The Network Security: Restrict NTLM: Incoming NTLM traffic setting should be configured correctly. This policy setting allows you to deny or allow incoming NTLM traffic. This policy is supported on at least Windows 7 or Windows Server 2008 R2. Note: Block events are recorded on this computer in the Operational Log located under the Applications and Services Log/Microsoft/Windows/NTLM. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network Security: Restrict NTLM: Incoming NTLM traffic (2) KEY: HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictReceivingNTLMTraffic