Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
WN12-00-000018 | WN12-00-000018 | WN12-00-000018_rule | High |
Description |
---|
Unencrypted access to system services may permit an intruder to intercept user identification and passwords that are being transmitted in clear text. This could give an intruder unlimited access to the network. |
STIG | Date |
---|---|
Microsoft Windows Server 2012 Domain Controller Security Technical Implementation Guide | 2013-07-25 |
Check Text ( C-WN12-00-000018_chk ) |
---|
Verify the site has a policy to ensure that encryption of userid and password information is required, and that data is encrypted according to DoD policy. If the user account used for unencrypted remote access within the enclave (premise router) has administrator privileges, this is a finding. If userid and password information used for remote access to system services from outside the enclave is not encrypted, this is a finding. |
Fix Text (F-WN12-00-000018_fix) |
---|
Establish a site policy to ensure the following are met during remote access: Userid and password information is encrypted. User data coming from or going outside the network firewall is encrypted. (Encrypting user data within the firewall is also highly recommended). Administrator data is encrypted. |