Check: 3.150
Win7 Audit:
3.150
(in version v1 r16)
Title
Configure the SPN target name validation level. (Cat II impact)
Discussion
This setting helps prevent spoofing; ensuring that if a service principle name (SPN) is provided by the client, it is validated against the server’s list of SPNs.
Check Content
Fix Text
Configure the policy value for “Microsoft network server: Server SPN target name validation level” to “Accept if provided by client”.
Additional Identifiers
Rule ID: SV-25273r1_rule
Vulnerability ID: V-21950
Group Title: SPN Target Name Validation Level
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |