Home
Security Hardening
DISA STIG For Microsoft Dot Net Framework 4.0 V2R1

DISA STIG For Microsoft Dot Net Framework 4.0 V2R1

APPNET0031 – Digital signatures assigned to strongly named assemblies must be verified.
Details A strong name consists of the assembly’s identity, simple text name, version number, and culture information (if provided)-plus a...
APPNET0046 – The Trust Providers Software Publishing State must be set to 0x23C00.
Details Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to...
APPNET0048 – Developer certificates used with the .NET Publisher Membership Condition must be approved by the IAO.
Details A .Net assembly will satisfy the Publisher Membership Condition if it is signed with a software publisher’s Authenticode X.509v3...
APPNET0065 – Trust must be established prior to enabling the loading of remote code in .Net 4 – machine
Details In the .NET Framework version 3.5 and earlier versions, if an application assembly loaded code/objects from a remote location,...
APPNET0066 – .NET default proxy settings must be reviewed and approved – applications
Details The .Net framework can be configured to utilize a different proxy or altogether bypass the default proxy settings in...
APPNET0066 – .NET default proxy settings must be reviewed and approved – machine
Details The .Net framework can be configured to utilize a different proxy or altogether bypass the default proxy settings in...
APPNET0067 – Event tracing for Windows (ETW) for Common Language Runtime events must be enabled – applications
Details Event tracing captures information about applications utilizing the .NET CLR and the .NET CLR itself. This includes security oriented...
APPNET0052 – Encryption keys used for the .NET Strong Name Membership Condition must be protected.
Details The Strong Name Membership condition requires that member assemblies be defined with Strong Names. A strong name consists of...
APPNET0067 – Event tracing for Windows (ETW) for Common Language Runtime events must be enabled – machine
Details Event tracing captures information about applications utilizing the .NET CLR and the .NET CLR itself. This includes security oriented...
APPNET0055 – CAS and policy configuration files must be backed up.
Details A successful disaster recovery plan requires that CAS policy and CAS policy configuration files are identified and included in...

DISA STIG For Microsoft Dot Net Framework 4.0 V2R1

APPNET0031 – Digital signatures assigned to strongly named assemblies must be verified.

APPNET0046 – The Trust Providers Software Publishing State must be set to 0x23C00.

APPNET0048 – Developer certificates used with the .NET Publisher Membership Condition must be approved by the IAO.

APPNET0065 – Trust must be established prior to enabling the loading of remote code in .Net 4 – machine

APPNET0066 – .NET default proxy settings must be reviewed and approved – applications

APPNET0066 – .NET default proxy settings must be reviewed and approved – machine

APPNET0067 – Event tracing for Windows (ETW) for Common Language Runtime events must be enabled – applications

APPNET0052 – Encryption keys used for the .NET Strong Name Membership Condition must be protected.

APPNET0067 – Event tracing for Windows (ETW) for Common Language Runtime events must be enabled – machine

APPNET0055 – CAS and policy configuration files must be backed up.