Check: 3.042
Win2k8 R2 Audit:
3.042
(in version v1 r8)
Title
Outgoing secure channel traffic will be signed when possible. (Cat II impact)
Discussion
Requests sent on the secure channel are authenticated, and sensitive information (such as passwords) is encrypted, but the channel is not integrity checked. If this policy is enabled, all outgoing secure channel traffic should be signed.
Check Content
Fix Text
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “Domain Member: Digitally sign secure channel data (when possible)” to “Enabled”.
Additional Identifiers
Rule ID: SV-32307r1_rule
Vulnerability ID: V-1164
Group Title: Signing of Secure Channel Traffic
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |