Detections
Analytics

1.1.3.11.7 Set 'Network security: Minimum session security for NTLM SSP based clients' to 'Require NTLMv2 session security'

Information

Set 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' to 'Require NTLMv2 session security,Require 128-bit encryption'
This policy setting determines which behaviors are allowed for applications using the NTLM Security Support Provider.

Solution

Make sure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to require NTLMv2 session security and 128-bit encryption.

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv6|13

Plugin: Windows

Control ID: 5096dad0f4ea65d322c45f1c6f403a6a3796fece28faff8d4540781cd95465ac