DTBI018 – Check for publishers certificate revocation must be enforced.

Details

Check for publisher’s certificate revocation options should be enforced to ensure all PKI signed objects are validated.

Solution

In the Internet Explorer Options, on the ‘Advanced’ tab, scroll down to Security category, and select the ‘Check for publisher’s certificate revocation’ box.

NOTE: Manual entry for the value State, set to REG_DWORD = 65536, may first be required.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Microsoft_IE9_V1R15_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.

References

800-53|IA-5(2)(a)
CAT|II
Rule-ID|SV-43163r2_rule
STIG-ID|DTBI018
Vuln-ID|V-32808

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles