STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021: STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:SV-224856r569186_rule
V-224856
SRG-OS-000095-GPOS-00049
WN16-00-000410
CAT II
10
Uninstall the SMBv1 protocol.
Open "Windows PowerShell" with elevated privileges (run as administrator).
Enter "Uninstall-WindowsFeature -Name FS-SMB1 -Restart".
(Omit the Restart parameter if an immediate restart of the system cannot be done.)
Alternately:
Start "Server Manager".
Select the server with the feature.
Scroll down to "ROLES AND FEATURES" in the right pane.
Select "Remove Roles and Features" from the drop-down "TASKS" list.
Select the appropriate server on the "Server Selection" page and click "Next".
Deselect "SMB 1.0/CIFS File Sharing Support" on the "Features" page.
Click "Next" and "Remove" as prompted.
Different methods are available to disable SMBv1 on Windows 2016. This is the preferred method, however if V-78123 and V-78125 are configured, this is NA.
Open "Windows PowerShell" with elevated privileges (run as administrator).
Enter "Get-WindowsFeature -Name FS-SMB1".
If "Installed State" is "Installed", this is a finding.
An Installed State of "Available" or "Removed" is not a finding.
V-224856
False
WN16-00-000410
Different methods are available to disable SMBv1 on Windows 2016. This is the preferred method, however if V-78123 and V-78125 are configured, this is NA.
Open "Windows PowerShell" with elevated privileges (run as administrator).
Enter "Get-WindowsFeature -Name FS-SMB1".
If "Installed State" is "Installed", this is a finding.
An Installed State of "Available" or "Removed" is not a finding.
M
4205