The Windows Remote Management (WinRM) service must not use Basic authentication.

An XCCDF Rule

Description

Basic authentication uses plain-text passwords that could be used to compromise a system. Disabling Basic authentication will reduce this potential.

ID: SV-224961r958510_rule
Version: WN16-CC-000530
Severity: High
References: CCI-000877
Updated: 15 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> "Allow Basic authentication" to "Disabled".