sec05

c-sec-05-schannel-p5-cipher-order (Enabled)

Ensure the security cipher order is set correctly. Settings taken from https://www.nartac.com/Products/IISCrypto/Default.aspx using "Best Practices/FIPS 140-2" settings.

Input Values

CipherSuiteOrder - "LARGE"

Example

CipherSuiteOrder = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA'

Input Descriptions

None

Result And Messages

PASS
Cipher suite order set correctly
WARNING
FAIL
Cipher suite order not set correctly Cipher suite order set to the default value
MANUAL
NA

Applies To

All Servers

Required Functions

None

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

sec05

c-sec-05-schannel-p5-cipher-order (Enabled)

Input Values

Example

Input Descriptions

Result And Messages

Applies To

Required Functions

Home | GUI Tool ||| Accounts | Compliance | Drives | Hyper-V-Host | Network | Regional | Security | System | Virtual

Helpful Links

Check Sections

Clone this wiki locally