Details

This policy setting allows you to manage whether the Windows Remote Management (WinRM) service sends and receives unencrypted messages over the network.

If you enable this policy setting the WinRM client sends and receives unencrypted messages over the network.

If you disable or do not configure this policy setting the WinRM client sends or receives only encrypted messages over the network.

Solution

Policy Path: Windows ComponentsWindows Remote Management (WinRM)WinRM Service
Policy Setting Name: Allow unencrypted traffic

Supportive Information

The following resource is also helpful.

• https://blogs.technet.microsoft.com/secguide/2018/04/30/security-baseline-for-windows-10-april-2018-update-v1803-final/

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

• 800-53|AC-17(2)
• CSCv6|16.13

Source

• Tenable.com/audits