Check: WN11-00-000120
Microsoft Windows 11 STIG:
WN11-00-000120
(in versions v2 r2 through v1 r1)
Title
The TFTP Client must not be installed on the system. (Cat II impact)
Discussion
The "TFTP Client" is not installed by default. Some protocols and services do not support required security features, such as encrypting passwords or traffic.
Check Content
Verify TFTP Client has not been installed. Navigate to the Windows\System32 directory. If the "TFTP" application exists, this is a finding.
Fix Text
Uninstall "TFTP Client" from the system. Run "Programs and Features". Select "Turn Windows Features on or off". De-select "TFTP Client".
Additional Identifiers
Rule ID: SV-253279r958480_rule
Vulnerability ID: V-253279
Group Title: SRG-OS-000096-GPOS-00050
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000382 |
Configure the system to prohibit or restrict the use of organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |