[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

System cryptography: Force strong key protection for user keys stored on the computer

ID: oval:org.secpod.oval:def:8845Date: (C)2013-01-21   (M)2023-05-09
Class: COMPLIANCEFamily: windows




The System cryptography: Force strong key protection for user keys stored on the computer setting should be configured correctly. This policy setting determines whether users private keys (such as their S-MIME keys) require a password to be used. If you configure this policy setting so that users must provide a password-distinct from their domain password-every time that they use a key, then it will be more difficult for an attacker to access locally stored keys, even an attacker who discovers logon passwords. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\System cryptography: Force strong key protection for user keys stored on the computer (2) KEY: HKLM\Software\Policies\Microsoft\Cryptography\ForceKeyProtection

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11035-3
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11035-3
XCCDF    5
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2008_R2
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_SecPod_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2
...

© SecPod Technologies