Check: 3.154
Win7 Audit:
3.154
(in version v1 r16)
Title
Configure Kerberos encryption types. (Cat II impact)
Discussion
This setting configures a minimum encryption type for Kerberos preventing the use of the DES encryption suites.
Check Content
Fix Text
Configure the policy value for “Network Security: Configure encryption types allowed for Kerberos” to “Enabled” with only the following selected: RC4_HMAC_MD5 AES128_HMAC_SHA1 AES256_HMAC_SHA1 Future encryption types
Additional Identifiers
Rule ID: SV-25277r1_rule
Vulnerability ID: V-21954
Group Title: Kerberos Encryption Types
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |