Check: WN12-GE-000020
Microsoft Windows Server 2012/2012 R2 Member Server STIG:
WN12-GE-000020
(in versions v3 r7 through v2 r16)
Title
Software certificate installation files must be removed from Windows 2012/2012 R2. (Cat II impact)
Discussion
Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.
Check Content
Search all drives for *.p12 and *.pfx files. If any files with these extensions exist, this is a finding. This does not apply to server-based applications that have a requirement for certificate files or Adobe PreFlight certificate files. Some applications create files with extensions of .p12 that are not certificate installation files. Removal of non-certificate installation files from systems is not required. These must be documented with the ISSO.
Fix Text
Remove any certificate installation files (*.p12 and *.pfx) found on a system. This does not apply to server-based applications that have a requirement for certificate files, Adobe PreFlight certificate files, or non-certificate installation files with the same extension.
Additional Identifiers
Rule ID: SV-225431r569185_rule
Vulnerability ID: V-225431
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |