Adobe Acrobat Pro DC Continuous FIPS mode must be enabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-79375	AADC-CN-000955	SV-94081r1_rule		Medium

Description
Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.

STIG	Date
Adobe Acrobat Professional DC Continuous Security Technical Implementation Guide	2018-04-30

Details

Check Text ( C-78989r3_chk )
Verify the following registry configuration: Using the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 If the value for bFIPSMode is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding. Admin Template path: User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' must be set to 'Enabled'. This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.

Check Text ( C-78989r3_chk )

Verify the following registry configuration:

Using the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\DC\AVGeneral

Value Name: bFIPSMode
Type: REG_DWORD
Value: 1

If the value for bFIPSMode is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding.

Admin Template path: User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' must be set to 'Enabled'.

This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.

Fix Text (F-86147r4_fix)
Configure the following registry value: Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Adobe\Adobe Acrobat\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 Configure the policy value for User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' to 'Enabled'. This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.

Fix Text (F-86147r4_fix)

Configure the following registry value:

Registry Hive:
HKEY_CURRENT_USER
Registry Path:
\Software\Adobe\Adobe Acrobat\DC\AVGeneral

Value Name: bFIPSMode
Type: REG_DWORD
Value: 1
Configure the policy value for User Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > 'Enable FIPS' to 'Enabled'.

This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.