7.8 Ensure DES Cipher Suites is disabled

Information

DES is a weak symmetric-key cipher. It is recommended that it be disabled.

Rationale:

By disabling DES, there is a better chance of maintaining data confidentiality and integrity.

Solution

To disable DES 56/56, ensure the following key is absent. If the key is present, ensure it is set to 0.

HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56\Enabled

See Also

https://workbench.cisecurity.org/benchmarks/14293

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13

Plugin: Windows

Control ID: 799024ef9252aab88c63e28979c6236c1e47d3bfe71bf541b90e659b1e40a63b