Title

Outlook minimum encryption key length settings must be set. (Cat II impact)

Discussion

This setting allows you to set the minimum key length for an encrypted e-mail message. Satisfies: SRG-APP-000514, SRG-APP-000555, SRG-APP-000625, SRG-APP-000630, SRG-APP-000635, SRG-APP-000416

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Cyrptography "Minimum encryption settings" must be set to "Enabled: 168 bits". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\outlook\security Criteria: If the value MinEncKey is REG_DWORD = 168, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Cyrptography "Minimum encryption settings" to "Enabled: 168 bits".

Additional Identifiers

Rule ID: SV-242102r961857_rule

Vulnerability ID: V-242102

Group Title: SRG-APP-000514

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.