1.7.7 Disable NULL Cipher Suites

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

By disabling the NULL cipher, there is a better chance of maintaining data confidentiality and integrity.

Solution

To disable the NULL cipher, ensure the following key is absent. If the key is present, ensure it is set to 0. HKLM System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL\Enabled

See Also

https://benchmarks.cisecurity.org/tools2/iis/CIS_Microsoft_IIS_7_Benchmark_v1.7.1.pdf

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8

Plugin: Windows

Control ID: 4312bd7faaea7d66ff5ab00b9e8eee77ddc9d40dd44ef21e525aef690c592bbb