UCF STIG Viewer Logo

Unencrypted remote access to system services must not be permitted.


Overview

Finding ID Version Rule ID IA Controls Severity
WN12-00-000018 WN12-00-000018 WN12-00-000018_rule High
Description
Unencrypted access to system services may permit an intruder to intercept user identification and passwords that are being transmitted in clear text. This could give an intruder unlimited access to the network.
STIG Date
Microsoft Windows Server 2012 Member Server Security Technical Implementation Guide 2013-07-25

Details

Check Text ( C-WN12-00-000018_chk )
Verify the site has a policy to ensure that encryption of userid and password information is required, and that data is encrypted according to DoD policy.

If the user account used for unencrypted remote access within the enclave (premise router) has administrator privileges, this is a finding.

If userid and password information used for remote access to system services from outside the enclave is not encrypted, this is a finding.
Fix Text (F-WN12-00-000018_fix)
Establish a site policy to ensure the following are met during remote access:
Userid and password information is encrypted.
User data coming from or going outside the network firewall is encrypted. (Encrypting user data within the firewall is also highly recommended).
Administrator data is encrypted.