UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Unencrypted remote access to system services must not be permitted.


Overview

Finding ID Version Rule ID IA Controls Severity
V-2908 3.061 SV-25003r2_rule ECCT-1 ECCT-2 High
Description
Unencrypted access to system services may permit user identification and passwords that are being transmitted in clear text to be intercepted. This could provide an intruder access to the network.
STIG Date
Windows 7 Security Technical Implementation Guide 2015-09-02

Details

Check Text ( C-62069r2_chk )
Verify encryption is required for remote access.

If userid and password information are not encrypted, this is a finding.

If administrator data is not encrypted, this is a finding.

If user data coming from or going outside the enclave is not encrypted, this is a finding.
Fix Text (F-66967r2_fix)
Require encryption for remote access.

Encryption of userid and password information is always required.

Encryption of administrator data is always required.

Encryption of user data coming from or going outside the network firewall is required.

Encryption of the user data inside the network firewall is also highly recommended.