7.3 Ensure SSLv3 is disabled

Information

This protocol is not considered cryptographically secure. Disabling it is recommended.

Disabling weak protocols will help ensure the confidentiality and integrity of in-transit data.

Solution

Perform the following to disable SSL 3.0:
1. Set the following key to 0.
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server\Enabled

See Also

https://workbench.cisecurity.org/files/165

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CSCv6|9.1

Plugin: Windows

Control ID: 2e3779db1cd6c65e895b9b1a4d86ca23b0ae488468e68c77409a548e73585f0f