WN16-00-000270 - Software certificate installation files must be removed from Windows Server 2016.

Information

Use of software certificates and their accompanying installation files for end users to access resources is less secure than the use of hardware-based certificates.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Remove any certificate installation files (*.p12 and *.pfx) found on a system.

Note: This does not apply to server-based applications that have a requirement for .p12 certificate files or Adobe PreFlight certificate files.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R3_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-12, CAT|II, CCI|CCI-000366, Rule-ID|SV-224842r569186_rule, STIG-ID|WN16-00-000270, STIG-Legacy|SV-87923, STIG-Legacy|V-73271, Vuln-ID|V-224842

Plugin: Windows

Control ID: 273944aa39614a2eded5083bb4f9ef5385208ca8f5901c989687220831dc7d1a