Encryption Oracle Remediation
This policy setting applies to applications using the CredSSP component (for example: Remote Desktop Connection).
Some versions of the CredSSP protocol are vulnerable to an encryption oracle attack against the client. This policy controls compatibility with vulnerable clients and servers. This policy allows you to set the level of protection desired for the encrypti ...
This is a machine-specific setting which applies to any user who logs onto the specified machine while this policy is in effect.
This policy is in effect when a network folder is determined, as specified by the ?Configure slow-link mode? policy, to be in ?slow-link? mode.
For network folders in slow-link mode, a sync will be initiated in the background on a regular basis, according to these sett ...
This policy setting determines the least number of characters that make up a password for a user account. There are many different theories about how to determine the best password length for an organization, but perhaps "pass phrase" is a better term than "password." In Microsoft Windows 2000 or later, pass phrases can be quite long and can include spaces. Ther ...
This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve logon performance and to increase security for user data on computers where the user might not want to download private data, such as on a meeting room computer or on a computer in a remote office.
To designate a user's primary computers, an ad ...
Automatic actions must be disabled for picture CDs. Applications should not be configured to launch automatically when a disk is inserted. This potentially circumvents anti virus software and allows malicious users to craft disks that can exploit user applications. Disabling Automatic Actions for picture CDs mitigates this risk.
This policy setting saves copies of transform files in a secure location on the local computer.
Transform files consist of instructions to modify or customize a program during installation.
If you enable this policy setting, the transform file is saved in a secure location on the user's computer.
If you do not configure this policy setting on Windows Server 2003, Windows Installer requ ...
This policy setting determines the cipher suites used by the SMB server.
If you enable this policy setting, cipher suites are prioritized in the order specified.
If you enable this policy setting and do not specify at least one supported cipher suite, or if you disable or do not configure this policy setting, the default cipher suite order is used.
SMB 3.11 cipher suites:
AES_1 ...