servant2IT-GrundschutzPolicy für Bausteine: SYS 1.2.2, SYS 2.2.2, SYS 2.2.32020-08-10T07:16:31Z2020-08-10T07:40:41Z11Everything406500policyCompliance1130IT-Grundschutz601690Port scanners290Windows2248043965PostgreSQL Detection1Postgres Username:Postgres Username:entrypostgresPostgreSQL Detection2Postgres Password:Postgres Password:passwordPing Host10nmap additional ports for -PAnmap additional ports for -PAentry137,587,3128,8081137,587,3128,8081Ping Host11nmap: try also with only -sPnmap: try also with only -sPcheckboxnonoPing Host12Log nmap outputLog nmap outputcheckboxyesnoPing Host13Log failed nmap callsLog failed nmap callscheckboxnonoPing Host14nmap timing policynmap timing policyradioNormalNormalPing Host1Do a TCP pingDo a TCP pingcheckboxnonoPing Host2TCP ping tries also TCP-SYN pingTCP ping tries also TCP-SYN pingcheckboxnonoPing Host3Do an ICMP pingDo an ICMP pingcheckboxyesyesPing Host4Use ARPUse ARPcheckboxnonoPing Host5Mark unrechable Hosts as dead (not scanning)Mark unrechable Hosts as dead (not scanning)checkboxyesyesPing Host6Report about unrechable HostsReport about unrechable HostscheckboxnonoPing Host7TCP ping tries only TCP-SYN pingTCP ping tries only TCP-SYN pingcheckboxnonoPing Host8Use nmapUse nmapcheckboxyesyesPing Host9Report about reachable HostsReport about reachable HostscheckboxnonoOptions for Local Security Checks1Also use 'find' command to search for ApplicationsAlso use 'find' command to search for ApplicationscheckboxnoyesOptions for Local Security Checks2Descend directories on other filesystem (don't add -xdev to find)Descend directories on other filesystem (don't add -xdev to find)checkboxyesyesOptions for Local Security Checks3Enable Detection of Portable Apps on WindowsEnable Detection of Portable Apps on WindowscheckboxnonoOptions for Local Security Checks4Disable the usage of win_cmd_exec for remote commands on WindowsDisable the usage of win_cmd_exec for remote commands on WindowscheckboxnonoOptions for Local Security Checks5Disable file search via WMI on WindowsDisable file search via WMI on WindowscheckboxnonoOptions for Local Security Checks6Report vulnerabilities of inactive Linux Kernel(s) separatelyReport vulnerabilities of inactive Linux Kernel(s) separatelycheckboxnonoOptions for Local Security Checks7Integer that sets the directory depth when using 'find' on unixoide systemsInteger that sets the directory depth when using 'find' on unixoide systemsentry1212Options for Local Security Checks8Use 'su - USER' option on SSH commandsUse 'su - USER' option on SSH commandsradionoyesnoOptions for Local Security Checks9Use this user for 'su - USER' option on SSH commandsUse this user for 'su - USER' option on SSH commandsentryHTTP Server type and version1Show full HTTP headers in outputShow full HTTP headers in outputcheckboxnonoSSH Brute Force Logins With Default Credentials Reporting1Report timeoutReport timeoutcheckboxnonoHTTP Brute Force Logins With Default Credentials Reporting1Report timeoutReport timeoutcheckboxnonoServices1Test SSL based servicesTest SSL based servicesradioAllNoneAllServices2Number of connections done in parallel :Number of connections done in parallel :entry66Services3Network connection timeout :Network connection timeout :entry2020Services4Network read/write timeout :Network read/write timeout :entry2020Services5Wrapped service read timeout :Wrapped service read timeout :entry2020Services6SSL certificate :SSL certificate :fileServices7SSL private key :SSL private key :fileServices8PEM password :PEM password :passwordServices9CA file :CA file :fileSearch for specified dirs1Search for dir(s)Search for dir(s)entry/admin;/manager/admin;/managerSearch for specified dirs2Valid http status codes indicating that a directory was foundValid http status codes indicating that a directory was foundentry200;301;302;401;403200;301;302;401;403Search for specified dirs3Run this PluginRun this PlugincheckboxnonoVMware ESXi scan initialization1ESXi login name:ESXi login name:entryVMware ESXi scan initialization2ESXi login password:ESXi login password:passwordSSH Authorization1SSH login name:SSH login name:entrySSH Authorization2SSH key passphrase:SSH key passphrase:passwordSSH Authorization3SSH password (unsafe!):SSH password (unsafe!):passwordSSH Authorization4SSH private key:SSH private key:fileSSH Authorization5Keys:Keys:sshlogin--SSH Authorization6SSH public key:SSH public key:fileLeave information on scanned hosts1EnableEnablecheckboxnonoLeave information on scanned hosts2Use FileUse FilecheckboxnonoLeave information on scanned hosts3File name /tmp/File name /tmp/entryscan_info.txtscan_info.txtLeave information on scanned hosts4Append to FileAppend to FilecheckboxnonoLeave information on scanned hosts5Use SyslogUse SyslogcheckboxnonoLeave information on scanned hosts6Syslog prioritySyslog priorityradioinfodebugnoticewarningerrcritalertemerginfoLeave information on scanned hosts7Syslog tagSyslog tagentryVulScanVulScanLeave information on scanned hosts8MessageMessageentrySecurity Scan of ::HOSTNAME:: finished. Start: ::SCAN_START:: Stop: ::SCAN_STOP::Security Scan of ::HOSTNAME:: finished. Start: ::SCAN_START:: Stop: ::SCAN_STOP::Options for Brute Force NVTs1Credentials file:Credentials file:fileOptions for Brute Force NVTs2Use only credentials listed in uploaded file:Use only credentials listed in uploaded file:checkboxyesyesOptions for Brute Force NVTs3Disable brute force checksDisable brute force checkscheckboxnonoOptions for Brute Force NVTs4Disable default account checksDisable default account checkscheckboxnonoSSL/TLS: Version Detection Report1Report TLS versionReport TLS versioncheckboxnonoResponse Time / No 404 Error Code Check1Maximum response time (in seconds)Maximum response time (in seconds)entry6060File Checksums1Target checksum FileTarget checksum FilefileFile Checksums2List all and not only the first 100 entriesList all and not only the first 100 entriescheckboxnonoFile Content1Target File PoliciesTarget File PoliciesfileCPE Policy Check1Single CPESingle CPEentrycpe:/cpe:/CPE Policy Check2CPE ListCPE ListfileCPE Policy Check3Check forCheck forradiopresentmissingpresentChecks for open UDP ports1SilentSilentcheckboxyesyesCreate System Characteristics1Create OVAL System CharacteristicsCreate OVAL System CharacteristicscheckboxnonoESXi Authorization1ESXi login name:ESXi login name:entryESXi Authorization2ESXi login password:ESXi login password:passwordSNMP Authorization1SNMP Community:SNMP Community:passwordPalo Alto PAN-OS Version Detection (XML-API)1API Username:API Username:entryPalo Alto PAN-OS Version Detection (XML-API)2API Password:API Password:passwordVmware NSX Version Detection (HTTP-API)1NSX API Username:NSX API Username:entryVmware NSX Version Detection (HTTP-API)2NSX API Password:NSX API Password:passwordCisco Application Policy Infrastructure Controller Enterprise Module Detection1APIC Username:APIC Username:entryCisco Application Policy Infrastructure Controller Enterprise Module Detection2APIC Password:APIC Password:passwordCitrix XenMobile Server Detection1XenMobile Username:XenMobile Username:entryCitrix XenMobile Server Detection2XenMobile Password:XenMobile Password:passwordSSL/TLS: Policy Check1Minimum allowed TLS version:Minimum allowed TLS version:radioTLS 1.2TLS 1.1TLS 1.0SSL v3TLS 1.2SSL/TLS: Policy Check2Perform check:Perform check:checkboxnonoSSL/TLS: Policy Check3Report passed tests:Report passed tests:checkboxnonoSSL/TLS: Certificate Signed Using A Weak Signature Algorithm1SHA-1 fingerprints of CA certificates to trustSHA-1 fingerprints of CA certificates to trustentryWindows Registry Check1Policy registry filePolicy registry filefileVNC Brute Force Login1PasswordsPasswordsentryadmin, vnc, test, passwordadmin, vnc, test, passwordCisco IOS Compliance Check1Cisco IOS PoliciesCisco IOS PoliciesfileCisco IOS Compliance Check2Enable PasswordEnable PasswordpasswordWeb mirroring1Number of pages to mirror :Number of pages to mirror :entry200200Web mirroring2Start page :Start page :entry//Web mirroring3Number of cgi directories to save into KB :Number of cgi directories to save into KB :entry128128Web mirroring4Regex pattern to exclude cgi scripts :Regex pattern to exclude cgi scripts :entry\.(js|css)$\.(js|css)$Web mirroring5Use regex pattern to exclude cgi scripts :Use regex pattern to exclude cgi scripts :checkboxyesyesDCE/RPC and MSRPC Services Enumeration Reporting1Report local DCE servicesReport local DCE servicescheckboxnono3Com Superstack 3 switch with default password1Use complete password list (not only vendor specific passwords)Use complete password list (not only vendor specific passwords)checkboxnonoWindows 10 / Windows Server 2016 Telemetry Level Compliance1Check telemetry level complianceCheck telemetry level compliancecheckboxnonoSSH Brute Force Logins With Default Credentials1Seconds to wait between probesSeconds to wait between probesentryNmap OS Identification (NASL wrapper)1Guess OS more aggressively (safe checks off only)Guess OS more aggressively (safe checks off only)checkboxnonoNmap OS Identification (NASL wrapper)2Guess OS more aggressively even if safe checks are setGuess OS more aggressively even if safe checks are setcheckboxnonoNmap OS Identification (NASL wrapper)3Run routineRun routinecheckboxyesyesSSL/TLS: IRC 'STARTTLS' Command Detection1Run routineRun routinecheckboxnonoAKIF Orientierungshilfe Windows 10: Ueberpruefungen1Orientierungshilfe Windows 10 PoliciesOrientierungshilfe Windows 10 PoliciesfileLeave Host Identification Tag on scanned host (SSH)1EnableEnablecheckboxnonoSSL/TLS: Check for `max-age` Attribute in HPKP Header1Minimum max-age value (in seconds)Minimum max-age value (in seconds)entry51840005184000SSL/TLS: Check for `max-age` Attribute in HSTS Header1Minimum max-age value (in seconds)Minimum max-age value (in seconds)entry1088640010886400Do not scan fragile devices or ports1Exclude specific port(s) from scanExclude specific port(s) from scanentryMinimum allowed hash algorithm in /etc/shadow1Minimum allowed hash algorithmMinimum allowed hash algorithmradioSHA-512SHA-256NT HashBlowfishMD5DESSHA-512Minimum allowed hash algorithm in /etc/shadow2Perform checkPerform checkcheckboxnonoMinimum allowed hash algorithm in /etc/shadow3Report passed testsReport passed testscheckboxnonoEmotet Trojan Detection1Run checkRun checkcheckboxnonoDICOM Service 'Default AE Title' Brute Force1AE Titles fileAE Titles filefileDICOM Service 'Default AE Title' Brute Force2Use only AE Titles in uploaded fileUse only AE Titles in uploaded filecheckboxnonoLogin configurations10POP2 password (sent in clear) :POP2 password (sent in clear) :passwordLogin configurations11POP3 account :POP3 account :entryLogin configurations12POP3 password (sent in clear) :POP3 password (sent in clear) :passwordLogin configurations13IMAP account :IMAP account :entryLogin configurations14IMAP password (sent in clear) :IMAP password (sent in clear) :passwordLogin configurations15Never send SMB credentials in clear textNever send SMB credentials in clear textcheckboxyesyesLogin configurations16Only use NTLMv2Only use NTLMv2checkboxnonoLogin configurations1NTLMSSPNTLMSSPcheckboxyesyesLogin configurations2HTTP account :HTTP account :entryLogin configurations3HTTP password (sent in clear) :HTTP password (sent in clear) :passwordLogin configurations4NNTP account :NNTP account :entryLogin configurations5NNTP password (sent in clear) :NNTP password (sent in clear) :passwordLogin configurations6FTP account :FTP account :entryanonymousanonymousLogin configurations7FTP password (sent in clear) :FTP password (sent in clear) :passwordLogin configurations8FTP writeable directory :FTP writeable directory :entry/incoming/incomingLogin configurations9POP2 account :POP2 account :entryFTP Brute Force Logins Reporting1Report timeoutReport timeoutcheckboxnonoAgentTesla Malware Detection (Covid-19 Campaign)1Run checkRun checkcheckboxnonoPolicy Controls Summary1reporting formatreporting formatradiotexttabletext and tabletextMicrosoft Windows: Do not allow Windows Media Center to run1ValueValueradio101Microsoft Windows: Do not allow Sound Recorder to run1ValueValueradio101Microsoft Windows: Allow the use of biometrics1ValueValueradio010IT-Grundschutz, Kompendium1BerichtformatBerichtformatradioTextTabellarischText und TabellarischTextMicrosoft Windows: Do not process the legacy run list1ValueValueradio010Microsoft Windows: Do not process the run once list1ValueValueradio101Microsoft Office: ActiveX Control Initialization1ValueValueradio01234560Microsoft Office: Allow mix of policy and user locations1ValueValueradio010Microsoft Office: Allow PNG as an output format1ValueValueradio010Microsoft Office: Control Blogging1ValueValueradio2012Microsoft Office: Allow users with earlier versions of Office to read with browsers1ValueValueradio010Microsoft Office: Disable all Trust Bar notifications for security issues1ValueValueradio010Microsoft Office: Document Information Panel Beaconing UI1ValueValueradio101Microsoft Office: Enable Customer Experience Improvement Program1ValueValueradio010Microsoft Office: Encryption type for password protected Office 97-2003 files1ValueValueentryencryption typeencryption typeMicrosoft Office: Encryption type for password protected Office Open XML files1ValueValueentryencryption typeencryption typeMicrosoft Office: Improve Proofing Tools1ValueValueradio010Microsoft Office: Suppress hyperlink warnings1ValueValueradio010Microsoft Office: Disable inclusion of document properties in PDF and XPS output1ValueValueradio101Microsoft Office: Disable Internet Fax feature1ValueValueradio101Microsoft Windows: Floppy Drives: Deny read access1ValueValueradio101Microsoft Office: Disable password to open UI1ValueValueradio010Microsoft Office: Disable Smart Documents use of manifests1ValueValueradio101Microsoft Office: Disable the Office client from polling the SharePoint Server for published links1ValueValueradio101Microsoft Office: Always require users to connect to verify permission1ValueValueradio101Microsoft Office: Automatically receive small updates to improve reliability1ValueValueradio010Microsoft Office: Automation Security1ValueValueradio3123Microsoft Office: Legacy format signatures1ValueValueradio010Microsoft Office: Load Controls in Forms31ValueValueradio12341Microsoft Office: Open Office documents as read/write while browsing1ValueValueradio010Microsoft Office: Prevent users from changing permissions on rights managed content1ValueValueradio010Microsoft Office: Protect document metadata for password protected files1ValueValueradio101Microsoft Office: Protect document metadata for rights managed Office Open XML Files1ValueValueradio101Microsoft Office: Rely on VML for displaying graphics in browsers1ValueValueradio010Microsoft Office: Suppress external signature services menu item1ValueValueradio101Microsoft Office: Online content options1ValueValueradio202Microsoft Office: Encrypt document properties1ValueValueradio101Microsoft Office: Enable Automatic Updates1ValueValueradio101Microsoft Windows: Specify intranet Microsoft update service location1ValueValueradio010Microsoft Windows: Set the intranet update service for detecting updates1ValueValueentrySERVERSERVERMicrosoft Windows: Set the intranet statistics server1ValueValueentrySERVERSERVERMicrosoft Office: Hide option to enable or disable updates1ValueValueradio101Microsoft Office: Disable First Run Movie1ValueValueradio101Microsoft Office: Disable Office First Run on application boot1ValueValueradio101Microsoft Office: Block signing into Office1ValueValueradio30123Microsoft Office: Do not automatically hyperlink screenshots1ValueValueradio101Microsoft Office: Show OneDrive Sign In1ValueValueradio010Microsoft Office: Office Presentation Service1ValueValueradio101Microsoft Office: Programmatic access for creating online presentations (PowerPoint, Word)1ValueValueradio101Microsoft Office: Allow including screenshot with Office Feedback1ValueValueradio010Microsoft Office: Send Office Feedback1ValueValueradio010Microsoft Office: Allow Unsecure Apps, Web add-ins and Catalogs1ValueValueradio101Microsoft Office: Block the Office Store1ValueValueradio101Microsoft Office: Disable Roaming Office User Settings1ValueValueradio101Microsoft Office: Turn on data uploading for Office Telemetry Agent1ValueValueradio010Microsoft Office: Turn on privacy setting in Office Telemetry Agent1ValueValueradio101Microsoft Office: Turn on telemetry data collection1ValueValueradio101Microsoft Windows 10: Allow Telemetry1ValueValueradio01230Microsoft Windows: Prevent the usage of OneDrive for file storage1ValueValueradio101Microsoft Windows: Turn off Windows Location Provider1ValueValueradio101Microsoft Windows 10: Allow Cortana1ValueValueradio010Microsoft Windows 10: Prevent device metadata retrieval from the Internet1ValueValueradio101Microsoft Windows 10: Disable Malicious Software Removal Tool From Installing1ValueValueradio101Microsoft Windows 10: Disable Malicious Software Removal Tool from reporting infection information1ValueValueradio101Microsoft Windows 10: Send file samples when further analysis is required1ValueValueradio01230Microsoft Windows: Join Microsoft MAPS1ValueValueradio010Microsoft Windows: Enforce password history1MinimumMinimumentry2424Microsoft Windows: Maximum password age1Maximum password ageMaximum password ageentry6060Microsoft Windows: Minimum password age1MinimumMinimumentry11Microsoft Windows: Minimum password length1MinimumMinimumentry1414Microsoft Windows: Password must meet complexity requirement1RequiredRequiredradioTrueFalseTrueMicrosoft Windows: Store passwords using reversible encryption1RequiredRequiredradioTrueFalseTrueMicrosoft Windows: Account lockout duration1MinimumMinimumentry1515Microsoft Windows: Account lockout threshold1MaximumMaximumentry1010Microsoft Windows: Reset lockout counter after1MinimumMinimumentry1515Microsoft Windows 10: Access Credential Manager as a trusted caller1ValueValueentryNoneNoneMicrosoft Windows 10: Access this computer from the network1ValueValueentryAdministrators, Remote Desktop UsersAdministrators, Remote Desktop UsersMicrosoft Windows 10: Act as part of the operating system1ValueValueentryNoneNoneMicrosoft Windows 10: Adjust memory quotas for a process1ValueValueentryAdministrators, LOCAL SERVICE, NETWORK SERVICEAdministrators, LOCAL SERVICE, NETWORK SERVICEMicrosoft Windows 10: Allow log on locally1ValueValueentryAdministrators, UsersAdministrators, UsersMicrosoft Windows 10: Allow log on through Remote Desktop Services1ValueValueentryAdministrators, Remote Desktop UsersAdministrators, Remote Desktop UsersMicrosoft Windows 10: Back up files and directories1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Change the system time1ValueValueentryAdministrators, LOCAL SERVICEAdministrators, LOCAL SERVICEMicrosoft Windows 10: Change the time zone1ValueValueentryAdministrators, LOCAL SERVICE, UsersAdministrators, LOCAL SERVICE, UsersMicrosoft Windows 10: Create a pagefile1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Create a token object1ValueValueentryNoneNoneMicrosoft Windows 10: Create global objects1ValueValueentryAdministrators, LOCAL SERVICE, NETWORK SERVICE, SERVICEAdministrators, LOCAL SERVICE, NETWORK SERVICE, SERVICEMicrosoft Windows 10: Create permanent shared objects1ValueValueentryNoneNoneMicrosoft Windows 10: Create symbolic links1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Debug programs1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Deny access to this computer from the network1ValueValueentryGuests, Local accountGuests, Local accountMicrosoft Windows 10: Deny log on as a batch job1ValueValueentryGuestsGuestsMicrosoft Windows 10: Deny log on as a service1ValueValueentryGuestsGuestsMicrosoft Windows 10: Deny log on locally1ValueValueentryGuestsGuestsMicrosoft Windows 10: Deny log on through Remote Desktop Services1ValueValueentryGuests, Local accountGuests, Local accountMicrosoft Windows 10: Enable computer and user accounts to be trusted for delegation1ValueValueentryNoneNoneMicrosoft Windows 10: Force shutdown from a remote system1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Generate security audits1ValueValueentryLOCAL SERVICE, NETWORK SERVICELOCAL SERVICE, NETWORK SERVICEMicrosoft Windows 10: Impersonate a client after authentication1ValueValueentryAdministrators, LOCAL SERVICE, NETWORK SERVICE, SERVICEAdministrators, LOCAL SERVICE, NETWORK SERVICE, SERVICEMicrosoft Windows 10: Increase scheduling priority1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Load and unload device drivers1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Lock pages in memory1ValueValueentryNoneNoneMicrosoft Windows 10: Log on as a batch job1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Log on as a service1ValueValueentryNoneNoneMicrosoft Windows 10: Manage auditing and security log1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Modify an object label1ValueValueentryNoneNoneMicrosoft Windows 10: Modify firmware environment values1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Perform volume maintenance tasks1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Profile single process1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Profile system performance1ValueValueentryAdministrators, NT SERVICE\WdiServiceHostAdministrators, NT SERVICE\WdiServiceHostMicrosoft Windows 10: Replace a process level token1ValueValueentryLOCAL SERVICE, NETWORK SERVICELOCAL SERVICE, NETWORK SERVICEMicrosoft Windows 10: Restore files and directories1ValueValueentryAdministratorsAdministratorsMicrosoft Windows 10: Shut down the system1ValueValueentryAdministrators, UsersAdministrators, UsersMicrosoft Windows 10: Take ownership of files or other objects1ValueValueentryAdministratorsAdministratorsMicrosoft Windows: Accounts: Administrator account status1StatusStatusentryDegradedDegradedMicrosoft Windows: Accounts: Block Microsoft accounts1ValueValueradio0130Microsoft Windows: Accounts: Guest account status1StatusStatusentryDegradedDegradedMicrosoft Windows 10: Accounts: Limit local account use of blank passwords to console logon only1ValueValueradio010Microsoft Windows: Digitally sign secure channel data (when possible)1StatusStatusradio101Microsoft Windows: Disable machine account password changes1StatusStatusradio010Microsoft Windows: Domain member: Maximum machine account password age1MaximumMaximumentry3030Microsoft Windows: Domain member: Require strong (Windows 2000 or later) session key1StatusStatusradio101Microsoft Windows: Interactive logon: Do not display last user name1ValueValueradio101Microsoft Windows: Interactive logon: Do not require CTRL+ALT+DEL1ValueValueradio010Microsoft Windows: Disallow Autoplay for non-volume devices1ValueValueradio101Microsoft Windows: Set the default behavior for AutoRun1ValueValueradio121Microsoft Windows: Turn off Autoplay1ValueValueradio255181255Microsoft Windows Defender AV: Turn off Windows Defender Antivirus1ValueValueradio010Microsoft Windows: All Removable Storage classes: Deny all access1ValueValueradio101Microsoft Windows: CD and DVD: Deny execute access1ValueValueradio101Microsoft Windows: CD and DVD: Deny read access1ValueValueradio101Microsoft Windows: CD and DVD: Deny write access1ValueValueradio101Microsoft Windows: Removable Disks: Deny execute access1ValueValueradio101Microsoft Windows: Removable Disks: Deny read access1ValueValueradio101Microsoft Windows: Removable Disks: Deny write access1ValueValueradio101Microsoft Windows: WPD Devices: Deny read access1ValueValueradio101Microsoft Windows: WPD Devices: Deny write access1ValueValueradio101Microsoft Windows: Floppy Drives: Deny write access1ValueValueradio101Microsoft Windows: Prevent Media Sharing1ValueValueradio101Microsoft Windows: Restrict delegation of credentials to remote servers1ValueValueradio010Microsoft Windows: Save documents to OneDrive by default1ValueValueradio010Microsoft Windows: Tape Drives: Deny read access1ValueValueradio101Microsoft Windows: Tape Drives: Deny write access1ValueValueradio101Microsoft Windows: Turn off Active Help1ValueValueradio101Microsoft Windows: Turn off desktop gadgets1ValueValueradio101Microsoft Windows: Override audit policy category settings with subcategory settings1ValueValueradio010Microsoft Windows: Shut down system immediately if unable to log security audits1ValueValueradio101Microsoft Windows: Devices: Allowed to format and eject removable media1ValueValueradio2012Microsoft Windows: Devices: Prevent users from installing printer drivers1ValueValueradio101Windows Defender Firewall: Public Profile: Apply local firewall rules1ValueValueradio010Windows Defender Firewall: Public Profile: Apply local connection security rules1ValueValueradio010Microsoft Windows: Domain member: Digitally encrypt or sign secure channel data (always)1StatusStatusradio101Microsoft Windows: Domain member: Digitally encrypt secure channel data (when possible)1StatusStatusradio101Microsoft Windows: Interactive logon: Machine account lockout threshold1MaximumMaximumentry1010Microsoft Windows Defender AV: Turn on e-mail scanning1ValueValueradio010Microsoft Windows: Turn off downloading of game information1ValueValueradio010Microsoft Windows Defender AV: Number of days before spyware definitions are outdated1ValueValueentry1414Microsoft Windows Defender AV: Number of days before virus definitions are outdated1ValueValueentry1414Microsoft Windows Defender AV: Windows Defender protection against PUA1ValueValueradio101Microsoft Windows: Interactive logon: Machine inactivity limit1MaximumMaximumentry900900Microsoft Windows: Interactive logon: Message text for users attempting to logon1TextTextentryTextTextMicrosoft Windows: Interactive logon: Message title for users attempting to log on1TextTextentryTextTextMicrosoft Windows: Interactive logon: Number of previous logons to cache1MaximumMaximumentry44Microsoft Windows: Interactive logon: Prompt user to change password before expiration1MinimumMinimumentry55Microsoft Windows: Interactive logon: Smart card removal behavior1ValueValueradio10231Microsoft Windows: Microsoft network client: Digitally sign communications (always)1ValueValueradio010Microsoft Windows: Microsoft network client: Digitally sign communications (if server agrees) 1ValueValueradio101Microsoft Windows: Microsoft network client: Send unencrypted password to third-party SMB servers1ValueValueradio010Microsoft Windows: Microsoft network server: Amount of idle time required before suspending session1MaximumMaximumentry1515Microsoft Windows: Microsoft network server: Digitally sign communications (always)1ValueValueradio101Microsoft Windows: Microsoft network server: Digitally sign communications (if client agrees)1ValueValueradio010Microsoft Windows: Microsoft network server: Server SPN target name validation level1ValueValueradio101Microsoft Windows: Network access: Allow anonymous SID/Name translation1ValueValueradio010Microsoft Windows: Network access: Do not allow anonymous enumeration of SAM accounts1ValueValueradio101Microsoft Windows: Network access: Do not allow anonymous enumeration of SAM accounts and shares1ValueValueradio101Microsoft Windows: Network access: Storage of passwords and credentials for network authentication1ValueValueradio101Microsoft Windows: Network access: Let Everyone permissions apply to anonymous users1ValueValueradio010Microsoft Windows: Network access: Remotely accessible registry paths1PathsPathsentrySystem\CurrentControlSet\Control\ProductOptions, System\CurrentControlSet\Control\Server Applications, Software\Microsoft\Windows NT\CurrentVersionSystem\CurrentControlSet\Control\ProductOptions, System\CurrentControlSet\Control\Server Applications, Software\Microsoft\Windows NT\CurrentVersionMicrosoft Windows: Network access: Remotely accessible registry paths and sub-paths1ValueValueentryNoneNoneMicrosoft Windows: Network access: Restrict anonymous access to Named Pipes and Shares1ValueValueradio101Microsoft Windows: Network access: Restrict clients allowed to make remote calls to SAM1ValueValueentryO:BAG:BAD:(A;;RC;;;BA)O:BAG:BAD:(A;;RC;;;BA)Microsoft Windows: Network access: Shares that can be accessed anonymously1ValueValueentryNoneNoneMicrosoft Windows: Network access: Sharing and security model for local accounts1ValueValueradio010Microsoft Windows: Network security: Allow Local System to use computer identity for NTLM1ValueValueradio101Microsoft Windows: Network security: Allow LocalSystem NULL session fallback1ValueValueradio010Microsoft Windows: Network security: Allow PKU2U authentication requests to this computer to use online identities1ValueValueradio010Microsoft Windows: Network security: Encryption types allowed for Kerberos1DES-CBC-CRCDES-CBC-CRCradioDisabledEnabledDisabledMicrosoft Windows: Network security: Encryption types allowed for Kerberos2DES-CBC-MD5DES-CBC-MD5radioDisabledEnabledDisabledMicrosoft Windows: Network security: Encryption types allowed for Kerberos3RC4-HMACRC4-HMACradioDisabledEnabledDisabledMicrosoft Windows: Network security: Encryption types allowed for Kerberos4AES128-CTS-HMAC-SHA1-96AES128-CTS-HMAC-SHA1-96radioEnabledDisabledEnabledMicrosoft Windows: Network security: Encryption types allowed for Kerberos5AES256-CTS-HMAC-SHA1-96AES256-CTS-HMAC-SHA1-96radioEnabledDisabledEnabledMicrosoft Windows: Network security: Encryption types allowed for Kerberos6Future encryption typesFuture encryption typesradioEnabledDisabledEnabledMicrosoft Windows: Network security: Do not store LAN Manager hash value on next password change1ValueValueradio101Microsoft Windows: Network security: LAN Manager authentication level1ValueValueradio5012345Microsoft Windows: Network security: LDAP client signing requirements1ValueValueradio1021Microsoft Windows: Network security: Minimum session security for NTLM SSP based clients1ValueValueradio53687091201632524288536870912Microsoft Windows: Network security: Minimum session security for NTLM SSP based servers1ValueValueradio016325242885368709120Microsoft Windows: System cryptography: Force strong key protection for user keys stored on the computer1MinimumMinimumradio1021Microsoft Windows: System objects: Require case insensitivity for non-Windows subsystems1ValueValueradio101Microsoft Windows: System objects: Strengthen default permissions of internal system objects1ValueValueradio101Microsoft Windows: User Account Control: Admin Approval Mode for the Built-in Administrator account1ValueValueradio101Microsoft Windows: User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop1ValueValueradio010Microsoft Windows: User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode1ValueValueradio2013452Microsoft Windows: User Account Control: Behavior of the elevation prompt for standard users1ValueValueradio010Microsoft Windows: User Account Control: Detect application installations and prompt for elevation1ValueValueradio101Microsoft Windows: User Account Control: Only elevate UIAccess applications that are installed in secure locations1ValueValueradio101Microsoft Windows: User Account Control: Run all administrators in Admin Approval Mode1ValueValueradio101Microsoft Windows: User Account Control: Switch to the secure desktop when prompting for elevation1ValueValueradio101Microsoft Windows: User Account Control: Virtualize file and registry write failures to per-user locations1ValueValueradio101Microsoft Windows: Service: Bluetooth Handsfree Service1ValueValueradio401234Microsoft Windows: Service: Bluetooth Support Service1ValueValueradio401234Microsoft Windows: Service: Computer Browser1ValueValueradio401234Microsoft Windows 10: Service: Downloaded Maps Manager1ValueValueradio401234Microsoft Windows 10: Service: Geolocation Service1ValueValueradio401234Microsoft Windows: Service: HomeGroup Listener1ValueValueradio401234Microsoft Windows: Service: HomeGroup Provider1ValueValueradio401234Microsoft Windows: Service: IIS Admin Service1ValueValueradio401234Microsoft Windows 10: Service: Infrared monitor service1ValueValueradio401234Microsoft Windows: Service: Internet Connection Sharing (ICS)1ValueValueradio401234Microsoft Windows: Service: Link-Layer Topology Discovery Mapper1ValueValueradio401234Microsoft Windows 10: Service: LxssManager1ValueValueradio401234Microsoft Windows: Service: Microsoft FTP Service1ValueValueradio401234Microsoft Windows: Service: Microsoft iSCSI Initiator Service1ValueValueradio401234Microsoft Windows: Service: Peer Name Resolution Protocol1ValueValueradio401234Microsoft Windows: Service: Peer Networking Grouping1ValueValueradio401234Microsoft Windows: Service: Peer Networking Identity Manager1ValueValueradio401234Microsoft Windows: Service: PNRP Machine Name Publication Service1ValueValueradio401234Microsoft Windows: Service: Problem Reports and Solutions Control Panel Support1ValueValueradio401234Microsoft Windows: Service: Remote Access Auto Connection Manager1ValueValueradio401234Microsoft Windows: Service: Remote Desktop Configuration1ValueValueradio401234Microsoft Windows: Service: Remote Desktop Services1ValueValueradio401234Microsoft Windows: Service: Remote Desktop Services UserMode Port Redirector1ValueValueradio401234Microsoft Windows: Service: Remote Procedure Call (RPC) Locator1ValueValueradio401234Microsoft Windows: Service: Remote Registry1ValueValueradio401234Microsoft Windows: Service: Routing and Remote Access1ValueValueradio401234Microsoft Windows: Service: Server1ValueValueradio401234Microsoft Windows: Service: Simple TCP/IP Services1ValueValueradio401234Microsoft Windows: Service: SNMP Service1ValueValueradio401234Microsoft Windows: Service: SSDP Discovery1ValueValueradio401234Microsoft Windows: Service: UPnP Device Host1ValueValueradio401234Microsoft Windows: Service: Web Management Service1ValueValueradio401234Microsoft Windows: Service: Windows Error Reporting Service1ValueValueradio401234Microsoft Windows: Service: Windows Event Collector1ValueValueradio401234Microsoft Windows: Service: Windows Media Player Network Sharing Service1ValueValueradio401234Microsoft Windows 10: Service: Windows Mobile Hotspot Service1ValueValueradio401234Microsoft Windows 10: Service: Windows Push Notifications System Service1ValueValueradio401234Microsoft Windows: Service: Windows Remote Management (WS-Management)1ValueValueradio401234Microsoft Windows: Service: WinHTTP Web Proxy Auto-Discovery Service1ValueValueradio401234Microsoft Windows: Service: World Wide Web Publishing Service1ValueValueradio401234Microsoft Windows 10: Service: Xbox Accessory Management Service1ValueValueradio401234Microsoft Windows 10: Service: Xbox Game Monitoring1ValueValueradio401234Microsoft Windows 10: Service: Xbox Live Auth Manager1ValueValueradio401234Microsoft Windows 10: Service: Xbox Live Game Save1ValueValueradio401234Microsoft Windows 10: Service: Xbox Live Networking Service1ValueValueradio401234Microsoft Windows: Prevent enabling lock screen camera1ValueValueradio101Microsoft Windows: Prevent enabling lock screen slide show1ValueValueradio101Microsoft Windows: Allow Input Personalization1ValueValueradio010Microsoft Windows: Presence of LAPS AdmPwd GPO Extension / CSE1ValueValueradio101Microsoft Windows: LAPS: password expiration not longer than required by policy1ValueValueradio101Microsoft Windows: LAPS: Enable local admin password management1ValueValueradio101Microsoft Windows: LAPS: Password Settings: Password Complexity1ValueValueradio41234Microsoft Windows: LAPS: Password Settings: Password Length1MinimumMinimumentry1515Microsoft Windows: LAPS: Password Settings: Password Age (Days)1MaximumMaximumentry3030Microsoft Windows: MS Security Guide: Apply UAC restrictions to local accounts on network logons1ValueValueradio010Microsoft Windows: MS Security Guide: Configure SMB v1 client driver1ValueValueradio4234Microsoft Windows: MS Security Guide: Enable Structured Exception Handling Overwrite Protection1ValueValueradio010Microsoft Windows: MS Security Guide: WDigest Authentication1ValueValueradio010Microsoft Windows: MSS: IPv6 source routing protection level1ValueValueradio2012Microsoft Windows: MSS: IP source routing protection level1ValueValueradio2012Microsoft Windows: MSS: Prevent the dial-up passsword from being saved1ValueValueradio101Microsoft Windows: MSS: Allow ICMP redirects to override OSPF generated routes1ValueValueradio010Microsoft Windows: MSS: How often keep-alive packets are sent in milliseconds1ValueValueentry300000300000Microsoft Windows: MSS: (AutoAdminLogon) Enable Automatic Logon1ValueValueradio010Microsoft Windows: MS Security Guide: Configure SMB v1 server1ValueValueradio010Microsoft Windows: Turn off game updates1ValueValueradio010Microsoft Windows: MSS: Ignore NetBIOS name release requests except from WINS servers1ValueValueradio101Microsoft Windows: MSS: Allow IRDP to detect and configure Default Gateway addresses1ValueValueradio010Microsoft Windows: MSS: Enable Safe DLL search mode1ValueValueradio101Microsoft Windows: MSS: Time (seconds) before the screen saver grace period expires1MaxMaxentry55Microsoft Windows: MSS: How many times unacknowledged data is retransmitted (IPv6)1MaxMaxentry33Microsoft Windows: MSS: How many times unacknowledged data is retransmitted1MaxMaxentry33Microsoft Windows: MSS: Percentage threshold for security event log (show warning)1MaxMaxentry9090Microsoft Windows: Turn off multicast name resolution1ValueValueradio010Microsoft Windows: NetBIOS Node Type1ValueValueradio21482Microsoft Windows: Enable Font Providers1ValueValueradio010Microsoft Windows: Enable insecure guest logons1ValueValueradio010Microsoft Windows: Turn on Mapper I/O (LLTDIO) driver1ValueValueradio010Microsoft Windows: Turn on Responder (RSPNDR) driver1ValueValueradio010Microsoft Windows: Turn off Microsoft Peer-to-Peer Networking Services1ValueValueradio101Microsoft Windows: Require domain users to elevate when setting a networks location1ValueValueradio101Microsoft Windows: Prohibit use of Internet Connection Sharing on your DNS domain network1ValueValueradio010Microsoft Windows: Prohibit installation and configuration of Network Bridge on the DNS domain network1ValueValueradio010Microsoft Windows: Hardened UNC Paths1ValueValueentryRequireMutualAuthentication=1, RequireIntegrity=1RequireMutualAuthentication=1, RequireIntegrity=1Microsoft Windows: Disable IPv61ValueValueradio2550124810161732255Microsoft Windows: Configuration of wireless settings using Windows Connect Now1ValueValueradio010Microsoft Windows: Prohibit access of the Windows Connect Now wizards1ValueValueradio101Microsoft Windows: Minimize number of simultaneous connections to the Internet or a Windows Domain1ValueValueradio101Microsoft Windows: Prohibit connection to non-domain networks (in domain authenticated network)1ValueValueradio101Microsoft Windows 10: Automatically connect to suggested open hotspots1ValueValueradio010Microsoft Windows: Include command line in process creation events1ValueValueradio010Microsoft Windows: Remote host allows delegation of non-exportable credentials1ValueValueradio101Microsoft Windows: Prevent installation of devices that match any of these device IDs1ValueValueradio101Microsoft Windows: Block SBP-2 Driver and Thunderbolt controllers1ValueValueentryPCI\CC_0C0APCI\CC_0C0AMicrosoft Windows: Prevent installation of devices also to already installed1ValueValueradio101Microsoft Windows: Prevent installation of devices using drivers that match these device setup classes1ValueValueradio101Microsoft Windows: Block SBP-2 Driver and Thunderbolt controllers (Driver Setup Class)1ValueValueentry{d48179be-ec20-11d1-b6b8-00c04fa372a7}{d48179be-ec20-11d1-b6b8-00c04fa372a7}Microsoft Windows: Prevent installation of devices also to already installed (Driver Setup Class)1ValueValueradio101Microsoft Windows: Boot-Start Driver Initialization Policy1ValueValueradio301783Microsoft Windows: Configure registry policy processing: Do not apply during periodic background processing1ValueValueradio010Microsoft Windows: Configure registry policy processing: Process even if the Group Policy objects have not changed1ValueValueradio010Microsoft Windows: Turn off background refresh of Group Policy1ValueValueradio010Microsoft Windows: Continue experiences on this device1ValueValueradio010Microsoft Windows: Turn off access to the Store1ValueValueradio101Microsoft Windows: Turn off downloading of print drivers over HTTP1ValueValueradio101Microsoft Windows: Turn off handwriting personalization data sharing1ValueValueradio101Microsoft Windows: Turn off handwriting recognition error reporting1ValueValueradio101Microsoft Windows: Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com1ValueValueradio101Microsoft Windows: Turn off Internet download for Web publishing and online ordering wizards1ValueValueradio101Microsoft Windows: Turn off printing over HTTP1ValueValueradio101Microsoft Windows: Turn off Registration if URL connection is referring to Microsoft.com1ValueValueradio101Microsoft Windows: Turn off Search Companion content file updates1ValueValueradio101Microsoft Windows: Turn off the 'Order Prints' picture task1ValueValueradio101Microsoft Windows: Turn off the 'Publish to Web' task for files and folders1ValueValueradio101Microsoft Windows: Turn off the Windows Messenger Customer Experience Improvement Program1ValueValueradio212Microsoft Windows: Turn off Windows Customer Experience Improvement Program1ValueValueradio010Microsoft Windows: Disable Windows Error Reporting1ValueValueradio101Microsoft Windows 10: Allow a Windows app to share application data between users1ValueValueradio010Microsoft Windows: Allow Microsoft accounts to be optional1ValueValueradio101Microsoft Windows 10: Universal Windows apps with Windows Runtime API access1ValueValueradio101Microsoft Windows 10: Configure enhanced anti-spoofing1ValueValueradio101Microsoft Windows: Allow access to BitLocker-protected fixed data drives from earlier versions of Windows1ValueValueradioDisabledFAT32DisabledMicrosoft Windows: BitLocker-protected fixed drives recovery1ValueValueradio101Microsoft Windows: Recovering of BitLocker-protected fixed drives (Recovery Password)1ValueValueradio2012Microsoft Windows: Recovering of BitLocker-protected fixed drives (Recovery Key)1ValueValueradio2012Microsoft Windows: Recovering of BitLocker-protected fixed drives (Setup Wizard)1ValueValueradio101Microsoft Windows: Recovering of BitLocker-protected fixed drives (AD Backup)1ValueValueradio010Microsoft Windows: Recovering of BitLocker-protected fixed drives (infos to store)1ValueValueradio121Microsoft Windows: Recovering of BitLocker-protected fixed drives (Require AD Backup)1ValueValueradio010Microsoft Windows: Configure use of hardware-based encryption for fixed data drives1ValueValueradio101Microsoft Windows: Hardware-based encryption: BitLockers software-based encryption1ValueValueradio101Microsoft Windows: Hardware-based encryption: Restrict encryption algorithms1ValueValueradio010Microsoft Windows: Hardware-based encryption: Restrict crypto algorithms1ValueValueentry2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.422.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42Microsoft Windows: Require passwords for fixed data drives1ValueValueradio010Microsoft Windows: Use of smart cards on fixed data drives1ValueValueradio101Microsoft Windows: Require use of smart cards on fixed data drives1ValueValueradio101Microsoft Windows: Recovering of BitLocker-protected fixed drives (agent)1ValueValueradio101Microsoft Windows: Allow enhanced PINs for startup1ValueValueradio101Microsoft Windows: Allow Secure Boot for integrity validation1ValueValueradio101Microsoft Windows: BitLocker-protected operating system drives recovery1ValueValueradio101Microsoft Windows: BitLocker-protected operating system drives recovery (agent)1ValueValueradio010Microsoft Windows: BitLocker-protected operating system drives recovery (password)1ValueValueradio1021Microsoft Windows: BitLocker-protected operating system drives recovery (key)1ValueValueradio0120Microsoft Windows: BitLocker-protected operating system drives recovery (wizard)1ValueValueradio101Microsoft Windows: BitLocker-protected operating system drives recovery (AD backup)1ValueValueradio101Microsoft Windows: BitLocker-protected operating system drives recovery (AD backup info)1ValueValueradio121Microsoft Windows: BitLocker-protected operating system drives recovery (require AD backup)1ValueValueradio101Microsoft Windows: Configure minimum PIN length for startup1MinimumMinimumentry77Microsoft Windows: Use of hardware-based encryption for OS drives1ValueValueradio101Microsoft Windows: Hardware-based encryption for OS drives (software encryption failover)1ValueValueradio101Microsoft Windows: Hardware-based encryption for OS drives (restrict algorithms)1ValueValueradio010Microsoft Windows: Hardware-based encryption for OS drives (allowed algorithms)1ValueValueentry2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.422.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42Microsoft Windows: Configure use of passwords for operating system drives1ValueValueradio010Microsoft Windows: Require additional authentication at startup1ValueValueradio101Microsoft Windows: Require additional authentication at startup (BitLocker without TPM)1ValueValueradio010Microsoft Windows: Require additional authentication at startup (TPM startup)1ValueValueradio0120Microsoft Windows: Require additional authentication at startup (TPM startup PIN)1ValueValueradio1021Microsoft Windows: Require additional authentication at startup (TPM startup key)1ValueValueradio0120Microsoft Windows: Require additional authentication at startup (TPM startup key and PIN)1ValueValueradio0120Microsoft Windows: Access to BitLocker-protected removable data drives (earlier Windows versions)1ValueValueentryDisabledDisabledMicrosoft Windows: BitLocker-protected removable drives recovery1ValueValueradio101Microsoft Windows: BitLocker-protected removable drives recovery (agent)1ValueValueradio101Microsoft Windows: BitLocker-protected removable drives recovery (password)1ValueValueradio0120Microsoft Windows: BitLocker-protected removable drives recovery (key)1ValueValueradio0120Microsoft Windows: BitLocker-protected removable drives recovery (wizard)1ValueValueradio101Microsoft Windows: BitLocker-protected removable drives recovery (AD backup)1ValueValueradio010Microsoft Windows: BitLocker-protected removable drives recovery (AD backup info)1ValueValueradio1021Microsoft Windows: BitLocker-protected removable drives recovery (require AD)1ValueValueradio010Microsoft Windows: Use of hardware-based encryption (removable data drives)1ValueValueradio101Microsoft Windows: Use of hardware-based encryption (software encryption failover)1ValueValueradio101Microsoft Windows: Use of hardware-based encryption (restrict algorithms)1ValueValueradio010Microsoft Windows: Use of hardware-based encryption (allowed algorithms)1ValueValueentry2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.422.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42Microsoft Windows: Configure use of passwords for removable data drives1ValueValueradio010Microsoft Windows: Use of smart cards on removable data drives1ValueValueradio101Microsoft Windows: Use of smart cards on removable data drives (required)1ValueValueradio101Microsoft Windows: Deny write access to removable drives not protected by BitLocker1ValueValueradio101Microsoft Windows: Write access to devices configured in another organization1ValueValueradio010Microsoft Windows 10: Drive encryption method and cipher strength (Windows 10)1operating system drivesoperating system drivesradio73467Microsoft Windows 10: Drive encryption method and cipher strength (Windows 10)2fixed data drivesfixed data drivesradio73467Microsoft Windows 10: Drive encryption method and cipher strength (Windows 10)3removable data drivesremovable data drivesradio73467Microsoft Windows 10: Disable new DMA devices when this computer is locked1ValueValueradio101Microsoft Windows 10: Allow Use of Camera1ValueValueradio010Microsoft Windows 10: Turn off Microsoft consumer experiences1ValueValueradio101Microsoft Windows 10: Require pin for pairing1ValueValueradio101Microsoft Windows: Do not display the password reveal button1ValueValueradio101Microsoft Windows: Enumerate administrator accounts on elevation1ValueValueradio010Microsoft Windows: Authenticated Proxy usage (Connected User Experience and Telemetry)1ValueValueradio101Microsoft Windows 10: Disable pre-release features or settings1ValueValueradio010Microsoft Windows 10: Do not show feedback notifications1ValueValueradio101Microsoft Windows 10: Toggle user control over Insider builds1ValueValueradio010Microsoft Windows 10: Download Mode1ValueValueradio0123991000Microsoft Windows: Event Log behavior when log file reaches its max size (App)1ValueValueradio010Microsoft Windows: Specify the maximum log file size (App)1MinimumMinimumentry3276832768Microsoft Windows: Event Log behavior when log file reaches its max size (Security)1ValueValueradio010Microsoft Windows: Specify the maximum log file size (Security)1MinimumMinimumentry3276832768Microsoft Windows: Event Log behavior when log file reaches its max size (Setup)1ValueValueradio010Microsoft Windows: Specify the maximum log file size (Setup)1MinimumMinimumentry3276832768Microsoft Windows: Event Log behavior when log file reaches its max size (System)1ValueValueradio010Microsoft Windows: Specify the maximum log file size (System)1MinimumMinimumentry3276832768Microsoft Windows: Turn off Data Execution Prevention for Explorer1ValueValueradio010Microsoft Windows: Heap termination on corruption1ValueValueradio010Microsoft Windows: Shell protocol protected mode1ValueValueradio010Microsoft Windows: Prevent the computer from joining a homegroup1ValueValueradio101Microsoft Windows 10: Pop-up Blocker (Edge)1ValueValueradioyesnoyesMicrosoft Windows 10: Consumer Microsoft account user authentication1ValueValueradio101Microsoft Windows 10: Address bar drop-down list suggestions (Edge)1ValueValueradio010Microsoft Windows 10: Allow Adobe Flash (Edge)1ValueValueradio010Microsoft Windows 10: Allow Extensions (Edge)1ValueValueradio010Microsoft Windows 10: InPrivate browsing (Edge)1ValueValueradio010Microsoft Windows 10: Configure Cookies (Edge)1MaximumMaximumradio1021Microsoft Windows 10: Password Manager (Edge)1ValueValueradionoyesnoMicrosoft Windows 10: Search suggestions in Address bar (Edge)1ValueValueradio010Microsoft Windows 10: Adobe Flash Click-to-Run (Edge)1ValueValueradio101Microsoft Windows 10: Prevent access to the about:flags page in Microsoft Edge1ValueValueradio101Microsoft Windows 10: Localhost IP address for WebRTC (Edge)1ValueValueradio101Microsoft Windows: Passwords Saving (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Allow users to connect remotely by using Remote Desktop Services1ValueValueradio101Microsoft Windows: COM port redirection (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Do not allow drive redirection1ValueValueradio101Microsoft Windows: LPT port redirection (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Plug and Play device redirection (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Always prompt for password upon connection1ValueValueradio101Microsoft Windows: Require secure RPC communication1ValueValueradio101Microsoft Windows: Client connection encryption level1ValueValueradio3123Microsoft Windows: Idle time limit (Remote Desktop Services)1MaximumMaximumentry900000900000Microsoft Windows: Time limit for disconnected sessions (Remote Desktop Services)1MaximumMaximumentry6000060000Microsoft Windows: Delete temp folders upon exit (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Temporary folders per session (Remote Desktop Services)1ValueValueradio101Microsoft Windows: Downloading of enclosures (RSS Feed)1ValueValueradio101Microsoft Windows 10: Allow Cortana above lock screen1ValueValueradio010Microsoft Windows: Allow indexing of encrypted files1ValueValueradio010Microsoft Windows 10: Allow search and Cortana to use location1ValueValueradio010Microsoft Windows 10: KMS Client Online AVS Validation1ValueValueradio101Microsoft Windows 10: Disable all apps from Windows Store1ValueValueradio101Microsoft Windows: Automatic Download and Install of updates (Store)1ValueValueradio424Microsoft Windows: Offer to update to the latest version of Windows (Store)1ValueValueradio101Microsoft Windows: Turn off the Store application1ValueValueradio101Microsoft Windows: Configure Watson events1ValueValueradio101Microsoft Windows: Windows Defender SmartScreen (Explorer)1ValueValueradioWarnBlockWarnMicrosoft Windows 10: Windows Defender SmartScreen (Edge)1ValueValueradio101Microsoft Windows 10: Windows Defender SmartScreen prompts for files (Edge)1ValueValueradio101Microsoft Windows 10: Windows Defender SmartScreen prompts for sites (Edge)1ValueValueradio101Microsoft Windows 10: Windows Game Recording and Broadcasting1ValueValueradio010Microsoft Windows 10: Windows Ink Workspace1MaximumMaximumradio0120Microsoft Windows 10: Suggested apps in Windows Ink Workspace1ValueValueradio010Microsoft Windows: User control over installs1ValueValueradio010Microsoft Windows: Always install with elevated privileges1ValueValueradio010Microsoft Windows: IE security prompt for Windows Installer scripts1ValueValueradio010Microsoft Windows: Sign-in last interactive user automatically1ValueValueradio101Microsoft Windows: PowerShell Script Block Logging1ValueValueradio010Microsoft Windows: PowerShell Transcription1ValueValueradio010Microsoft Windows: Basic authentication (RM Client)1ValueValueradio010Microsoft Windows: Unencrypted traffic (RM Client)1ValueValueradio010Microsoft Windows: Digest authentication (RM Client)1ValueValueradio010Microsoft Windows: Basic authentication (RM Service)1ValueValueradio010Microsoft Windows: Remote server management (RM Service)1ValueValueradio010Microsoft Windows: Unencrypted traffic (RM Service)1ValueValueradio010Microsoft Windows: Store RunAs credentials (RM Service)1ValueValueradio101Microsoft Windows: Remote Shell Access1ValueValueradio010Microsoft Windows: Select when Preview Builds and Feature Updates are received1DeferFeatureUpdatesDeferFeatureUpdatesradio101Microsoft Windows: Select when Preview Builds and Feature Updates are received2BranchReadinessLevelBranchReadinessLevelradio322481632Microsoft Windows: Select when Preview Builds and Feature Updates are received3DeferFeatureUpdatesPeriodInDaysDeferFeatureUpdatesPeriodInDaysentry180180Microsoft Windows: Select when Quality Updates are received1DeferQualityUpdatesDeferQualityUpdatesradio101Microsoft Windows: Select when Quality Updates are received2DeferQualityUpdatesPeriodInDaysDeferQualityUpdatesPeriodInDaysentry00Microsoft Windows: Automatic Updates1ValueValueradio010Microsoft Windows: Automatic Updates: Scheduled install day1ValueValueradio012345670Microsoft Windows: Auto-restart with logged on users (scheduled AU)1ValueValueradio101Microsoft Windows: Enable screen saver1ValueValueradio101Microsoft Windows: Force specific screen saver1ValueValueentryNoneNoneMicrosoft Windows: Password protect the screen saver1ValueValueradio101Microsoft Windows: Screen saver timeout1MaximumMaximumentry900900Microsoft Windows: Turn off toast notifications on the lock screen1ValueValueradio101Microsoft Windows: Turn off Help Experience Improvement Program1ValueValueradio101Microsoft Windows: Do not preserve zone information in file attachments1ValueValueradio212Microsoft Windows: Notify antivirus programs when opening attachments1ValueValueradio313Microsoft Windows 10: Configure Windows spotlight on lock screen1ValueValueradio212Microsoft Windows 10: Do not suggest third-party content in Windows spotlight1ValueValueradio101Microsoft Windows 10: Do not use diagnostic data for tailored experiences1ValueValueradio101Microsoft Windows 10: Turn off all Windows spotlight features1ValueValueradio101Microsoft Windows: Prevent users from sharing files within their profile1ValueValueradio101Microsoft Windows: Always install with elevated privileges (User Templates)1ValueValueradio010Microsoft Windows: Prevent Codec Download (Media Player)1ValueValueradio101Microsoft Windows 10: Support device authentication using certificate1ValueValueradio010Microsoft Windows: Disallow copying of user input methods to the system account for sign-in1ValueValueradio101Microsoft Windows: Do not display network selection UI1ValueValueradio101Microsoft Windows: Do not enumerate connected users on domain-joined computers1ValueValueradio101Microsoft Windows: Enumerate local users on domain-joined computers1ValueValueradio010Microsoft Windows: Turn off app notifications on the lock screen1ValueValueradio010Microsoft Windows: Turn on convenience PIN sign-in1ValueValueradio010Microsoft Windows: Block user from showing account details on sign-in1ValueValueradio101Microsoft Windows: Untrusted Font Blocking1ValueValueradio1000000000000200000000000030000000000001000000000000Microsoft Windows: Allow standby states (S1-S3) when sleeping (on battery)1ValueValueradio010Microsoft Windows: Allow standby states (S1-S3) when sleeping (plugged in)1ValueValueradio010Microsoft Windows: Require a password when a computer wakes (on battery)1ValueValueradio101Microsoft Windows: Require a password when a computer wakes (plugged in)1ValueValueradio101Microsoft Windows: Allow network connectivity during connected-standby (plugged in)1ValueValueradio010Microsoft Windows: Allow network connectivity during connected-standby (on battery)1ValueValueradio010Microsoft Windows: Configure Offer Remote Assistance1ValueValueradio010Microsoft Windows: Configure Solicited Remote Assistance1ValueValueradio010Microsoft Windows: Enable RPC Endpoint Mapper Client Authentication1ValueValueradio101Microsoft Windows: Restrict Unauthenticated RPC clients1ValueValueradio1021Microsoft Windows: Turn on MSDT interactive communication with support provider1ValueValueradio010Microsoft Windows: Enable/Disable PerfTrack1ValueValueradio010Microsoft Windows: Turn off the advertising ID1ValueValueradio101Microsoft Windows: Enable Windows NTP Client1ValueValueradio101Microsoft Windows: Enable Windows NTP Server1ValueValueradio010Microsoft Windows: Turn off Windows Mail application1ValueValueradio010Microsoft Windows Firewall: Domain: Firewall state1ValueValueradio101Microsoft Windows Firewall: Domain: Inbound connections1ValueValueradio101Microsoft Windows Firewall: Domain: Outbound connections1ValueValueradio010Microsoft Windows Firewall: Domain: Settings: Display a notification1ValueValueradio010Microsoft Windows Firewall: Domain: Logging: Name1ValueValueentry%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log%SYSTEMROOT%\System32\logfiles\firewall\domainfw.logMicrosoft Windows Firewall: Domain: Logging: Size limit (KB)1MinimumMinimumentry1638416384Microsoft Windows Firewall: Domain: Logging: Log dropped packets1ValueValueradio101Microsoft Windows Firewall: Domain: Logging: Log successful connections1ValueValueradio101Microsoft Windows Firewall: Private: Firewall state1ValueValueradio101Microsoft Windows Firewall: Private: Inbound connections1ValueValueradio101Microsoft Windows Firewall: Private: Outbound connections1ValueValueradio010Microsoft Windows Firewall: Private: Settings: Display a notification1ValueValueradio010Microsoft Windows Firewall: Private: Logging: Name1ValueValueentry%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log%SYSTEMROOT%\System32\logfiles\firewall\domainfw.logMicrosoft Windows Firewall: Private: Logging: Size limit (KB)1MinimumMinimumentry1638416384Microsoft Windows Firewall: Private: Logging: Log dropped packets1ValueValueradio101Microsoft Windows Firewall: Private: Logging: Log successful connections1ValueValueradio101Microsoft Windows Firewall: Public: Firewall state1ValueValueradio101Microsoft Windows Firewall: Public: Inbound connections1ValueValueradio101Microsoft Windows Firewall: Public: Outbound connections1ValueValueradio010Microsoft Windows Firewall: Public: Settings: Display a notification1ValueValueradio010Microsoft Windows Firewall: Public: Logging: Name1ValueValueentry%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log%SYSTEMROOT%\System32\logfiles\firewall\domainfw.logMicrosoft Windows Firewall: Public: Logging: Size limit (KB)1MinimumMinimumentry1638416384Microsoft Windows Firewall: Public: Logging: Log dropped packets1ValueValueradio101Microsoft Windows Firewall: Public: Logging: Log successful connections1ValueValueradio101Microsoft Windows: Audit Credential Validation1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Application Group Management1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Computer Account Management1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Other Account Management Events1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Security Group Management1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit User Account Management1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit PNP Activity1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Process Creation1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Account Lockout1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Group Membership1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Logoff1ValueValueradioSuccessNo AuditingSuccessMicrosoft Windows: Audit Logon1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Other Logon/Logoff Events1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Special Logon1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Removable Storage1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Audit Policy Change1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Authentication Policy Change1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Authorization Policy Change1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Sensitive Privilege Use1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit IPsec Driver1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Other System Events1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Security State Change1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Security System Extension1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit System Integrity1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Turn On Virtualization Based Security1ValueValueradio101Microsoft Windows: Turn On Virtualization Based Security (Select Platform Security Level)1ValueValueradio131Microsoft Windows: Turn On Virtualization Based Security (Virtualization Based Protection of Code Integrity)1ValueValueradio01230Microsoft Windows: Turn On Virtualization Based Security (Require UEFI Memory Attributes Table)1ValueValueradio010Microsoft Windows: Turn On Virtualization Based Security (Credential Guard Configuration)1ValueValueradio01230Microsoft Windows: LSA Protection1ValueValueradio101Microsoft Windows: Enable Encrypted File System1ValueValueradio010Microsoft Windows: Script Execution1ValueValueradio101Microsoft Windows: Turn on Script Execution1ValueValueradioAllSignedRemoteSignedUnrestrictedAllSignedMicrosoft Windows: Service: Connected User Experiences and Telemetry Service1ValueValueradio401234Microsoft Windows: Configure Connected User Experiences and Telemetry1ProxyProxyentryNoneNoneMicrosoft Windows Defender AV: Block Office applications from creating child processes1ValueValueradio1021Microsoft Windows Defender AV: Turn off routine remediation1ValueValueradio010Microsoft Windows Defender AV: Path Exclusions1ValueValueradio010Microsoft Windows Defender AV: Process Exclusions1ValueValueradio010Microsoft Windows Defender AV: Turn off Auto Exclusions1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override for reporting to Microsoft MAPS1ValueValueradio010Microsoft Windows Defender AV: Configure the Block at First Sight feature1ValueValueradio010Microsoft Windows Defender AV: Turn on protocol recognition1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override for monitoring file and program activity1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override for monitoring for incoming and outgoing file activity1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override for scanning all downloaded files and attachments1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override for turn on behavior monitoring1ValueValueradio010Microsoft Windows Defender AV: Configure local setting override to turn on real-time protection1ValueValueradio010Microsoft Windows Defender AV: Configure monitoring for incoming and outgoing file and program activity1ValueValueradio0120Microsoft Windows Defender AV: Monitor file and program activity on your computer1ValueValueradio010Microsoft Windows Defender AV: Scan all downloaded files and attachments1ValueValueradio010Microsoft Windows Defender AV: Turn off real-time protection1ValueValueradio010Microsoft Windows Defender AV: Turn on behavior monitoring1ValueValueradio010Microsoft Windows Defender AV: Turn on process scanning whenever real-time protection is enabled1ValueValueradio010Microsoft Windows Defender AV: Scan archive files1ValueValueradio010Microsoft Windows Defender AV: Scan removable drives1ValueValueradio010Microsoft Windows Defender AV: Specify the day of the week to run a scheduled scan1ValueValueradio0123456780Microsoft Windows Defender AV: Specify the day of the week to check for definition updates1ValueValueradio0123456780Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (Severe)1ValueValueradio2362Microsoft Windows Defender AV: Block executable content from email client and webmail1ValueValueradio101Microsoft Windows Defender AV: Block Office applications from creating executable content1ValueValueradio101Microsoft Windows Defender AV: Block Office applications from injecting into other processes1ValueValueradio101Microsoft Windows Defender AV: Impede JavaScript and VBScript to launch executables1ValueValueradio101Microsoft Windows Defender AV: Block execution of potentially obfuscated scripts1ValueValueradio101Microsoft Windows Defender AV: Block Win32 imports from macro code in Office1ValueValueradio101Microsoft Windows Defender AV: Prevent users and apps from accessing dangerous websites1ValueValueradio1021Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (High)1ValueValueradio2362Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (Medium)1ValueValueradio2362Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (Low)1ValueValueradio2362Microsoft Office: Protection From Zone Elevation1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Protection From Zone Elevation2ValueValueradio101Microsoft Office: Mime Sniffing Safety Feature1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Mime Sniffing Safety Feature2ValueValueradio101Microsoft Office: Information Bar1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Information Bar2ValueValueradio101Microsoft Office: Bind to object1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Bind to object2ValueValueradio101Microsoft Office: Restrict File Download1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Restrict File Download2ValueValueradio101Microsoft Office: Saved from URL1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Saved from URL2ValueValueradio101Microsoft Office: Disable user name and password1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Disable user name and password2ValueValueradio101Microsoft Office: Scripted Window Security Restrictions1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Scripted Window Security Restrictions2ValueValueradio101Microsoft Office: Local Machine Zone Lockdown Security1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Local Machine Zone Lockdown Security2ValueValueradio101Microsoft Office: Object Caching Protection1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Object Caching Protection2ValueValueradio101Microsoft Office: Consistent Mime Handling1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Consistent Mime Handling2ValueValueradio101Microsoft Office: Add-on Management1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Add-on Management2ValueValueradio101Microsoft Office: Navigate URL1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Navigate URL2ValueValueradio101Microsoft Office: Restrict ActiveX Install1Office ApplicationsOffice Applicationsentrygroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exegroove.exe, excel.exe, mspub.exe, powerpnt.exe, pptview.exe, visio.exe, winproj.exe, outlook.exe, spDesign.exe, exprwd.exe, msaccess.exe, onent.exe, mse7.exeMicrosoft Office: Restrict ActiveX Install2ValueValueradio101Microsoft Access: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft Excel: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft InfoPath: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft Outlook: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft PowerPoint: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft Publisher: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft Word: Disable UI Extending from Documents and Templates1ValueValueradio101Microsoft Office: Never allow users to specify groups when restricting permission for documents1ValueValueradio101Microsoft Office: Always expand groups in Office when restricting permission for documents1ValueValueradio101Microsoft Office: Block opening of pre-release versions of file formats new to PowerPoint 20131ValueValueradio101Microsoft Office: Block opening of pre-release versions of file formats new to Excel 20131ValueValueradio101Microsoft Office: Disable Opt-in Wizard on first run1ValueValueradio101Microsoft Office: Send personal information1ValueValueradio010OpenStack Keystone: Check ownership of configuration files1filesfilesentrykeystone.conf;keystone-paste.ini;policy.json;logging.conf;ssl/certs/signing_cert.pem;ssl/private/signing_key.pem;ssl/certs/ca.pemkeystone.conf;keystone-paste.ini;policy.json;logging.conf;ssl/certs/signing_cert.pem;ssl/private/signing_key.pem;ssl/certs/ca.pemOpenStack Keystone: Check ownership of configuration files2user/group ownershipuser/group ownershipentrykeystone keystonekeystone keystoneOpenStack Keystone: Check permissions of configuration files1filesfilesentrykeystone.conf;keystone-paste.ini;policy.json;logging.conf;ssl/certs/signing_cert.pem;ssl/private/signing_key.pem;ssl/certs/ca.pemkeystone.conf;keystone-paste.ini;policy.json;logging.conf;ssl/certs/signing_cert.pem;ssl/private/signing_key.pem;ssl/certs/ca.pemOpenStack Keystone: Check permissions of configuration files2permissionspermissionsentry640640OpenStack Keystone: Hashing algorithm for PKI tokens1algorithmalgorithmradiosha256md5sha256OpenStack Keystone: Maximum body size per request1maximummaximumentry114688114688OpenStack Keystone: Insecure debug1ValueValueradiodisabledenableddisabledOpenStack Keystone: Token provider1token providertoken providerradiofernetuuidfernetOpenStack Keystone: Admin token1StatusStatusradiodisabledenableddisabledMicrosoft Windows: Service: Telnet (TlntSvr)1ValueValueradio401234Microsoft Windows: Audit File Share1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Audit Other Object Access Events1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Turn off picture password sign-in1ValueValueradio101Microsoft Windows: Choose drive encryption method and cipher strength1ValueValueradioAES 256-bitAES 128-bitAES 256-bitMicrosoft Windows: Turn off location1ValueValueradio101Microsoft Windows: Prevent the usage of OneDrive for file storage on Windows 8.11ValueValueradio101Microsoft Windows 8.1: Set what information is shared in Search1ValueValueradio30123Microsoft Windows: Configure Windows Defender SmartScreen1ValueValueradio1021Microsoft Windows: Configure Default consent1ValueValueradio12341Microsoft Windows 8.1: Automatically send memory dumps for OS-generated error reports1ValueValueradio30123Microsoft Windows: Turn off tracking of last play time of games in the Games folder1ValueValueradio010Microsoft Windows 10: Bypass traverse checking1ValueValueentryAdministrators, Authenticated Users, Local Service, Network ServiceAdministrators, Authenticated Users, Local Service, Network ServiceMicrosoft Windows: Interactive logon: Require Domain Controller authentication to unlock workstation1ValueValueradio010Microsoft Windows: Allow cryptography algorithms compatible with Windows NT 4.01ValueValueradio010Microsoft Windows: Cipher suite order1ValueValueentryAES_128_GCM,AES_128_CCMAES_128_GCM,AES_128_CCMMicrosoft Windows: Configure server authentication for client1ValueValueradio1021Microsoft Windows: Do not allow smart card device redirection1ValueValueradio101Microsoft Windows: Do not allow web search1ValueValueradio101Microsoft Windows: Do not allow Windows Messenger to be run1ValueValueradio101Microsoft Windows: Do not automatically start Windows Messenger initially1ValueValueradio101Microsoft Windows: Do not connect to any Windows Update Internet locations1ValueValueradio101Microsoft Windows: Status of Windows Script Host (WSH)1ValueValueradio010Microsoft Office: Check OLE objects1ValueValueradio2102Microsoft Office Word: Require that application add-ins are signed by Trusted Publisher1ValueValueradio101Microsoft Office PowerPoint: Require that application add-ins are signed by Trusted Publisher1ValueValueradio101Microsoft Office Excel: Require that application add-ins are signed by Trusted Publisher1ValueValueradio101Microsoft Office Excel: VBA Macro Notification Settings1ValueValueradio101Microsoft Office PowerPoint: VBA Macro Notification Settings1ValueValueradio31243Microsoft Office Word: VBA Macro Notification Settings1ValueValueradio31243Microsoft Office Excel: Block macros from running in Office files from the Internet1ValueValueradio101Microsoft Office Word: Block macros from running in Office files from the Internet1ValueValueradio101Microsoft Office PowerPoint: Block macros from running in Office files from the Internet1ValueValueradio101Microsoft Outlook: Security setting for macros1ValueValueradio31243Linux: Mounting of cramfs filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of freevxfs filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of jffs2 filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of hfs filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of hfsplus filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of squashfs filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of udf filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Mounting of vfat filesystems1StatusStatusradioDisabledEnabledDisabledLinux: Check options for /tmp directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Separate partition for /var1Separate partitionSeparate partitionradioyesnoyesLinux: Check options for /var/tmp directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Separate partition for /var/log directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Separate partition for /var/log/audit directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Check options for /home directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Check options for /dev/shm directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Status of automounting1AutomountingAutomountingradioDisabledEnabledDisabledLinux: AIDE configuration status1ScheduleScheduleradiodailyhourlyweeklymonthlydailyLinux: GRUB Bootloader config file permissions1UidUidentryrootrootLinux: GRUB Bootloader config file permissions2GidGidentryrootrootLinux: GRUB Bootloader config file permissions3PermissionsPermissionsentry400400Linux: GRUB bootloader password1Password protectionPassword protectionradioEnabledDisabledEnabledLinux: Interactive boot status1StatusStatusradioDisabledEnabledDisabledLinux: Restricted core dumps1StatusStatusradioEnabledDisabledEnabledLinux: XD/NX support1StatusStatusradioEnabledDisabledEnabledLinux: Address space layout randomization (ASLR) status1StatusStatusradioEnabledDisabledEnabledLinux: Blacklisted packages1Blacklisted packagesBlacklisted packagesentryprelink,setroubleshoot,mcstrans,xorg-x11,xserver-xorg,ypbind,rsh,talk,telnet,openldap-clientsprelink,setroubleshoot,mcstrans,xorg-x11,xserver-xorg,ypbind,rsh,talk,telnet,openldap-clientsLinux: Blacklisted packages2Show partial matchesShow partial matchesradioNoYesNoLinux: SELinux status in bootloader config1StatusStatusradioEnabledDisabledEnabledLinux: SELinux state1StatusStatusradioEnabledDisabledEnabledLinux: SELinux policy configuration1Policy configurationPolicy configurationentrytargetedtargetedLinux: AppArmor status in bootloader config1StatusStatusradioEnabledDisabledEnabledLinux: AppArmor or SELinux version1SELinuxSELinuxradioYesNoYesLinux: AppArmor or SELinux version2AppArmorAppArmorradioYesNoYesLinux: Motd configuration1Allow OS informationAllow OS informationradioNoYesNoLinux: Motd configuration2UidUidentryrootrootLinux: Motd configuration3GidGidentryrootrootLinux: Motd configuration4PermissionsPermissionsentry400400Linux: Local login warning banner configuration1Allow OS informationAllow OS informationradioNoYesNoLinux: Local login warning banner configuration2UidUidentryrootrootLinux: Local login warning banner configuration3GidGidentryrootrootLinux: Local login warning banner configuration4PermissionsPermissionsentry400400Linux: Remote login warning banner configuration1Allow OS informationAllow OS informationradioNoYesNoLinux: Remote login warning banner configuration2UidUidentryrootrootLinux: Remote login warning banner configuration3GidGidentryrootrootLinux: Remote login warning banner configuration4PermissionsPermissionsentry400400Linux: GDM login banner enabled1GDM login banner enabledGDM login banner enabledradioYesNoYesLinux: Disabled inetd services1ServicesServicesentrychargen;daytime;discard;echo;time;shell;login;exec;talk;ntalk;telnet;tftpchargen;daytime;discard;echo;time;shell;login;exec;talk;ntalk;telnet;tftpLinux: Xinetd status1StatusStatusradioDisabledEnabledDisabledMicrosoft Windows: Do not show Windows tips1ValueValueradio101Linux: IP Forwarding1StatusStatusradioDisabledEnabledDisabledLinux: ICMP Redirect (send)1StatusStatusradioDisabledEnabledDisabledLinux: Accept source routed packets1StatusStatusradioDisabledEnabledDisabledLinux: ICMP Redirect (accept)1StatusStatusradioDisabledEnabledDisabledLinux: Secure ICMP Redirect (accept)1StatusStatusradioDisabledEnabledDisabledLinux: Log Martians packets1StatusStatusradioEnabledDisabledEnabledLinux: Broadcast ICMP echo requests1StatusStatusradioDisabledEnabledDisabledLinux: Log non-standard ICMP messages1StatusStatusradioEnabledDisabledEnabledLinux: Reverse path filtering1StatusStatusradioEnabledDisabledEnabledLinux: TCP SYN Cookies1StatusStatusradioEnabledDisabledEnabledLinux: Accept IPv6 router advertisements1StatusStatusradioDisabledEnabledDisabledLinux: IPv6 ICMP Redirect (accept)1StatusStatusradioYesNoYesLinux: IPv6 status1StatusStatusradioDisabledEnabledDisabledLinux: Disabled network protocols1Network protocolsNetwork protocolsentrydccp;sctp;rds;tipcdccp;sctp;rds;tipcLinux: Auditd configuration1Max logfile sizeMax logfile sizeentry88Linux: Auditd configuration2Max logfile size reached actionMax logfile size reached actionradiokeep_logsignoresyslogsuspendrotatekeep_logsLinux: Auditd configuration3Disk space getting low actionDisk space getting low actionradioemailignoresyslogrotateexecsuspendsinglehaltemailLinux: Auditd configuration4Disk space low actionDisk space low actionradiohaltignoresyslogrotateemailexecsuspendsinglehaltLinux: Audit mutable1MutableMutableradioNoYesNoLinux: Rsyslog configuration1File permissionsFile permissionsentry06400640Linux: Rsyslog configuration2Remote log hostRemote log hostentry*.* @@host.example.com*.* @@host.example.comLinux: Rsyslog configuration3Accept remote rsyslog messagesAccept remote rsyslog messagesradioYesNoYesLinux: Allow use of cron service1PolicyPolicyradioWhitelistingBlacklistingNoneWhitelistingLinux: MAC algorithms1MAC algorithmsMAC algorithmsentryhmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256Linux: Password creation requirements (pam.d)1Load pam_pwquality.so moduleLoad pam_pwquality.so moduleradioYesNoYesLinux: Password creation requirements (pam.d)2try_first_pass optiontry_first_pass optionradioYesNoYesLinux: Password creation requirements (pam.d)3retry optionretry optionentry33Linux: Password creation requirements (pam.d)4minlenminlenentry1414Linux: Password creation requirements (pam.d)5dcreditdcreditentry-1-1Linux: Password creation requirements (pam.d)6ucreditucreditentry-1-1Linux: Password creation requirements (pam.d)7ocreditocreditentry-1-1Linux: Password creation requirements (pam.d)8lcreditlcreditentry-1-1Linux: Lockout policy (pam.d)1DenyDenyentry55Linux: Lockout policy (pam.d)2Unlock timeUnlock timeentry900900Linux: Password history and hash algorithm (pam.d)1Password historyPassword historyentry55Linux: Password history and hash algorithm (pam.d)2Hashing algorithmHashing algorithmradiosha512md5bigcryptsha256blowfishsha512Linux: Disable account when password expires1DaysDaysentry3030Policy Controls: Ok1reporting formatreporting formatradiotabletexttext and tabletablePolicy Controls: Fail1reporting formatreporting formatradiotabletexttext and tabletableLinux: Default user umask1Default umaskDefault umaskentry027027Linux: Default user shell timeout1Default timeoutDefault timeoutentry900900Linux: Restrict root from device1Allow root login from devicesAllow root login from devicesradioNoneAllDefinedNoneLinux: Restrict root from device2Define allowed devicesDefine allowed devicesentryconsole;tty1console;tty1Linux: Restrict users for su command1User list (semi-colon separated)User list (semi-colon separated)entryrootrootLinux: Access /etc/passwd1UidUidentryrootrootLinux: Access /etc/passwd2GidGidentryrootrootLinux: Access /etc/passwd3PermissionsPermissionsentry644644Linux: Access /etc/shadow1UidUidentryrootrootLinux: Access /etc/shadow2GidGidentryrootrootLinux: Access /etc/shadow3PermissionsPermissionsentry640640Linux: Access /etc/group1UidUidentryrootrootLinux: Access /etc/group2GidGidentryrootrootLinux: Access /etc/group3PermissionsPermissionsentry644644Linux: Access /etc/gshadow1UidUidentryrootrootLinux: Access /etc/gshadow2GidGidentryrootrootLinux: Access /etc/gshadow3PermissionsPermissionsentry640640Linux: Access /etc/passwd-1UidUidentryrootrootLinux: Access /etc/passwd-2GidGidentryrootrootLinux: Access /etc/passwd-3PermissionsPermissionsentry644644Linux: Access /etc/shadow-1UidUidentryrootrootLinux: Access /etc/shadow-2GidGidentryrootrootLinux: Access /etc/shadow-3PermissionsPermissionsentry640640Linux: Access /etc/group-1UidUidentryrootrootLinux: Access /etc/group-2GidGidentryrootrootLinux: Access /etc/group-3PermissionsPermissionsentry644644Linux: Access /etc/gshadow-1UidUidentryrootrootLinux: Access /etc/gshadow-2GidGidentryrootrootLinux: Access /etc/gshadow-3PermissionsPermissionsentry644644Linux: SUID files1Files with SUIDFiles with SUIDentryLinux: SGID files1Files with SGIDFiles with SGIDentryLinux: Users with empty password1Users with empty passwordUsers with empty passwordentryMicrosoft Windows: Do not sync1ValueValueradio202Microsoft Windows: Do not sync (Allow users to turn syncing on)1ValueValueradio101SSL/TLS: Supported Cipher Suites1Perform checkPerform checkcheckboxnonoSSL/TLS: Supported Cipher Suites2Report passed testsReport passed testscheckboxnonoSSL/TLS: Supported Cipher Suites3Cipher suites SSLv2Cipher suites SSLv2entrySSL/TLS: Supported Cipher Suites4Cipher suites SSLv3Cipher suites SSLv3entrySSL/TLS: Supported Cipher Suites5Cipher suites TLSv1.0Cipher suites TLSv1.0entrySSL/TLS: Supported Cipher Suites6Cipher suites TLSv1.1Cipher suites TLSv1.1entrySSL/TLS: Supported Cipher Suites7Cipher suites TLSv1.2Cipher suites TLSv1.2entryTLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CCM,TLS_ECDHE_ECDSA_WITH_AES_256_CCM,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CCMTLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CCM,TLS_ECDHE_ECDSA_WITH_AES_256_CCM,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CCMSSL/TLS: Supported Cipher Suites8Cipher suites TLSv1.3Cipher suites TLSv1.3entryTLS_DHE_RSA_WITH_AES_256_CC,TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_AES_128_CCM_SHA256TLS_DHE_RSA_WITH_AES_256_CC,TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_AES_128_CCM_SHA256Microsoft Windows: Do not sync Apps1ValueValueradio202Microsoft Windows: Do not sync Apps (Allow users to turn AppSync syncing on)1ValueValueradio101Microsoft Windows: Don't search the web or display web results in Search1ValueValueradio010Microsoft Windows: Don't search the web or display web results in Search over metered connections1ValueValueradio010Microsoft Windows: ECC Curve Order1ValueValueentryCurve25519,NistP256,NistP384Curve25519,NistP256,NistP384Microsoft Windows: Hide entry points for Fast User Switching1ValueValueradio101Microsoft Windows: Honor cipher suite order1ValueValueradio101Microsoft Windows: Let Windows apps access account information1ValueValueradio2012Microsoft Windows: Let Windows apps access call history1ValueValueradio2012Microsoft Windows: Let Windows apps access contacts1ValueValueradio2012Microsoft Windows: Let Windows apps access email1ValueValueradio2012Microsoft Windows: Let Windows apps access location1ValueValueradio2012Microsoft Windows: Let Windows apps access messaging1ValueValueradio2012Microsoft Windows: Let Windows apps access motion1ValueValueradio2012Microsoft Windows: Let Windows apps access notifications1ValueValueradio2012Microsoft Windows: Let Windows apps access the calendar1ValueValueradio2012Microsoft Windows: Let Windows apps access the camera1ValueValueradio2012Microsoft