1.7.10 Disable RC4 Cipher Suites - 'RC4 56/128'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The use of RC4 may increase an adversaries ability to read sensitive information sent over SSL/TLS.

Solution

to disable rc4 40/128, ensure the following key is absent. if the key is present, ensure it is set to 0. hklm \system\currentcontrolset\control\securityproviders\schannel\ciphers\rc4 40/128\enabled to disable rc4 56/128, ensure the following key is absent. if the key is present, ensure it is set to 0. hklm\system\currentcontrolset\control\securityproviders\schannel\ciphers\rc4 56/128\enabled to disable rc4 64/128, ensure the following key is absent. if the key is present, ensure it is set to 0. hklm\system\currentcontrolset\control\securityproviders\schannel\ciphers\rc4 64/128\enabled to disable rc4 128/128, ensure the following key is set to 0. rc4 128/128 is not enabled by default on server 2008 sp2 but is enabled by default on r2. hklm\system\currentcontrolset\control\securityproviders\schannel\ciphers\rc4 128/128\enabled

See Also

https://benchmarks.cisecurity.org/tools2/iis/CIS_Microsoft_IIS_7_Benchmark_v1.7.1.pdf

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8

Plugin: Windows

Control ID: bc1936024288ee4066483b17dd62c722a6d2710d023c000750a45380cceb6f75