STIGQter STIGQter: STIG Summary: Microsoft DotNet Framework 4.0 STIG

Version: 1

Release: 9 Benchmark Date: 25 Oct 2019

SV-7438r3_ruleDigital signatures assigned to strongly named assemblies must be verified.
SV-7444r3_ruleThe Trust Providers Software Publishing State must be set to 0x23C00.
SV-7446r3_ruleDeveloper certificates used with the .NET Publisher Membership Condition must be approved by the IAO.
SV-7450r3_ruleEncryption keys used for the .NET Strong Name Membership Condition must be protected.
SV-7452r2_ruleCAS and policy configuration files must be backed up.
SV-7453r3_ruleRemoting Services HTTP channels must utilize authentication and encryption.
SV-55642r1_rule.Net Framework versions installed on the system must be supported.
SV-40966r1_ruleThe .NET CLR must be configured to use FIPS approved encryption modules.
SV-40977r3_rule.NET must be configured to validate strong names on full-trust assemblies.
SV-40979r3_rule.Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance.
SV-41010r1_ruleTrust must be established prior to enabling the loading of remote code in .Net 4.
SV-41014r1_rule.NET default proxy settings must be reviewed and approved.
SV-41030r2_ruleSoftware utilizing .Net 4.0 must be identified and relevant access controls configured.
SV-41075r1_ruleEvent tracing for Windows (ETW) for Common Language Runtime events must be enabled.
SV-42341r2_ruleRemoting Services TCP channels must utilize authentication and encryption.
SV-96209r2_ruleDisable TLS RC4 cipher in .Net