18.10.55.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'

Information

This policy setting allows users to have their feeds authenticated through the basic authentication scheme over an unencrypted HTTP connection.

The recommended state for this setting is: Disabled

Windows RSS Platform authenticates feeds to servers by using the Basic authentication scheme in combination with a less secure HTTP connection, which could lead to credential compromise or a data leak.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled :

Computer Configuration\Policies\Administrative Templates\Windows Components\RSS Feeds\Turn on Basic feed authentication over HTTP

Note: This Group Policy path is provided by the Group Policy template InetRes.admx/adml that is included with all versions of the Microsoft Windows Administrative Templates.

Impact:

Users will not be able to use the Basic authentication feature in the RSS Platform.

See Also

https://workbench.cisecurity.org/benchmarks/17610

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(6)

Plugin: Windows

Control ID: 76511e5dd3c28351ad16a1b6d478a99e1b28609dc2192878cd160ba21f93bd96