DISA STIG for Microsoft Dot Net Framework 4.0 v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG for Microsoft Dot Net Framework 4.0 v2r1

Updated: 2/27/2023

Authority: DISA STIG

Plugin: Windows

Revision: 1.5

Estimated Item Count: 26

Audit Items

Description	Categories
APPNET0031 - Digital signatures assigned to strongly named assemblies must be verified.	IDENTIFICATION AND AUTHENTICATION
APPNET0046 - The Trust Providers Software Publishing State must be set to 0x23C00.	IDENTIFICATION AND AUTHENTICATION
APPNET0048 - Developer certificates used with the .NET Publisher Membership Condition must be approved by the IAO.	SECURITY ASSESSMENT AND AUTHORIZATION
APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected.	IDENTIFICATION AND AUTHENTICATION
APPNET0055 - CAS and policy configuration files must be backed up.	CONTINGENCY PLANNING
APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - applications	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - machine	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0061 - .Net Framework versions installed on the system must be supported.	CONFIGURATION MANAGEMENT
APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - applications	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules - machine	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0063 - .NET must be configured to validate strong names on full-trust assemblies - Wow6432Node	SYSTEM AND SERVICES ACQUISITION
APPNET0063 - .NET must be configured to validate strong names on full-trust assemblies.	SYSTEM AND SERVICES ACQUISITION
APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance - applications	SYSTEM AND SERVICES ACQUISITION
APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance - machine	SYSTEM AND SERVICES ACQUISITION
APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4 - applications	ACCESS CONTROL
APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4 - machine	ACCESS CONTROL
APPNET0066 - .NET default proxy settings must be reviewed and approved - applications	ACCESS CONTROL
APPNET0066 - .NET default proxy settings must be reviewed and approved - machine	ACCESS CONTROL
APPNET0067 - Event tracing for Windows (ETW) for Common Language Runtime events must be enabled - applications	AUDIT AND ACCOUNTABILITY
APPNET0067 - Event tracing for Windows (ETW) for Common Language Runtime events must be enabled - machine	AUDIT AND ACCOUNTABILITY
APPNET0070 - Software utilizing .Net 4.0 must be identified and relevant access controls configured.	CONFIGURATION MANAGEMENT
APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - applications	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - machine	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0075 - Disable TLS RC4 cipher in .Net	SYSTEM AND COMMUNICATIONS PROTECTION
APPNET0075 - Disable TLS RC4 cipher in .Net - Wow6432Node	SYSTEM AND COMMUNICATIONS PROTECTION
DISA_STIG_Microsoft_Dot_Net_Framework_4.0_v2r1.audit from DISA Microsoft DotNet Framework 4.0 v2r1 STIG

Detections

Analytics

DISA STIG for Microsoft Dot Net Framework 4.0 v2r1

Warning! Audit Deprecated

Audit Details

Audit Items