[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-8917-7

Platform: win7Date: (C)2012-05-18   (M)2017-10-17



The 'Network Security: Restrict NTLM: Add server exceptions in this domain' setting should be configured correctly.


Parameter: list of servers


Technical Mechanism: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network Security: Restrict NTLM: Add server exceptions in this domain (2) Registry Key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DCAllowedNTLMServers

References:

Resource IdReference
Microsoft Security Compliance Management Toolkit for Windows 7, Version 1.0: "Windows 7 Security Baseline Settings.xlsm" spreadsheetWorksheet: Computer Policy Settings; Row: 148
Microsoft Security Compliance Management Toolkit for Windows 7, Version 1.0: "Windows 7 Security Baseline.xml"Setting Index #924: This policy setting allows you to create an exception list of servers in this domain to which clients are allowed to use NTLM pass-through authentication if the "Network Security: Restrict NTLM: Deny NTLM authentication in this domain" is set.
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:14677


CPE    1
cpe:/o:microsoft:windows_7
OVAL    1
oval:org.secpod.oval:def:14677
XCCDF    2
xccdf_org.secpod_benchmark_general_Windows_7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_7

© 2013 SecPod Technologies