Title

The system is not configured to meet the minimum requirement for session security for NTLM SSP based Servers. (Cat II impact)

Discussion

Microsoft has implemented a variety of security support providers for use with RPC sessions. In a homogenous Windows environment, all of the options should be enabled and testing should be performed in a heterogeneous environment to determine the maximum-security level that provides reliable functionality.

Check Content

Fix Text

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “Network security: Minimum session security for NTLM SSP based (including secure RPC) servers” to “Require NTLMv2 session security”, ”Require 128-bit encryption (all options selected).

Additional Identifiers

Rule ID: SV-29357r1_rule

Vulnerability ID: V-3666

Group Title: Session Security for NTLM SSP based Servers

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.