Check: AADC-CN-000955
Adobe Acrobat Professional DC Continuous Track STIG:
AADC-CN-000955
(in version v2 r1)
Title
Adobe Acrobat Pro DC Continuous FIPS mode must be enabled. (Cat II impact)
Discussion
Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.
Check Content
Verify the following registry configuration: Using the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 If the value for bFIPSMode is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding. Admin Template path: User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' must be set to 'Enabled'.
Fix Text
Configure the following registry value: Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Adobe\Adobe Acrobat\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 Configure the policy value for User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' to 'Enabled'.
Additional Identifiers
Rule ID: SV-245874r766580_rule
Vulnerability ID: V-245874
Group Title: SRG-APP-000416
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002450 |
The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. |
Controls
Number | Title |
---|---|
SC-13 |
Cryptographic Protection |