An error occurred:

Check: EDGE-00-000048

Microsoft Edge STIG: EDGE-00-000048 (in versions v2 r2 through v1 r2)

Title

Supported authentication schemes must be configured. (Cat II impact)

Discussion

This setting specifies which HTTP authentication schemes are supported. The policy can be configured by using these values: "basic", "digest", "ntlm", and "negotiate". Separate multiple values with commas. If this policy is not configured, all four schemes are used.

Check Content

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" must be set to "ntlm,negotiate". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AuthSchemes" is not set to "REG_SZ = ntlm,negotiate", this is a finding.

Fix Text

Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" to "ntlm,negotiate".

Additional Identifiers

Rule ID: SV-235761r960966_rule

Vulnerability ID: V-235761

Group Title: SRG-APP-000142

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000382

Configure the system to prohibit or restrict the use of organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7

Least Functionality