host.

Credential Guard prevents attacks such as such as Pass-the-Hash or Pass-The-Ticket by protecting NTLM password hashes, Kerberos Ticket Granting Tickets, and credentials stored by applications as domain credentials.

Solution

Enable Credential Guard per your corporate security guidelines.

See Also

http://www.nessus.org/u?fb8c8c37

Plugin Details

Severity: Info

ID: 100994

File Name: wmi_cred_guard.nbin

Version: 1.191

Type: local

Agent: windows

Family: Windows

Published: 6/22/2017

Updated: 3/26/2024

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/Registry/Enumerated, SMB/ARCH, SMB/WMI/Available

Reference Information

IAVA: 0001-A-0649