Configure SIP security mode

Information

When Lync connects to the server, it supports various authentication mechanisms. This policy allows the user to specify whether Digest and Basic authentication are supported.
Disabled (default): NTLM/Kerberos/TLS-DSK/Digest/Basic
Enabled:
Authentication mechanisms: NTLM/Kerberos/TLS-DSK
Gal Download: Requires HTTPS if user is not logged in as an internal user.

Solution

Policy Path: Skype for Business 2016\Microsoft Lync Feature Policies
Policy Setting Name: Configure SIP security mode

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-365-apps-for-enterprise-v2112/ba-p/3038172

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13

Plugin: Windows

Control ID: a73e3681491b48dbebe372ebd8bea4e88d30d7ebd229ffa12e33b345671d60d4