SharePoint must use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.
An XCCDF Rule
Description
<VulnDiscussion>Certain encryption types are no longer considered secure. This setting configures a minimum encryption type for SharePoint. Different versions of the Windows Server OS and versions of SharePoint will have different suites available.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-223264r821368_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Configure the SharePoint server to use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.
Open MMC.
Click “File”, “Add/Remove Snap-in”, and “add Group Policy Object Editor”.