UCF STIG Viewer Logo

Unencrypted remote access to system services must not be permitted.


Overview

Finding ID Version Rule ID IA Controls Severity
V-2908 WN08-00-000007 SV-48066r2_rule High
Description
Unencrypted access to system services may permit user identification and passwords that are being transmitted in clear text to be intercepted. This could provide an intruder access to the network.
STIG Date
Windows 8 / 8.1 Security Technical Implementation Guide 2016-12-19

Details

Check Text ( C-44805r4_chk )
Verify encryption is required for remote access.

If userid and password information are not encrypted, this is a finding.

If administrator data is not encrypted, this is a finding.

If user data coming from or going outside the enclave is not encrypted, this is a finding.
Fix Text (F-41204r4_fix)
Require encryption for remote access.

Encryption of userid and password information is always required.

Encryption of administrator data is always required.

Encryption of user data coming from or going outside the network firewall is required.

Encryption of the user data inside the network firewall is also highly recommended.