Back

Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" to organizational standards.


CONTROL ID
07663
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure Key, Certificate, Password, Authentication and Identity Management settings in accordance with organizational standards., CC ID: 07621

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (BBE3858C-766C-4C4F-A4E2-4923715ED0F1, Win7SP1 Computer Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (FE3742E8-779A-4F52-80D5-C556F80C8C35, Win7SP1 Computer Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (DBA3EC7E-C3B1-4FDE-AD27-6A2A8F1A42E4, Win8 Computer Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (9DCA0468-1E13-44E1-937F-B08CE4E1D1E9, Win8 Computer Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (527712A0-C046-49D7-AD3D-7CF7B70628D2, WS2008R2SP1 Domain Controller Security Compliance, 1.1)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (197226C1-3212-4185-B12D-1D89F287C8FB, WS2008R2SP1 Domain Controller Security Compliance, 1.1)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (D2B93E17-95B9-4BA5-A5AD-973B8D5C4AB6, WS2008R2SP1 Member Server Security Compliance, 1.1)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (86D9DA4F-B08C-4424-93AA-AA434CD4E465, WS2008R2SP1 Member Server Security Compliance, 1.1)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (F815C418-2984-4721-A02F-622CD5EAC5C1, WS2012 Domain Controller Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (986B3C11-3E9B-421A-965F-786B1206D561, WS2012 Domain Controller Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (B314C913-9909-4BB5-89D4-2A11A1A52F74, WS2012 Member Server Security Compliance, 1.0)
  • Configure the "Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers" setting to "Not Defined". (309E6131-E5E8-4D57-9E6B-ED3941848A3F, WS2012 Member Server Security Compliance, 1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.31_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.31.1_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.31_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.31.2_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.31_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.31.1_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.31_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.31.2_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.11.8_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.11.8.1_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.11.8_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.11.8.2_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.11.8_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.11.8.1_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.11.8_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.11.8.2_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.59_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.59.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.59_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.59.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.59_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.59.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.59_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.59.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.12.10_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.12.10.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.12.10_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.12.10.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.12.10_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.12.10.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • Title: Configure 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' Description: This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server. This policy is supported on … (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.12.10_Configure_Network_Security_Restrict_NTLM_Outgoing_NTLM_traffic_to_remote_servers Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.12.10.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • The 'Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers' setting should be configured correctly. Technical Mechanisms: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network Security: Restrict NTLM: Outgoing NTLM traffic to r… (CCE-10859-7, Common Configuration Enumeration List, Combined XML: Microsoft Windows Server 2008 R2, 5.20130214)