Details
By default, communication between Web servers and service applications within a farm takes place by using HTTP with a binding to TCP 32843. Configurations should be changed to enable SSL/TLS based HTTPS connections with a binding to TCP port 32844 instead.
Rationale:
Forcing communication over HTTPS TCP 32844 hardens the communication between service applications will help to secure the communications against potential compromise
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
On the Service Applications page in Central Administration, select the service application, and then click Publish.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.