Windows: Let Windows apps access the microphone1ValueValueradio2012Microsoft Windows: Let Windows apps access trusted devices1ValueValueradio2012Microsoft Windows: Let Windows apps communicate with unpaired devices1ValueValueradio2012Microsoft Windows: Let Windows apps control radios1ValueValueradio2012Microsoft Windows: Let Windows apps make phone calls1ValueValueradio2012Microsoft Windows: Microsoft Support Diagnostic Tool: Restrict tool download1ValueValueradio010Microsoft Windows: Prevent access to 16-bit applications1ValueValueradio101Microsoft Windows: Prevent Automatic Updates1ValueValueradio101Microsoft Windows: Prevent Windows Media DRM Internet Access1ValueValueradio101Microsoft Windows: Require user authentication for remote connections by using Network Level Authentication1ValueValueradio101Microsoft Windows: Restrict Internet communication1ValueValueradio101Microsoft Windows: Restrict Remote Desktop Services users to a single Remote Desktop Services session1ValueValueradio101Microsoft Windows: Turn off access to all Windows Update features1ValueValueradio101Microsoft Windows: Turn off Automatic Root Certificates Update1ValueValueradio010Microsoft Windows: Turn off Event Viewer 'Events.asp' links1ValueValueradio101Microsoft Windows: Turn off Help and Support Center 'Did you know?' content1ValueValueradio010Microsoft Windows: Turn off Help and Support Center Microsoft Knowledge Base search1ValueValueradio010Microsoft Windows: Turn off Internet File Association service1ValueValueradio101Microsoft Windows: Turn off location scripting1ValueValueradio101Microsoft Windows: Turn off sensors1ValueValueradio101Microsoft Windows: Turn off smart multi-homed name resolution1ValueValueradio101Microsoft Windows: Turn off Steps Recorder1ValueValueradio101Microsoft Windows: Turn off Windows Error Reporting1ValueValueradio010Microsoft Windows: Turn off Windows Network Connectivity Status Indicator active tests1ValueValueradio101Microsoft Windows: Specify maximum number of remote shells per user1ValueValueentry44Microsoft Windows: PMTU Discovery1ValueValueradio101Microsoft Windows: Enable Client-side SSL 3.01ValueValueradio010Microsoft Windows: Add workstations to a domain1ValueValueentryAdministratorsAdministratorsMicrosoft Windows: Set 6to4 State1ValueValueradioDisabledDefaultEnabledDisabledMicrosoft Windows: Set ISATAP State1ValueValueradioDisabledDefaultEnabledDisabledMicrosoft Windows: Set Teredo State1ValueValueradioDisabledDefaultClientEnterprise ClientDisabledMicrosoft Windows: Show IPv6 Interfaces with enabled DHCP1DHCPDHCPradioEnabledDisabledEnabledMicrosoft Windows: Show IPv6 Interfaces with enabled RouterDiscovery1RouterDiscoveryRouterDiscoveryradioEnabledDisabledControlledByDHCPEnabledMicrosoft Windows: Enable Server-side SSL 3.01ValueValueradio010Microsoft Windows: Remove computer from docking station1ValueValueentryAdministrators, Authenticated UsersAdministrators, Authenticated UsersMicrosoft Windows: Increase a process working set1ValueValueentryLocal Service, AdministratorsLocal Service, AdministratorsMicrosoft Windows: Audit: Audit the access of global system objects1ValueValueradio010Microsoft Windows: Audit: Audit the use of Backup and Restore privilege1ValueValueradio010Microsoft Windows: Devices: Allow undock without having to log on1ValueValueradio101Microsoft Windows: Devices: Restrict CD-ROM access to locally logged-on user only1ValueValueradio101Microsoft Windows: Devices: Restrict floppy access to locally logged-on user only1ValueValueradio101Microsoft Windows: Turn on Module Logging1ValueValueradio101Microsoft Windows: System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing1ValueValueradio010Microsoft Windows: Turn on PowerShell Script Block Logging1ValueValueradio010Microsoft Windows: Turn on Module Logging (Module Names)1ValueValueentry**Microsoft Windows: Interactive Logon: Display user information when session is locked1ValueValueradio1231Microsoft Windows: Audit DPAPI Activity1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit File System1ValueValueradioSuccessSuccess and FailureFailureNo AuditingSuccessMicrosoft Windows: Audit Registry1ValueValueradioFailureSuccessSuccess and FailureNo AuditingFailureMicrosoft Windows: Audit Other Policy Change Events1ValueValueradioSuccess and FailureFailureSuccessNo AuditingSuccess and FailureMicrosoft Windows: Microsoft network server: Disconnect clients when logon hours expire1ValueValueradio101Microsoft Windows: Network access: Named Pipes that can be accessed anonymously1ValueValueentryNoneNoneMicrosoft Windows: Audit MPSSVC Rule-Level Policy Change1ValueValueradioSuccess and FailureFailureSuccessNo AuditingSuccess and FailureMicrosoft Windows: Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication1ValueValueentryNoneNoneMicrosoft Windows: Network security: Restrict NTLM: Add server exceptions in this domain1ValueValueentryNoneNoneMicrosoft Windows: Network security: Restrict NTLM: Audit Incoming NTLM Traffic1ValueValueradio0120Microsoft Windows: Network security: Restrict NTLM: Audit NTLM authentication in this domain1ValueValueradio013570Microsoft Windows: Network security: Restrict NTLM: Incoming NTLM traffic1ValueValueradio0120Microsoft Windows: Network security: Restrict NTLM: NTLM authentication in this domain1ValueValueradio013570Microsoft Windows: Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers1ValueValueradio0120Microsoft Windows: Recovery console: Allow automatic administrative logon 1ValueValueradio010Microsoft Windows: Recovery console: Allow floppy copy and access to all drives and all folders1ValueValueradio010Microsoft Windows: Shutdown: Clear virtual memory pagefile1ValueValueradio010Microsoft Windows: System settings: Optional subsystems1ValueValueradio010Microsoft Windows: User Account Control: Only elevate executables that are signed and validated1ValueValueradio010Windows Defender Firewall: Private Profile: Apply local firewall rules1ValueValueradio010Windows Defender Firewall: Private Profile: Apply local connection security rules1ValueValueradio010Windows Defender Firewall: Domain Profile: Apply local connection security rules1ValueValueradio010Windows Defender Firewall: Domain Profile: Allow unicast response1ValueValueradio101Windows Defender Firewall: Private Profile: Allow unicast response1ValueValueradio101Windows Defender Firewall: Public Profile: Allow unicast response1ValueValueradio101Windows Defender Firewall: Domain Profile: Apply local firewall rules1ValueValueradio010Microsoft Windows: Turn on logging (Event Log / Setup)1ValueValueradio101Microsoft Windows: Default Wireless Network (IEEE 802.11) Policies (Name)1ValueValueentryWirelesspolicy nameWirelesspolicy nameMicrosoft Windows: Default Wireless Network (IEEE 802.11) Policies (Description)1ValueValueentryWirelesspolicy descriptionWirelesspolicy descriptionMicrosoft Windows: Default Wireless Network (IEEE 802.11) Policies (Path)1ValueValueentryWirelesspolicy pathWirelesspolicy pathMicrosoft Windows 10: Synchronize directory service data1ValueValueentryAdministratorsAdministratorsMicrosoft Windows: Domain controller: Allow server operators to schedule tasks1ValueValueradio010Microsoft Windows: Domain controller: Refuse machine account password changes1ValueValueradio010Microsoft Windows: Shutdown: Allow system to be shut down without having to log on1ValueValueradio010Microsoft Windows: System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies1ValueValueradio010Microsoft Windows: Domain controller: LDAP server signing requirements1ValueValueradio212Microsoft Windows: Audit Directory Service Access1ValueValueradioSuccess and FailureFailureSuccessNo AuditingSuccess and FailureMicrosoft Windows: Audit Directory Service Changes1ValueValueradioSuccess and FailureFailureSuccessNo AuditingSuccess and FailureMicrosoft Windows: Audit Directory Service Replication1ValueValueradioFailureSuccessSuccess and FailureNo AuditingFailureMicrosoft Windows: Audit Detailed Directory Service Replication1ValueValueradioFailureSuccessSuccess and FailureNo AuditingFailureMicrosoft Windows: Allow remote server management through WinRM (IPv6 Filter)1ValueValueentry**Microsoft Windows: Allow remote server management through WinRM (IPv4 Filter)1ValueValueentry**Microsoft Windows: Turn On Compatibility HTTP Listener1ValueValueradio101Microsoft Windows: Turn On Compatibility HTTPS Listener1ValueValueradio101Microsoft Windows: Maximum lifetime for user ticket1MaximumMaximumentry1010Microsoft Windows: Maximum lifetime for service ticket1MaximumMaximumentry600600Microsoft Windows: Maximum tolerance for computer clock synchronization1MaximumMaximumentry55Microsoft Windows: Maximum lifetime for user ticket renewal1MaximumMaximumentry55Microsoft Windows: Network security: Force logoff when logon hours expire1RequiredRequiredradioTrueFalseTrueMicrosoft Windows: Enforce user logon restrictions1RequiredRequiredradioTrueFalseTrueMicrosoft Windows: Audit Distribution Group Management1ValueValueradioSuccess and FailureSuccessFailureNo AuditingSuccess and FailureMicrosoft Windows: Allow Message Service Cloud Sync1ValueValueradio010Microsoft Windows: Configure Attack Surface Reduction rules1ValueValueradio101Microsoft Windows: Manage Preview Builds1ValueValueradio101Microsoft Windows: Manage Preview Builds (Behaviour for Receiving Preview Builds)1ValueValueradio0120Misc information on News server1From address :From address :entryOpenVASVT <listme@listme.dsbl.org>OpenVASVT <listme@listme.dsbl.org>Misc information on News server2Test group name regex :Test group name regex :entryf[a-z]\.tests?f[a-z]\.tests?Misc information on News server3Max crosspost :Max crosspost :entry77Misc information on News server4Local distributionLocal distributioncheckboxyesyesMisc information on News server5No archiveNo archivecheckboxnonoCGI Scanning Consolidation1Maximum number of items shown for each listMaximum number of items shown for each listentry100100Report NVT debug logs1Report NVT debug logsReport NVT debug logscheckboxnonoHTTP login page1Login page :Login page :entry//HTTP login page2Login form :Login form :entryHTTP login page3Login form fields :Login form fields :entryuser=%USER%&pass=%PASS%user=%USER%&pass=%PASS%Microsoft Windows DNS Cache Output1Collect and report Microsoft Windows DNS CacheCollect and report Microsoft Windows DNS CachecheckboxnonoDSX Communication Devices Detection (HTTP)1DSX User NameDSX User NameentryDSX Communication Devices Detection (HTTP)2DSX PasswordDSX PasswordpasswordIcinga 2 Detection1API UsernameAPI UsernameentryIcinga 2 Detection2API PasswordAPI PasswordpasswordZSQL: Check For Unknown Users In Database1ValueValueentryuser1, user2user1, user2Various dangerous cgi scripts1Check all detected CGI directories:Check all detected CGI directories:checkboxnonoDo not print on AppSocket and socketAPI printers1Exclude PJL printer ports from scanExclude PJL printer ports from scanentry2000,2501,9100,9101,9102,9103,9104,9105,9106,9107,9112,9113,9114,9115,9116,100012000,2501,9100,9101,9102,9103,9104,9105,9106,9107,9112,9113,9114,9115,9116,10001Global variable settings10Log verbosityLog verbosityradioNormalQuietVerboseDebugNormalGlobal variable settings11Debug levelDebug levelentry00Global variable settings12HTTP User-AgentHTTP User-AgententryGlobal variable settings13Exclude printers from scanExclude printers from scancheckboxyesyesGlobal variable settings14Exclude known fragile devices/ports from scanExclude known fragile devices/ports from scancheckboxyesyesGlobal variable settings15Enable SSH DebugEnable SSH DebugcheckboxnonoGlobal variable settings16Mark host as dead if going offline (failed ICMP ping) during scanMark host as dead if going offline (failed ICMP ping) during scancheckboxnonoGlobal variable settings17Service discovery on non-default UDP ports (slow)Service discovery on non-default UDP ports (slow)checkboxnonoGlobal variable settings1Strictly unauthenticatedStrictly unauthenticatedcheckboxnonoGlobal variable settings2Enable CGI scanningEnable CGI scanningcheckboxyesyesGlobal variable settings3Add historic /scripts and /cgi-bin to directories for CGI scanningAdd historic /scripts and /cgi-bin to directories for CGI scanningcheckboxnonoGlobal variable settings4Regex pattern to exclude directories from CGI scanning :Regex pattern to exclude directories from CGI scanning :entry/(index\.php|image|img|css|js$|js/|javascript|style|theme|icon|jquery|graphic|grafik|picture|bilder|thumbnail|media/|skins?/)/(index\.php|image|img|css|js$|js/|javascript|style|theme|icon|jquery|graphic|grafik|picture|bilder|thumbnail|media/|skins?/)Global variable settings5Use regex pattern to exclude directories from CGI scanning :Use regex pattern to exclude directories from CGI scanning :checkboxyesyesGlobal variable settings6Exclude directories containing detected known server manuals from CGI scanningExclude directories containing detected known server manuals from CGI scanningcheckboxyesyesGlobal variable settings7Enable generic web application scanningEnable generic web application scanningcheckboxnonoGlobal variable settings8Network typeNetwork typeradioMixed (use RFC 1918)Private LANPublic WAN (Internet)Public LANMixed (use RFC 1918)Global variable settings9Report verbosityReport verbosityradioNormalQuietVerboseNormalSSL/TLS: Cert Issuer Policy Check1Perform check:Perform check:checkboxnonoSSL/TLS: Cert Issuer Policy Check2Certificate IssuerCertificate IssuerentrySSL/TLS: Cert Issuer Policy Check3Report passed tests:Report passed tests:checkboxnonoDocker Compliance Check105.0 Do not use propagation mode "shared" for mounts.5.0 Do not use propagation mode "shared" for mounts.checkboxyesyesDocker Compliance Check111.2 Use a up to date Docker version.1.2 Use a up to date Docker version.checkboxyesyesDocker Compliance Check122.6 Enable live restore.2.6 Enable live restore.checkboxyesyesDocker Compliance Check135.1 Isolate the containers from the hosts UTS namespace.5.1 Isolate the containers from the hosts UTS namespace.checkboxyesyesDocker Compliance Check141.3 Do not use lxc execution driver.1.3 Do not use lxc execution driver.checkboxyesyesDocker Compliance Check152.7 Do not use Userland Proxy2.7 Do not use Userland ProxycheckboxyesyesDocker Compliance Check165.2 Do not disable default seccomp profile.5.2 Do not disable default seccomp profile.checkboxyesyesDocker Compliance Check171.4 Restrict network traffic between containers.1.4 Restrict network traffic between containers.checkboxyesyesDocker Compliance Check182.8 docker.service file ownership must set to root:root2.8 docker.service file ownership must set to root:rootcheckboxyesyesDocker Compliance Check195.3 Confirm cgroup usage.5.3 Confirm cgroup usage.checkboxyesyesDocker Compliance Check1Perform check:Perform check:checkboxnonoDocker Compliance Check201.5 Set the logging level to "info".1.5 Set the logging level to "info".checkboxyesyesDocker Compliance Check212.9 docker.service file permissions must set to 644 or more restrictive.2.9 docker.service file permissions must set to 644 or more restrictive.checkboxyesyesDocker Compliance Check224.0 Do not run sshd within containers4.0 Do not run sshd within containerscheckboxyesyesDocker Compliance Check235.4 Set no-new-privileges for Container.5.4 Set no-new-privileges for Container.checkboxyesyesDocker Compliance Check241.6 Allow Docker to make changes to iptables.1.6 Allow Docker to make changes to iptables.checkboxyesyesDocker Compliance Check254.1 Container ports mapped to a privileged port.4.1 Container ports mapped to a privileged port.checkboxyesyesDocker Compliance Check265.5 Do not share the hosts user namespaces.5.5 Do not share the hosts user namespaces.checkboxyesyesDocker Compliance Check271.7 Do not use insecure registries1.7 Do not use insecure registriescheckboxyesyesDocker Compliance Check284.2 Do not skip placing the container inside a separate network stack.4.2 Do not skip placing the container inside a separate network stack.checkboxyesyesDocker Compliance Check295.6 Docker socket must not mount inside any containers.5.6 Docker socket must not mount inside any containers.checkboxyesyesDocker Compliance Check2Report passed tests:Report passed tests:checkboxnonoDocker Compliance Check301.8 Do not use the "aufs" storage driver.1.8 Do not use the "aufs" storage driver.checkboxyesyesDocker Compliance Check314.3 Use memory limit for container.4.3 Use memory limit for container.checkboxyesyesDocker Compliance Check325.7 Avoid image sprawl.5.7 Avoid image sprawl.checkboxyesyesDocker Compliance Check331.9 Configure TLS authentication.1.9 Configure TLS authentication.checkboxyesyesDocker Compliance Check343.0 docker.socket file ownership must set to root:root3.0 docker.socket file ownership must set to root:rootcheckboxyesyesDocker Compliance Check354.4 Use CPU priority for container.4.4 Use CPU priority for container.checkboxyesyesDocker Compliance Check365.8 Avoid container sprawl.5.8 Avoid container sprawl.checkboxyesyesDocker Compliance Check373.1 docker.socket file permissions must set to 644 or more restrictive.3.1 docker.socket file permissions must set to 644 or more restrictive.checkboxyesyesDocker Compliance Check384.5 Containers root filesystem should mounted as read only.4.5 Containers root filesystem should mounted as read only.checkboxyesyesDocker Compliance Check393.2 /etc/docker directory ownership must set to root:root.3.2 /etc/docker directory ownership must set to root:root.checkboxyesyesDocker Compliance Check3Report failed tests:Report failed tests:checkboxyesyesDocker Compliance Check404.6 Bind incoming container traffic to a specific host interface.4.6 Bind incoming container traffic to a specific host interface.checkboxyesyesDocker Compliance Check413.3 /etc/docker directory permissions must set to 755 or more restrictive3.3 /etc/docker directory permissions must set to 755 or more restrictivecheckboxyesyesDocker Compliance Check424.7 Set the "on-failure" container restart policy to 5 or less.4.7 Set the "on-failure" container restart policy to 5 or less.checkboxyesyesDocker Compliance Check432.0 Enable a default ulimit as appropriate.2.0 Enable a default ulimit as appropriate.checkboxyesyesDocker Compliance Check443.4 Docker socket file ownership must set to root:docker.3.4 Docker socket file ownership must set to root:docker.checkboxyesyesDocker Compliance Check454.8 Isolate the containers from the hosts process namespace.4.8 Isolate the containers from the hosts process namespace.checkboxyesyesDocker Compliance Check462.1 Enable user namespace support.2.1 Enable user namespace support.checkboxyesyesDocker Compliance Check473.5 Docker socket file permissions must set to 660 or more restrictive.3.5 Docker socket file permissions must set to 660 or more restrictive.checkboxyesyesDocker Compliance Check484.9 Isolate the containers from the hosts IPC namespace.4.9 Isolate the containers from the hosts IPC namespace.checkboxyesyesDocker Compliance Check492.2 Check default cgroup usage.2.2 Check default cgroup usage.checkboxyesyesDocker Compliance Check4Report errors:Report errors:checkboxnonoDocker Compliance Check503.6 Do not use user root for container.3.6 Do not use user root for container.checkboxyesyesDocker Compliance Check512.3 Do not increase base device size if not needed.2.3 Do not increase base device size if not needed.checkboxyesyesDocker Compliance Check523.7 Use HEALTHCHECK for the container image.3.7 Use HEALTHCHECK for the container image.checkboxyesyesDocker Compliance Check531.0 Use a separate partition for containers.1.0 Use a separate partition for containers.checkboxyesyesDocker Compliance Check542.4 Make use of authorization plugins.2.4 Make use of authorization plugins.checkboxyesyesDocker Compliance Check553.8 Do not use privileged containers.3.8 Do not use privileged containers.checkboxyesyesDocker Compliance Check5Minimum docker version for test 1.1:Minimum docker version for test 1.1:entry1.121.12Docker Compliance Check6Report skipped tests:Report skipped tests:checkboxnonoDocker Compliance Check71.1 Use Linux Kernel >= 3.10.1.1 Use Linux Kernel >= 3.10.checkboxyesyesDocker Compliance Check82.5 Disable legacy registry v1.2.5 Disable legacy registry v1.checkboxyesyesDocker Compliance Check93.9 Sensitive host system directories should not be mounted in containers.3.9 Sensitive host system directories should not be mounted in containers.checkboxyesyesNmap (NASL wrapper)10Min RTT Timeout (ms) :Min RTT Timeout (ms) :entryNmap (NASL wrapper)11Max RTT Timeout (ms) :Max RTT Timeout (ms) :entryNmap (NASL wrapper)12Initial RTT timeout (ms) :Initial RTT timeout (ms) :entryNmap (NASL wrapper)13Ports scanned in parallel (max)Ports scanned in parallel (max)entryNmap (NASL wrapper)14Ports scanned in parallel (min)Ports scanned in parallel (min)entryNmap (NASL wrapper)15Minimum wait between probes (ms)Minimum wait between probes (ms)entryNmap (NASL wrapper)16Maximum wait between probes (ms)Maximum wait between probes (ms)entryNmap (NASL wrapper)17File containing grepable results :File containing grepable results :fileNmap (NASL wrapper)18Do not scan targets not in the fileDo not scan targets not in the filecheckboxnonoNmap (NASL wrapper)19Data length :Data length :entryNmap (NASL wrapper)1TCP scanning technique :TCP scanning technique :radioconnect()SYN scanFIN scanXmas Tree scanSYN FIN scanFIN SYN scanNull scanNo TCP scanconnect()Nmap (NASL wrapper)20Run dangerous port scans even if safe checks are setRun dangerous port scans even if safe checks are setcheckboxnonoNmap (NASL wrapper)21Log nmap outputLog nmap outputcheckboxnonoNmap (NASL wrapper)22Defeat RST ratelimitDefeat RST ratelimitcheckboxnonoNmap (NASL wrapper)23Defeat ICMP ratelimitDefeat ICMP ratelimitcheckboxnonoNmap (NASL wrapper)24Send using IP packetsSend using IP packetscheckboxnonoNmap (NASL wrapper)25No ARP or ND PingNo ARP or ND PingcheckboxnonoNmap (NASL wrapper)2Service scanService scancheckboxnonoNmap (NASL wrapper)3RPC port scanRPC port scancheckboxnonoNmap (NASL wrapper)4Fragment IP packets (bypasses firewalls)Fragment IP packets (bypasses firewalls)checkboxnonoNmap (NASL wrapper)5Do not randomize the order in which ports are scannedDo not randomize the order in which ports are scannedcheckboxnonoNmap (NASL wrapper)6Source port :Source port :entryNmap (NASL wrapper)7Timing policy :Timing policy :radioAggressiveInsaneNormalPoliteSneakyParanoidCustomAggressiveNmap (NASL wrapper)8Max Retries :Max Retries :entryNmap (NASL wrapper)9Host Timeout (ms) :Host Timeout (ms) :entrysnmpwalk 'scanner'1Community name :Community name :entrypublicpublicsnmpwalk 'scanner'2SNMP protocol :SNMP protocol :radio12c1snmpwalk 'scanner'3SNMP transport layer :SNMP transport layer :radioudptcpudpsnmpwalk 'scanner'4TCP/UDP port :TCP/UDP port :entrysnmpwalk 'scanner'5Number of retries :Number of retries :entrysnmpwalk 'scanner'6Timeout between retries :Timeout between retries :entryIP protocols scan1Run IP protocols scanRun IP protocols scancheckboxnonoMicrosoft Windows: Server Core Installation1ValueValueentryServer CoreServer CoreESXi SSH: Local Log Output Is Persistent1ValueValueradiotruefalsetrueESXi SSH: Default Network Retry Timeout1ValueValueentry180180ESXi SSH: Dropped Log File Rotation Size1ValueValueentry100100ESXi SSH: Dropped Log File Rotations1ValueValueentry1010ESXi SSH: Enforce SSLCertificates1ValueValueradiotruefalsetrueESXi SSH: Local Log Output1ValueValueentry/scratch/log/scratch/logESXi SSH: Local Log Output Is Configured1ValueValueradiotruefalsetrueESXi SSH: Local Logging Default Rotation Size1ValueValueentry10241024ESXi SSH: Local Logging Default Rotations1ValueValueentry88ESXi SSH: Log To Unique Subdirectory1ValueValueradiotruefalsetrueESXi SSH: Message Queue Drop Mark1ValueValueentry9090ESXi SSH: Remote Host1ValueValueentry<none><none>ESXi SSH: SNMP Default Authentication Protocol1ValueValueradiononeSHA1MD5noneESXi SSH: SNMP Communities1ValueValueentrynonenoneESXi SSH: SNMP Enabled1ValueValueentrynonenoneESXi SSH: SNMP Engine ID1ValueValueentrynonenoneESXi SSH: SNMP Source of Hardware Events1ValueValueradioindicationssensorsindicationsESXi SSH: SNMP Large Storage1ValueValueradiotruefalsetrueESXi SSH: SNMP Log Level1ValueValueradioinfowarningerrordebuginfoESXi SSH: SNMP Filter Notifications1ValueValueentrynonenoneESXi SSH: SNMP Polling1ValueValueentry161161ESXi SSH: SNMP Privacy Protocol1ValueValueradiononeAES128noneESXi SSH: SNMP Remote Users1ValueValueentrynonenoneESXi SSH: SNMP System Contact1ValueValueentrynonenoneESXi SSH: SNMP System Location1ValueValueentrynonenoneESXi SSH: SNMP Targets1ValueValueentrynonenoneESXi SSH: SNMP Users1ValueValueentrynonenoneESXi SSH: SNMP v3 Targets1ValueValueentrynonenoneESXi SSH: Managed Object Browser1ValueValueradiotruefalsetrueLinux: Separate partition for /dev/shm1Separate partitionSeparate partitionradioyesnoyesLinux: Separate partition for /home1Separate partitionSeparate partitionradioyesnoyesLinux: Check options for /var directory1OptionsOptionsentrynodev,nosuid,noexecnodev,nosuid,noexecLinux: Separate partition for /var/log1Separate partitionSeparate partitionradioyesnoyesLinux: Separate partition for /tmp1Separate partitionSeparate partitionradioyesnoyesLinux: Separate partition for /var/log/audit1Separate partitionSeparate partitionradioyesnoyesLinux: Separate partition for /var/tmp1Separate partitionSeparate partitionradioyesnoyesLinux: SSH Protocol1ValueValueentry22Linux: SSH LogLevel1ValueValueradioINFOQUIETFATALERRORVERBOSEDEBUGDEBUG1DEBUG2DEBUG3INFOLinux: SSH X11 Forwarding1ValueValueradionoyesnoLinux: SSH MaxAuthTries1ValueValueentry44Linux: SSH IgnoreRhosts1ValueValueradioyesnoyesLinux: SSH HostbasedAuthentication1ValueValueradionoyesnoLinux: SSH PermitRootLogin1ValueValueradionoyesnoLinux: SSH PermitEmptyPasswords1ValueValueradionoyesnoLinux: SSH PermitUserEnvironment1ValueValueradionoyesnoLinux: SSH LoginGraceTime1ValueValueentry33Linux: SSH Banner1ValueValueentry/etc/issue.net/etc/issue.netLinux: KexAlgorithms1ValueValueentrycurve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256Linux: SSH ClientAliveCountMax1ValueValueentry33Linux: SSH ClientAliveInterval1ValueValueentry300300Linux: SSH AllowUsers1ValueValueentryuser1 user2user1 user2Linux: SSH AllowGroups1ValueValueentrygroup1 group2group1 group2Linux: SSH DenyGroups1ValueValueentrygroup1 group2group1 group2Linux: SSH DenyUsers1ValueValueentryuser1 user2user1 user2Linux: SSH /etc/ssh/sshd_config chown1ValueValueentryroot:rootroot:rootLinux: SSH /etc/ssh/sshd_config chmod1ValueValueentry600600Linux: Required Packages1ValueValueentrytcpdtcpdLinux: SSH /etc/hosts.deny chmod1ValueValueentry644644Linux: SSH /etc/hosts.deny chown1ValueValueentryroot:rootroot:rootLinux: SSH /etc/hosts.allow chown1ValueValueentryroot:rootroot:rootLinux: SSH /etc/hosts.allow chmod1ValueValueentry644644Linux: SSH ListenAddress1ValueValueentryIPv4,IPv6IPv4,IPv6Linux: Permissions on /etc/cron.allow1PermissionsPermissionsentry700700Linux: Permissions on /etc/cron.allow2OwnerOwnerentryroot:rootroot:rootLinux: Permissions on /etc/at.allow1PermissionsPermissionsentry700700Linux: Permissions on /etc/at.allow2OwnerOwnerentryroot:rootroot:rootLinux: Home directory for root user1ValueValueentry/root/rootLinux: User accounts with non-specific shells1ValueValueentry/bin/bash,/bin/csh,/bin/jsh,/bin/ksh,/bin/rbash,/bin/sh,/bin/tcsh,/bin/zsh,/bin/false,/usr/bin/bash,/sbin/jsh,/sbin/sh,/usr/bin/csh,/usr/bin/jsh,/usr/bin/ksh,/usr/bin/sh,/usr/bin/rksh,/usr/bin/tcsh,/usr/sbin/ksh/bin/bash,/bin/csh,/bin/jsh,/bin/ksh,/bin/rbash,/bin/sh,/bin/tcsh,/bin/zsh,/bin/false,/usr/bin/bash,/sbin/jsh,/sbin/sh,/usr/bin/csh,/usr/bin/jsh,/usr/bin/ksh,/usr/bin/sh,/usr/bin/rksh,/usr/bin/tcsh,/usr/sbin/kshLinux: Strict permissions for directories owned by root1WhitelistWhitelistentryLinux: Mounting of usb-storage filesystems1StatusStatusradioDisabledEnabledDisabledLinux: /etc/motd chown1ValueValueentryroot:rootroot:rootLinux: /etc/motd chmod1ValueValueentry644644Linux: System Information in /etc/motd1ValueValueradioNoYesNoLinux: /etc/issue chmod1ValueValueentry644644Linux: /etc/issue chown1ValueValueentryroot:rootroot:rootLinux: System Information in /etc/issue1ValueValueradioNoYesNoLinux: /etc/issue.net chmod1ValueValueentry644644Linux: /etc/issue.net chown1ValueValueentryroot:rootroot:rootLinux: System Information in /etc/issue.net1ValueValueradioNoYesNoLinux: /etc/login.defs LOG_UNKFAIL_ENAB1ValueValueradioYesNoYesLinux: /etc/login.defs LASTLOG_ENAB1ValueValueradioYesNoYesLinux: 'export TMOUT' in /etc/profile1ValueValueentry18001800Linux: Lockout for failed authentication attempts1ValueValueentry55Linux: Lockout time for locked accounts1ValueValueentry900900Linux: Limit password re-use1ValueValueentry55Linux: Password hashing algorithm1ValueValueentrysha512sha512Linux: ALWAYS_SET_PATH in /etc/login.defs1ValueValueradioYesNoYesLinux: USERGROUP_ENAB in /etc/login.defs1ValueValueradioYesNoYesLinux: sysctl fs.suid_dumpable1ValueValueradio010Linux: sysctl net.ipv4.ip_forward1ValueValueradio010Linux: sysctl net.ipv6.conf.all.forwarding1ValueValueradio010Linux: TCP timestamps1StatusStatusradioDisabledEnabledDisabledLinux: ARP proxy1StatusStatusradioDisabledEnabledDisabledLinux: Number of outstanding syn requests allowed (net.ipv4.tcp_max_syn_backlog)1ValueValueentry40964096Linux: Time default value for tcp_fin_timeout connection1ValueValueentry6060Linux: FAILLOG_ENAB in /etc/login.defs1ValueValueradioyesnoyesLinux: auth.* facility in /etc/rsyslog.conf1ValueValueentry/var/log/auth.log,/var/log/authlog/var/log/auth.log,/var/log/authlogLinux: authpriv.* facility in /etc/rsyslog.conf1ValueValueentry/var/log/authlog/var/log/authlogLinux: *.warning level in /etc/rsyslog.conf1ValueValueentry/var/log/syslog/var/log/syslogLinux: daemon.debug in /etc/rsyslog.conf1ValueValueentry/var/log/daemon.log/var/log/daemon.logLinux: cron.info in /etc/rsyslog.conf1ValueValueentry/var/log/cron/var/log/cronLinux: FileCreateMode in /etc/rsyslog.conf1ValueValueentry06400640Linux: send logs to a remote log host in /etc/rsyslog.conf1ValueValueentry@@loghost.example.com@@loghost.example.comLinux: kern.emerg in /etc/rsyslog.conf1ValueValueentry/var/log/kern_emerg.log,/dev/console/var/log/kern_emerg.log,/dev/consoleLinux: *.info APPLICATION /var/log/message.log in /etc/rsyslog.conf1ValueValueentryapplication1,application2application1,application2Linux: kern.* in /etc/rsyslog.conf1ValueValueentry/var/log/kernel.log/var/log/kernel.logLinux: auth.info and mail.info in /etc/rsyslog.conf1ValueValueentry/var/log/secure.log/var/log/secure.logLinux: rsyslog status1ValueValueradioenableddisabledstatusindirectenabledLinux: audtitd status1ValueValueradioenableddisabledstatusindirectenabledLinux: server or pool in /etc/ntp.conf1ValueValueentryip1,ip2ip1,ip2Linux: kernel.sysrq in /etc/sysctl.conf1ValueValueradio010Linux: SINGLE in /etc/sysconfig/init1ValueValueentry/sbin/sulogin/sbin/suloginLinux: BOOTPROTO in /etc/sysconfig/network-scripts/*1ValueValueradiononedhcpbootpstaticnoneLinux: nofile in /etc/security/limits.conf1ValueValueentry10000001000000GaussDB: Access permissions to ${GSDB_HOME}1ValueValueentry700700GaussDB: Access permissions to ${GSDB_HOME}/lib1ValueValueentry700700GaussDB: Access permissions to ${GSDB_HOME}/add-ons1ValueValueentry700700GaussDB: Access permissions to ${GSDB_HOME}/bin1ValueValueentry700700GaussDB: Access permissions to ${GSDB_DATA}/data1ValueValueentry700700GaussDB: Access permissions to ${GSDB_DATA}/cfg/zengine.ini1ValueValueentry600600GaussDB: Access permissions to ${GSDB_HOME}/cacert.pem1ValueValueentry400400ZSQL: Maximum Number of Connections1ValueValueentry6969ZSQL: Maximum Number of Connections2MaximumMaximumentry81928192ZSQL: IP Address Whitelist/Blacklist Checking1ValueValueradioTRUEFALSETRUEZSQL: Aging Time of Non-Authentication Sessions1ValueValueentry6060ZSQL: Local Trust Authentication1ValueValueradioFALSETRUEFALSEZSQL: SSL Status1ValueValueradioTRUEFALSETRUEZSQL: Number Of Days Before Which a Password Cannot Be Reused1ValueValueentry6060ZSQL: Number Of Password Changes Required Before the Current Password Can Be Reused1ValueValueentry33ZSQL: Number of Failed Login Attempts1ValueValueentry1010ZSQL: Account Lock Time1ValueValueentry11ZSQL: Password Lifetime1ValueValueentry9090ZSQL: Password Grace Period1ValueValueentry77ZSQL: Maximum Number of Connections of a Single User1ValueValueentry3030ZSQL: Maximum Number of Connections of a Single User2MaximumMaximumentry800800ZSQL: Resource Limit of a Single User1ValueValueradioTRUEFALSETRUEZSQL: Audit Level1ValueValueentry11ZSQL: Audit File Path1ValueValueentry/home/gaussdba/data/log/home/gaussdba/data/logZSQL: Maximum Capacity of an Audit Log File1ValueValueentry10M10MZSQL: Maximum Number of Backup Audit Files1ValueValueentry1010ZSQL: Log File Permission1ValueValueentry600600ZSQL: Log Directory Permission1ValueValueentry700700ZSQL: Server Logging Levels1ValueValueentry77Linux: Default password settings1Password expirationPassword expirationentry9090Linux: Default password settings2Min password ageMin password ageentry77Linux: Default password settings3Warn beforeWarn beforeentry77Linux: SSH PubkeyAuthentication1ValueValueradioyesnoyesLinux: SSH RSAAuthentication1ValueValueradioyesnoyesLinux: SSH RhostsRSAAuthentication1ValueValueradionoyesnoLinux: SSH Ciphers1ValueValueentryaes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfouraes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfourLinux: SSH StrictModes1ValueValueradioyesnoyesLinux: SSH UsePAM1ValueValueradioyesnoyesLinux: SSH AllowTcpForwarding1ValueValueradionoyesnoLinux: SSH AllowAgentForwarding1ValueValueradionoyesnoLinux: SSH GatewayPorts1ValueValueradionoyesclientspecifiednoLinux: SSH PermitTunnel1ValueValueradionoyespoint-to-pointethernetnoLinux: SSH Subsystem1ValueValueentrysubsystemsubsystemLinux: SSH SyslogFacility1ValueValueradioAUTHDAEMONUSERAUTHPRIVLOCAL0LOCAL1LOCAL2LOCAL3LOCAL4LOCAL5LOCAL6LOCAL7AUTHGaussDB: Authentication Parameters1UserUserentrySYSSYSGaussDB: Authentication Parameters2PasswordPasswordpasswordGaussDB: Authentication Parameters3IPIPentry127.0.0.1127.0.0.1GaussDB: Authentication Parameters4PortPortentry16111611GaussDB: Authentication Parameters5GSDB_HOMEGSDB_HOMEentryGaussDB: Authentication Parameters6GSDB_DATAGSDB_DATAentryLinux: Blacklisted binaries1BlacklistBlacklistentrybinary1,binary2binary1,binary2Linux: Blacklisted Services1BlacklistBlacklistentryservice1,service2service1,service2Linux: minclass in pam_pwquality.so1ValueValueentry33Linux: minlen in pam_pwquality.so1ValueValueentry1414GaussDB: Restricting the Permission for the SSL Private Key1ValueValueentry400400Linux: PASS_MIN_DAYS in /etc/login.defs1ValueValueentry77Avaya P330 Stackable Switch found with default password1Use complete password list (not only vendor specific passwords)Use complete password list (not only vendor specific passwords)checkboxnonoAllied Telesyn Router/Switch found with default password1Use complete password list (not only vendor specific passwords)Use complete password list (not only vendor specific passwords)checkboxnonoBay Networks Accelar 1200 Switch found with default password1Use complete password list (not only vendor specific passwords)Use complete password list (not only vendor specific passwords)checkboxnonoInformation about the scan1Be silentBe silentcheckboxyesyesCisco default password1Use complete password list (not only vendor specific passwords)Use complete password list (not only vendor specific passwords)checkboxnonopnscan (NASL wrapper)1Pnscan TimeoutPnscan Timeoutentrypnscan (NASL wrapper)2Pnscan Concurrent worker threadsPnscan Concurrent worker threadsentryHTTP NIDS evasion10CGI.pm semicolon separatorCGI.pm semicolon separatorcheckboxnonoHTTP NIDS evasion11Parameter hidingParameter hidingcheckboxnonoHTTP NIDS evasion12Dos/Windows syntaxDos/Windows syntaxcheckboxnonoHTTP NIDS evasion13Null methodNull methodcheckboxnonoHTTP NIDS evasion14TAB separatorTAB separatorcheckboxnonoHTTP NIDS evasion15HTTP/0.9 requestsHTTP/0.9 requestscheckboxnonoHTTP NIDS evasion16Force protocol string :Force protocol string :entryHTTP NIDS evasion17Random case sensitivity (Nikto only)Random case sensitivity (Nikto only)checkboxnonoHTTP NIDS evasion1Enable HTTP evasion techniquesEnable HTTP evasion techniquescheckboxnonoHTTP NIDS evasion2Use HTTP HEAD instead of GETUse HTTP HEAD instead of GETcheckboxnonoHTTP NIDS evasion3URL encodingURL encodingradiononeHexUTF-16 (double byte) UTF-16 (MS %u)Incorrect UTF-8noneHTTP NIDS evasion4Absolute URI typeAbsolute URI typeradiononefilegopherhttpnoneHTTP NIDS evasion5Absolute URI hostAbsolute URI hostradiononehost namehost IPrandom namerandom IPnoneHTTP NIDS evasion6Double slashesDouble slashescheckboxnonoHTTP NIDS evasion7Reverse traversalReverse traversalradiononeBasicLong URLnoneHTTP NIDS evasion8Self-reference directoriesSelf-reference directoriescheckboxnonoHTTP NIDS evasion9Premature request endingPremature request endingcheckboxnonoNIDS evasion1TCP evasion techniqueTCP evasion techniqueradiononesplitinjectionshort ttlnoneNIDS evasion2Send fake RST when establishing a TCP connectionSend fake RST when establishing a TCP connectioncheckboxnonoSMTP settings1Third party domain :Third party domain :entryexample.comexample.comSMTP settings2From address :From address :entrynobody@example.comnobody@example.comSMTP settings3To address :To address :entrypostmaster@[AUTO_REPLACED_IP]postmaster@[AUTO_REPLACED_IP]TCP timestamps1Delay (seconds):Delay (seconds):entry113com switch2hub1Network interface on OpenVAS box (used for scanning):Network interface on OpenVAS box (used for scanning):entry3com switch2hub2Fake IP (alive and on same subnet as scanner):Fake IP (alive and on same subnet as scanner):entry3com switch2hub3Number of packets:Number of packets:entry100000010000003com switch2hub4Report missing configuration or dependenciesReport missing configuration or dependenciescheckboxnonoCreate System Characteristics for NIST Windows OVAL Definitions1Create OVAL System Characteristics for NIST Windows OVAL DefinitionsCreate OVAL System Characteristics for NIST Windows OVAL DefinitionscheckboxnonoSSL/TLS: Report Supported Cipher Suites1Report timeoutReport timeoutcheckboxnonoGNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability1Shellshock: Check CGIs in KB:Shellshock: Check CGIs in KB:checkboxnonoAvailability of scanner helper tools1Silent tool checkSilent tool checkcheckboxyesyesAvailability of scanner helper tools2Silent tool check on Greenbone OS (GOS)Silent tool check on Greenbone OS (GOS)checkboxyesyesGreenbone LSC Agent1KB file to importKB file to importfileSSL/TLS: Cipher Settings100TLS_DHE_PSK_WITH_NULL_SHA384TLS_DHE_PSK_WITH_NULL_SHA384radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings101TLS_RSA_PSK_WITH_NULL_SHA384TLS_RSA_PSK_WITH_NULL_SHA384radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings102TLS_ECDHE_PSK_WITH_NULL_SHA384TLS_ECDHE_PSK_WITH_NULL_SHA384radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings103TLS_SHA256_SHA256 (Draft)TLS_SHA256_SHA256 (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings104TLS_SHA384_SHA384 (Draft)TLS_SHA384_SHA384 (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings105TLS_RSA_WITH_RC2_CBC_MD5 (Draft)TLS_RSA_WITH_RC2_CBC_MD5 (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings106TLS_RSA_WITH_IDEA_CBC_MD5 (Draft)TLS_RSA_WITH_IDEA_CBC_MD5 (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings107TLS_RSA_WITH_NULL_SHATLS_RSA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings108TLS_FORTEZZA_KEA_WITH_NULL_SHATLS_FORTEZZA_KEA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings109TLS_PSK_WITH_NULL_SHATLS_PSK_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings10TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings110TLS_DHE_PSK_WITH_NULL_SHATLS_DHE_PSK_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings111TLS_RSA_PSK_WITH_NULL_SHATLS_RSA_PSK_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings112TLS_ECDH_ECDSA_WITH_NULL_SHATLS_ECDH_ECDSA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings113TLS_ECDHE_ECDSA_WITH_NULL_SHATLS_ECDHE_ECDSA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings114TLS_ECDH_RSA_WITH_NULL_SHATLS_ECDH_RSA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings115TLS_ECDHE_RSA_WITH_NULL_SHATLS_ECDHE_RSA_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings116TLS_ECDH_anon_WITH_NULL_SHATLS_ECDH_anon_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings117TLS_ECDHE_PSK_WITH_NULL_SHATLS_ECDHE_PSK_WITH_NULL_SHAradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings118TLS_ECDH_ECDSA_WITH_NULL_SHA (Draft)TLS_ECDH_ECDSA_WITH_NULL_SHA (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings119TLS_ECDH_RSA_WITH_NULL_SHA (Draft)TLS_ECDH_RSA_WITH_NULL_SHA (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings11TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings120TLS_ECDH_anon_NULL_WITH_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA (Draft)TLS_ECDH_anon_NULL_WITH_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings121TLS_KRB5_WITH_NULL_SHA (Draft)TLS_KRB5_WITH_NULL_SHA (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings122TLS_KRB5_WITH_NULL_MD5 (Draft)TLS_KRB5_WITH_NULL_MD5 (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings123TLS_GOSTR341094_WITH_NULL_GOSTR3411 (Draft)TLS_GOSTR341094_WITH_NULL_GOSTR3411 (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings124TLS_GOSTR341001_WITH_NULL_GOSTR3411 (Draft)TLS_GOSTR341001_WITH_NULL_GOSTR3411 (Draft)radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings125TLS_RSA_WITH_RC4_128_SHATLS_RSA_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings126TLS_KRB5_WITH_RC4_128_SHATLS_KRB5_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings127TLS_DHE_DSS_WITH_RC4_128_SHATLS_DHE_DSS_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings128TLS_PSK_WITH_RC4_128_SHATLS_PSK_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings129TLS_DHE_PSK_WITH_RC4_128_SHATLS_DHE_PSK_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings12TLS_PSK_WITH_CHACHA20_POLY1305_SHA256TLS_PSK_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings130TLS_RSA_PSK_WITH_RC4_128_SHATLS_RSA_PSK_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings131TLS_ECDH_ECDSA_WITH_RC4_128_SHATLS_ECDH_ECDSA_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings132TLS_ECDHE_ECDSA_WITH_RC4_128_SHATLS_ECDHE_ECDSA_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings133TLS_ECDH_RSA_WITH_RC4_128_SHATLS_ECDH_RSA_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings134TLS_ECDHE_RSA_WITH_RC4_128_SHATLS_ECDHE_RSA_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings135TLS_ECDH_anon_WITH_RC4_128_SHATLS_ECDH_anon_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings136TLS_ECDHE_PSK_WITH_RC4_128_SHATLS_ECDHE_PSK_WITH_RC4_128_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings137TLS_NULL_WITH_NULL_NULLTLS_NULL_WITH_NULL_NULLradioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings138TLS_RSA_EXPORT_WITH_RC4_40_MD5TLS_RSA_EXPORT_WITH_RC4_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings139TLS_DH_anon_EXPORT_WITH_RC4_40_MD5TLS_DH_anon_EXPORT_WITH_RC4_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings13TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings140TLS_KRB5_WITH_DES_CBC_MD5TLS_KRB5_WITH_DES_CBC_MD5radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings141TLS_KRB5_WITH_3DES_EDE_CBC_MD5TLS_KRB5_WITH_3DES_EDE_CBC_MD5radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings142TLS_KRB5_WITH_IDEA_CBC_MD5TLS_KRB5_WITH_IDEA_CBC_MD5radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings143TLS_KRB5_EXPORT_WITH_RC4_40_MD5TLS_KRB5_EXPORT_WITH_RC4_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings144TLS_RSA_WITH_AES_128_CCMTLS_RSA_WITH_AES_128_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings145TLS_DHE_RSA_WITH_AES_128_CCMTLS_DHE_RSA_WITH_AES_128_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings146TLS_PSK_WITH_AES_128_CCMTLS_PSK_WITH_AES_128_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings147TLS_DHE_PSK_WITH_AES_128_CCMTLS_DHE_PSK_WITH_AES_128_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings148TLS_ECDHE_ECDSA_WITH_AES_128_CCMTLS_ECDHE_ECDSA_WITH_AES_128_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings149TLS_RSA_WITH_NULL_MD5TLS_RSA_WITH_NULL_MD5radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings14TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings150TLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings151TLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings152TLS_DH_DSS_WITH_AES_128_CBC_SHA256TLS_DH_DSS_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings153TLS_DH_RSA_WITH_AES_128_CBC_SHA256TLS_DH_RSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings154TLS_DHE_DSS_WITH_AES_128_CBC_SHA256TLS_DHE_DSS_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings155TLS_DHE_RSA_WITH_AES_128_CBC_SHA256TLS_DHE_RSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings156TLS_DH_DSS_WITH_AES_256_CBC_SHA256TLS_DH_DSS_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings157TLS_DH_RSA_WITH_AES_256_CBC_SHA256TLS_DH_RSA_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings158TLS_DHE_DSS_WITH_AES_256_CBC_SHA256TLS_DHE_DSS_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings159TLS_DHE_RSA_WITH_AES_256_CBC_SHA256TLS_DHE_RSA_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings15TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings160TLS_DH_anon_WITH_AES_128_CBC_SHA256TLS_DH_anon_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings161TLS_DH_anon_WITH_AES_256_CBC_SHA256TLS_DH_anon_WITH_AES_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings162TLS_RSA_WITH_AES_128_GCM_SHA256TLS_RSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings163TLS_DHE_RSA_WITH_AES_128_GCM_SHA256TLS_DHE_RSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings164TLS_DH_RSA_WITH_AES_128_GCM_SHA256TLS_DH_RSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings165TLS_DHE_DSS_WITH_AES_128_GCM_SHA256TLS_DHE_DSS_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings166TLS_DH_DSS_WITH_AES_128_GCM_SHA256TLS_DH_DSS_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings167TLS_DH_anon_WITH_AES_128_GCM_SHA256TLS_DH_anon_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings168TLS_PSK_WITH_AES_128_GCM_SHA256TLS_PSK_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings169TLS_DHE_PSK_WITH_AES_128_GCM_SHA256TLS_DHE_PSK_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings16TLS_ECDH_ECDSA_WITH_DES_CBC_SHA (Draft)TLS_ECDH_ECDSA_WITH_DES_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings170TLS_RSA_PSK_WITH_AES_128_GCM_SHA256TLS_RSA_PSK_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings171TLS_PSK_WITH_AES_128_CBC_SHA256TLS_PSK_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings172TLS_DHE_PSK_WITH_AES_128_CBC_SHA256TLS_DHE_PSK_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings173TLS_RSA_PSK_WITH_AES_128_CBC_SHA256TLS_RSA_PSK_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings174TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings175TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings176TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings177TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings178TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings179TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings17TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (Draft)TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings180TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings181TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings182TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings183TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings184TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings185TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings186TLS_AES_128_GCM_SHA256TLS_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings187TLS_AES_128_CCM_SHA256TLS_AES_128_CCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings188TLS_AES_128_CCM_8_SHA256TLS_AES_128_CCM_8_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings189TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings18TLS_ECDH_RSA_WITH_DES_CBC_SHA (Draft)TLS_ECDH_RSA_WITH_DES_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings190TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings191TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings192TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings193TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings194TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings195TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings196TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings197TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings198TLS_RSA_WITH_ARIA_128_CBC_SHA256TLS_RSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings199TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings19TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (Draft) or TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA (Draft)TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (Draft) or TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings1TLS_RSA_WITH_RC4_128_MD5TLS_RSA_WITH_RC4_128_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings200TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings201TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings202TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings203TLS_DH_anon_WITH_ARIA_128_CBC_SHA256TLS_DH_anon_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings204TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings205TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings206TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings207TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings208TLS_RSA_WITH_ARIA_128_GCM_SHA256TLS_RSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings209TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings20TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA (Draft)TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings210TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings211TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings212TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings213TLS_DH_anon_WITH_ARIA_128_GCM_SHA256TLS_DH_anon_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings214TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings215TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings216TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings217TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings218TLS_PSK_WITH_ARIA_128_CBC_SHA256TLS_PSK_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings219TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings21TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA (Draft)TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings220TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings221TLS_PSK_WITH_ARIA_128_GCM_SHA256TLS_PSK_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings222TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings223TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings224TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings225TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings226TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings227TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings228TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings229TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings22TLS_ECDH_anon_WITH_DES_CBC_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA (Draft)TLS_ECDH_anon_WITH_DES_CBC_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings230TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings231TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings232TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings233TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings234TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings235TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings236TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings237TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings238TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings239TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings23TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA (Draft)TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA (Draft) or TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings240TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings241TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings242TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings243TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings244TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings245TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings246TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings247TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings248TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings249TLS_RSA_EXPORT_WITH_DES40_CBC_SHATLS_RSA_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings24TLS_KRB5_WITH_3DES_EDE_CBC_SHA (Draft)TLS_KRB5_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings250TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHATLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings251TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHATLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings252TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHATLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings253TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHATLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings254TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHATLS_DH_anon_EXPORT_WITH_DES40_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings255TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHATLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings256TLS_FORTEZZA_KEA_WITH_RC4_128_SHA or TLS_KRB5_WITH_DES_CBC_SHATLS_FORTEZZA_KEA_WITH_RC4_128_SHA or TLS_KRB5_WITH_DES_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings257TLS_RSA_WITH_SEED_CBC_SHATLS_RSA_WITH_SEED_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings258TLS_RSA_WITH_AES_256_GCM_SHA384TLS_RSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings259TLS_DHE_RSA_WITH_AES_256_GCM_SHA384TLS_DHE_RSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings25TLS_KRB5_WITH_3DES_EDE_CBC_MD5 (Draft)TLS_KRB5_WITH_3DES_EDE_CBC_MD5 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings260TLS_DH_RSA_WITH_AES_256_GCM_SHA384TLS_DH_RSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings261TLS_DHE_DSS_WITH_AES_256_GCM_SHA384TLS_DHE_DSS_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings262TLS_DH_DSS_WITH_AES_256_GCM_SHA384TLS_DH_DSS_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings263TLS_DH_anon_WITH_AES_256_GCM_SHA384TLS_DH_anon_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings264TLS_PSK_WITH_AES_256_GCM_SHA384TLS_PSK_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings265TLS_DHE_PSK_WITH_AES_256_GCM_SHA384TLS_DHE_PSK_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings266TLS_RSA_PSK_WITH_AES_256_GCM_SHA384TLS_RSA_PSK_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings267TLS_PSK_WITH_AES_256_CBC_SHA384TLS_PSK_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings268TLS_DHE_PSK_WITH_AES_256_CBC_SHA384TLS_DHE_PSK_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings269TLS_RSA_PSK_WITH_AES_256_CBC_SHA384TLS_RSA_PSK_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings26TLS_KRB5_WITH_DES_CBC_SHA (Draft)TLS_KRB5_WITH_DES_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings270TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings271TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings272TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings273TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings274TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings275TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings276TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings277TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings278TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings279TLS_RSA_WITH_ARIA_256_CBC_SHA384TLS_RSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings27TLS_KRB5_WITH_DES_CBC_MD5 (Draft)TLS_KRB5_WITH_DES_CBC_MD5 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings280TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings281TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings282TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings283TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings284TLS_DH_anon_WITH_ARIA_256_CBC_SHA384TLS_DH_anon_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings285TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings286TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings287TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings288TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings289TLS_RSA_WITH_ARIA_256_GCM_SHA384TLS_RSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings28TLS_AES_256_GCM_SHA384TLS_AES_256_GCM_SHA384radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings290TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings291TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings292TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings293TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings294TLS_DH_anon_WITH_ARIA_256_GCM_SHA384TLS_DH_anon_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings295TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings296TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings297TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings298TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings299TLS_PSK_WITH_ARIA_256_CBC_SHA384TLS_PSK_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings29TLS_ECCPWD_WITH_AES_128_GCM_SHA256 (Draft)TLS_ECCPWD_WITH_AES_128_GCM_SHA256 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings2TLS_DH_anon_WITH_RC4_128_MD5TLS_DH_anon_WITH_RC4_128_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings300TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings301TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings302TLS_PSK_WITH_ARIA_256_GCM_SHA384TLS_PSK_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings303TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings304TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings305TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings306TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings307TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings308TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings309TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings30TLS_ECCPWD_WITH_AES_128_CCM_SHA256 (Draft)TLS_ECCPWD_WITH_AES_128_CCM_SHA256 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings310TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings311TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings312TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings313TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings314TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings315TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings316TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings317TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings318TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings319TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings31TLS_ECCPWD_WITH_AES_256_CCM_SHA384 (Draft)TLS_ECCPWD_WITH_AES_256_CCM_SHA384 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings320TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings321TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings322TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings323TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings324TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings325TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings326TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings327TLS_RSA_WITH_AES_128_CCM_8TLS_RSA_WITH_AES_128_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings328TLS_RSA_WITH_AES_256_CCM_8TLS_RSA_WITH_AES_256_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings329TLS_DHE_RSA_WITH_AES_128_CCM_8TLS_DHE_RSA_WITH_AES_128_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings32TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings330TLS_DHE_RSA_WITH_AES_256_CCM_8TLS_DHE_RSA_WITH_AES_256_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings331TLS_PSK_WITH_AES_128_CCM_8TLS_PSK_WITH_AES_128_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings332TLS_PSK_WITH_AES_256_CCM_8TLS_PSK_WITH_AES_256_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings333TLS_PSK_DHE_WITH_AES_128_CCM_8TLS_PSK_DHE_WITH_AES_128_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings334TLS_PSK_DHE_WITH_AES_256_CCM_8TLS_PSK_DHE_WITH_AES_256_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings335TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings336TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings337TLS_RSA_WITH_IDEA_CBC_SHATLS_RSA_WITH_IDEA_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings338TLS_RSA_WITH_DES_CBC_SHATLS_RSA_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings339TLS_RSA_WITH_3DES_EDE_CBC_SHATLS_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings33TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings340TLS_DH_DSS_WITH_DES_CBC_SHATLS_DH_DSS_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings341TLS_DH_DSS_WITH_3DES_EDE_CBC_SHATLS_DH_DSS_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings342TLS_DH_RSA_WITH_DES_CBC_SHATLS_DH_RSA_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings343TLS_DH_RSA_WITH_3DES_EDE_CBC_SHATLS_DH_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings344TLS_DHE_DSS_WITH_DES_CBC_SHATLS_DHE_DSS_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings345TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHATLS_DHE_DSS_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings346TLS_DHE_RSA_WITH_DES_CBC_SHATLS_DHE_RSA_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings347TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHATLS_DHE_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings348TLS_DH_anon_WITH_DES_CBC_SHATLS_DH_anon_WITH_DES_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings349TLS_DH_anon_WITH_3DES_EDE_CBC_SHATLS_DH_anon_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings34TLS_RSA_WITH_SALSA20_SHA1 (Draft)TLS_RSA_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings350TLS_KRB5_WITH_3DES_EDE_CBC_SHATLS_KRB5_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings351TLS_KRB5_WITH_IDEA_CBC_SHATLS_KRB5_WITH_IDEA_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings352TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings353TLS_DH_DSS_WITH_AES_128_CBC_SHATLS_DH_DSS_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings354TLS_DH_RSA_WITH_AES_128_CBC_SHATLS_DH_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings355TLS_DHE_DSS_WITH_AES_128_CBC_SHATLS_DHE_DSS_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings356TLS_DHE_RSA_WITH_AES_128_CBC_SHATLS_DHE_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings357TLS_DH_anon_WITH_AES_128_CBC_SHATLS_DH_anon_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings358TLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings359TLS_RSA_WITH_CAMELLIA_128_CBC_SHATLS_RSA_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings35TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings360TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHATLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings361TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHATLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings362TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHATLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings363TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHATLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings364TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHATLS_DH_anon_WITH_CAMELLIA_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings365TLS_RSA_WITH_CAMELLIA_256_CBC_SHATLS_RSA_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings366TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHATLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings367TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHATLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings368TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHATLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings369TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHATLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings36TLS_ECDHE_RSA_WITH_SALSA20_SHA1 (Draft)TLS_ECDHE_RSA_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings370TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHATLS_DH_anon_WITH_CAMELLIA_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings371TLS_PSK_WITH_3DES_EDE_CBC_SHATLS_PSK_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings372TLS_PSK_WITH_AES_128_CBC_SHATLS_PSK_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings373TLS_PSK_WITH_AES_256_CBC_SHATLS_PSK_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings374TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHATLS_DHE_PSK_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings375TLS_DHE_PSK_WITH_AES_128_CBC_SHATLS_DHE_PSK_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings376TLS_DHE_PSK_WITH_AES_256_CBC_SHATLS_DHE_PSK_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings377TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHATLS_RSA_PSK_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings378TLS_RSA_PSK_WITH_AES_128_CBC_SHATLS_RSA_PSK_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings379TLS_RSA_PSK_WITH_AES_256_CBC_SHATLS_RSA_PSK_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings37TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings380TLS_DH_DSS_WITH_SEED_CBC_SHATLS_DH_DSS_WITH_SEED_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings381TLS_DH_RSA_WITH_SEED_CBC_SHATLS_DH_RSA_WITH_SEED_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings382TLS_DHE_DSS_WITH_SEED_CBC_SHATLS_DHE_DSS_WITH_SEED_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings383TLS_DHE_RSA_WITH_SEED_CBC_SHATLS_DHE_RSA_WITH_SEED_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings384TLS_DH_anon_WITH_SEED_CBC_SHATLS_DH_anon_WITH_SEED_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings385TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHATLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings386TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHATLS_ECDH_ECDSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings387TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHATLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings388TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHATLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings389TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings38TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 (Draft)TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings390TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings391TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHATLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings392TLS_ECDH_RSA_WITH_AES_128_CBC_SHATLS_ECDH_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings393TLS_ECDH_RSA_WITH_AES_256_CBC_SHATLS_ECDH_RSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings394TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHATLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings395TLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings396TLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_RSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings397TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHATLS_ECDH_anon_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings398TLS_ECDH_anon_WITH_AES_128_CBC_SHATLS_ECDH_anon_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings399TLS_ECDH_anon_WITH_AES_256_CBC_SHATLS_ECDH_anon_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings39TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings3TLS_KRB5_WITH_RC4_128_MD5TLS_KRB5_WITH_RC4_128_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings400TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHATLS_SRP_SHA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings401TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHATLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings402TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHATLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings403TLS_SRP_SHA_WITH_AES_128_CBC_SHATLS_SRP_SHA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings404TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHATLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings405TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHATLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings406TLS_SRP_SHA_WITH_AES_256_CBC_SHATLS_SRP_SHA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings407TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHATLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings408TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHATLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings409TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHATLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings40TLS_PSK_WITH_SALSA20_SHA1 (Draft)TLS_PSK_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings410TLS_ECDHE_PSK_WITH_AES_128_CBC_SHATLS_ECDHE_PSK_WITH_AES_128_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings411TLS_ECDHE_PSK_WITH_AES_256_CBC_SHATLS_ECDHE_PSK_WITH_AES_256_CBC_SHAradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings41TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings42TLS_ECDHE_PSK_WITH_SALSA20_SHA1 (Draft)TLS_ECDHE_PSK_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings43TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings44TLS_RSA_PSK_WITH_SALSA20_SHA1 (Draft)TLS_RSA_PSK_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings45TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings46TLS_DHE_PSK_WITH_SALSA20_SHA1 (Draft)TLS_DHE_PSK_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings47TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings48TLS_DHE_RSA_WITH_SALSA20_SHA1 (Draft)TLS_DHE_RSA_WITH_SALSA20_SHA1 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings49TLS_RSA_FIPS_WITH_DES_CBC_SHA (Draft)TLS_RSA_FIPS_WITH_DES_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings4TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHATLS_KRB5_EXPORT_WITH_DES_CBC_40_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings50TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (Draft)TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings51TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA_2 (Draft)TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA_2 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings52TLS_RSA_FIPS_WITH_DES_CBC_SHA_2 (Draft)TLS_RSA_FIPS_WITH_DES_CBC_SHA_2 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings53TLS_RSA_WITH_DES_CBC_MD5 (Draft)TLS_RSA_WITH_DES_CBC_MD5 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings54TLS_RSA_WITH_3DES_EDE_CBC_MD5 (Draft)TLS_RSA_WITH_3DES_EDE_CBC_MD5 (Draft)radioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings55TLS_DH_DSS_WITH_AES_256_CBC_SHATLS_DH_DSS_WITH_AES_256_CBC_SHAradioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings56TLS_DH_RSA_WITH_AES_256_CBC_SHATLS_DH_RSA_WITH_AES_256_CBC_SHAradioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings57TLS_DHE_DSS_WITH_AES_256_CBC_SHATLS_DHE_DSS_WITH_AES_256_CBC_SHAradioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings58TLS_DHE_RSA_WITH_AES_256_CBC_SHATLS_DHE_RSA_WITH_AES_256_CBC_SHAradioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings59TLS_DH_anon_WITH_AES_256_CBC_SHATLS_DH_anon_WITH_AES_256_CBC_SHAradioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings5TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHATLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings60TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA (Draft1)TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA (Draft1)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings61TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA (Draft1)TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA (Draft1)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings62TLS_RSA_WITH_NULL_SHA256TLS_RSA_WITH_NULL_SHA256radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings63TLS_RSA_EXPORT1024_WITH_RC4_56_MD5TLS_RSA_EXPORT1024_WITH_RC4_56_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings64TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings65TLS_RSA_EXPORT1024_WITH_DES_CBC_SHATLS_RSA_EXPORT1024_WITH_DES_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings66TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHATLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings67TLS_RSA_EXPORT1024_WITH_RC4_56_SHATLS_RSA_EXPORT1024_WITH_RC4_56_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings68TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHATLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings69TLS_PSK_WITH_NULL_SHA256TLS_PSK_WITH_NULL_SHA256radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings6TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA (Draft2)TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA (Draft2)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings70TLS_DHE_PSK_WITH_NULL_SHA256TLS_DHE_PSK_WITH_NULL_SHA256radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings71TLS_RSA_PSK_WITH_NULL_SHA256TLS_RSA_PSK_WITH_NULL_SHA256radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings72TLS_ECDHE_PSK_WITH_NULL_SHA256TLS_ECDHE_PSK_WITH_NULL_SHA256radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings73TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings74TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings75TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings76TLS_GOSTR341094_WITH_28147_CNT_IMIT (Draft)TLS_GOSTR341094_WITH_28147_CNT_IMIT (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings77TLS_GOSTR341001_WITH_28147_CNT_IMIT (Draft)TLS_GOSTR341001_WITH_28147_CNT_IMIT (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings78TLS_ECCPWD_WITH_AES_256_GCM_SHA384 (Draft)TLS_ECCPWD_WITH_AES_256_GCM_SHA384 (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings79TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings7TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA (Draft2)TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA (Draft2)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings80TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings81TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (Draft)radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings82TLS_RSA_WITH_AES_256_CCMTLS_RSA_WITH_AES_256_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings83TLS_DHE_RSA_WITH_AES_256_CCMTLS_DHE_RSA_WITH_AES_256_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings84TLS_PSK_WITH_AES_256_CCMTLS_PSK_WITH_AES_256_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings85TLS_DHE_PSK_WITH_AES_256_CCMTLS_DHE_PSK_WITH_AES_256_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings86TLS_ECDHE_ECDSA_WITH_AES_256_CCMTLS_ECDHE_ECDSA_WITH_AES_256_CCMradioMedium cipherNull cipherWeak cipherStrong cipherMedium cipherSSL/TLS: Cipher Settings87TLS_KRB5_EXPORT_WITH_RC4_40_SHATLS_KRB5_EXPORT_WITH_RC4_40_SHAradioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings88TLS_ECDH_ECDSA_WITH_RC4_128_SHA (Draft)TLS_ECDH_ECDSA_WITH_RC4_128_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings89TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (Draft) or TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA (Draft)TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (Draft) or TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings8TLS_CHACHA20_POLY1305_SHA256TLS_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherSSL/TLS: Cipher Settings90TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (Draft) or TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA (Draft)TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (Draft) or TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings91TLS_ECDH_RSA_WITH_RC4_128_SHA (Draft)TLS_ECDH_RSA_WITH_RC4_128_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings92TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA (Draft) or TLS_SRP_SHA_WITH_AES_128_CBC_SHA (Draft)TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA (Draft) or TLS_SRP_SHA_WITH_AES_128_CBC_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings93TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA (Draft)TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA (Draft) or TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings94TLS_ECDH_anon_WITH_RC4_128_SHA (Draft) or TLS_SRP_SHA_WITH_AES_256_CBC_SHA (Draft)TLS_ECDH_anon_WITH_RC4_128_SHA (Draft) or TLS_SRP_SHA_WITH_AES_256_CBC_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings95TLS_KRB5_WITH_RC4_128_SHA (Draft)TLS_KRB5_WITH_RC4_128_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings96TLS_KRB5_WITH_RC4_128_MD5 (Draft)TLS_KRB5_WITH_RC4_128_MD5 (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings97TLS_KRB5_WITH_AES_128_CBC_SHA (Draft)TLS_KRB5_WITH_AES_128_CBC_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings98TLS_KRB5_WITH_AES_256_CBC_SHA (Draft)TLS_KRB5_WITH_AES_256_CBC_SHA (Draft)radioWeak cipherNull cipherMedium cipherStrong cipherWeak cipherSSL/TLS: Cipher Settings99TLS_PSK_WITH_NULL_SHA384TLS_PSK_WITH_NULL_SHA384radioNull cipherWeak cipherMedium cipherStrong cipherNull cipherSSL/TLS: Cipher Settings9TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256radioStrong cipherNull cipherWeak cipherMedium cipherStrong cipherChecks for open TCP ports1SilentSilentcheckboxyesyesSMB Authorization1SMB login:SMB login:entrySMB Authorization2SMB password:SMB password:passwordSMB Authorization3SMB domain (optional):SMB domain (optional):entryLDAPsearch1timelimit value (in seconds)timelimit value (in seconds)entry36003600LDAPsearch2sizelimit valuesizelimit valueentry500500IT-Grundschutz, 15. EL1BerichtformatBerichtformatradioTextTabellarischText und TabellarischTextIT-Grundschutz M4.023: Sicherer Aufruf ausführbarer Dateien1Alle Dateien AuflistenAlle Dateien AuflistencheckboxnonoPCI-DSS Version 3.11Berichtformat/Report FormatBerichtformat/Report FormatradioTextTabellarisch/TabularText und/and Tabellarisch/TabularTextCompliance Tests10Launch latest PCI-DSS versionLaunch latest PCI-DSS versioncheckboxnonoCompliance Tests11Verbose PCI-DSS resultsVerbose PCI-DSS resultscheckboxyesnoCompliance Tests12Launch Cyber EssentialsLaunch Cyber EssentialscheckboxnonoCompliance Tests13Launch EU GDPRLaunch EU GDPRcheckboxnonoCompliance Tests14Verbose Policy ControlsVerbose Policy ControlscheckboxyesnoCompliance Tests15Launch Compliance TestLaunch Compliance TestcheckboxnonoCompliance Tests16PCI-DSS Berichtsprache/Report LanguagePCI-DSS Berichtsprache/Report LanguageradioDeutschEnglishDeutschCompliance Tests17Testuser Common NameTestuser Common NameentryCNCNCompliance Tests18Testuser Organization UnitTestuser Organization UnitentryOUOUCompliance Tests19Windows DomaenenfunktionsmodusWindows DomaenenfunktionsmodusradioUnbekanntWindows 2000 gemischt und Windows 2000 purWindows Server 2003 InterimWindows Server 2003Windows Server 2008Windows Server 2008 R2UnbekanntCompliance Tests1Launch IT-Grundschutz (10. EL)Launch IT-Grundschutz (10. EL)checkboxnonoCompliance Tests2Launch IT-Grundschutz (11. EL)Launch IT-Grundschutz (11. EL)checkboxnonoCompliance Tests3Launch IT-Grundschutz (12. EL)Launch IT-Grundschutz (12. EL)checkboxnonoCompliance Tests4Launch IT-Grundschutz (13. EL)Launch IT-Grundschutz (13. EL)checkboxnonoCompliance Tests5Launch IT-Grundschutz (15. EL)Launch IT-Grundschutz (15. EL)checkboxnonoCompliance Tests6Launch latest IT-Grundschutz versionLaunch latest IT-Grundschutz versioncheckboxnonoCompliance Tests7Level of Security (IT-Grundschutz)Level of Security (IT-Grundschutz)radioBasisStandardKernBasisCompliance Tests8Verbose IT-Grundschutz resultsVerbose IT-Grundschutz resultscheckboxnonoCompliance Tests9Launch PCI-DSS (Version 2.0)Launch PCI-DSS (Version 2.0)checkboxnonoMicrosoft Windows: Last Access Timestamp'1ValueValueradio010Search in LDAP, Users with conf. LogonHours1Testuser Common NameTestuser Common NameentryCNCNSearch in LDAP, Users with conf. LogonHours2Testuser Organization UnitTestuser Organization UnitentryOUOUTest Webserver SSL Certificate1X.509 Root Authority Certificate(PEM)X.509 Root Authority Certificate(PEM)fileIT-Grundschutz: SSH and Telnet BruteForce attack1BruteForce Attacke with Default-Usern and -PasswordsBruteForce Attacke with Default-Usern and -PasswordscheckboxnonoIT-Grundschutz: List reject Rule on Cisco Voip Devices over Telnet1Telnet Testuser NameTelnet Testuser NameentryUserNameUserNameIT-Grundschutz: List reject Rule on Cisco Voip Devices over Telnet2Telnet Testuser PasswordTelnet Testuser PasswordpasswordSearch in LDAP the lastLogonTimestamp of Users.1Testuser Common NameTestuser Common NameentryCNCNSearch in LDAP the lastLogonTimestamp of Users.2Testuser Organization UnitTestuser Organization UnitentryOUOULeave information on scanned Windows hosts1EnableEnablecheckboxnonoLeave information on scanned Windows hosts2MessageMessageentrySecurity Scan of ::HOSTNAME:: finished. Start: ::SCAN_START:: Stop: ::SCAN_STOP::Security Scan of ::HOSTNAME:: finished. Start: ::SCAN_START:: Stop: ::SCAN_STOP::BSI-TR-03116-4 Policy1Perform check:Perform check:checkboxnonoWindows file Checksums1List all and not only the first 100 entriesList all and not only the first 100 entriescheckboxnonoWindows file Checksums2Install hash test Programm on the TargetInstall hash test Programm on the TargetcheckboxnonoWindows file Checksums3Delete hash test Programm after the testDelete hash test Programm after the testcheckboxyesyesWindows file Checksums4Target checksum FileTarget checksum FilefileGet Windows Eventlog Entries over WMI1Maximum number of log linesMaximum number of log linesentry00PCI-DSS Version 2.01Berichtformat/Report FormatBerichtformat/Report FormatradioTextTabellarisch/TabularText und/and Tabellarisch/TabularTextauto_enable_dependenciesauto_enable_dependencies11cgi_pathcgi_path/cgi-bin:/scripts/cgi-bin:/scriptschecks_read_timeoutchecks_read_timeout55debug_modedebug_mode00drop_privilegesdrop_privileges00dry_rundry_run00expand_vhostsexpand_vhosts11max_sysloadmax_sysload2525min_free_memmin_free_mem10241024network_scannetwork_scan00non_simult_portsnon_simult_ports139, 445, 3389, Services/irc139, 445, 3389, Services/ircopen_sock_max_attemptsopen_sock_max_attempts55optimize_testoptimize_test11plugins_timeoutplugins_timeout320320report_host_detailsreport_host_details11safe_checkssafe_checks11scanner_plugins_timeoutscanner_plugins_timeout3600036000test_empty_vhosttest_empty_vhost00time_between_requesttime_between_request00timeout_retrytimeout_retry33unscanned_closedunscanned_closed11unscanned_closed_udpunscanned_closed_udp1183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000383f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15002083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15002283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999683f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15002183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000683f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10999383f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997383f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10984183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997683f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10983883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10984083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001383f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001683f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10996783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15001783f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998383f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10996983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10984283f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10996883f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10998683f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.15000083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10997083f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10983983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.1425983f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10031583f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.1039483f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.10362183f9a204-9883-41be-818a-35196b324715121.3.6.1.4.1.25623.1.0.95888first=1 rows=-1 uuid= uuid=b9473918-de81-4fbc-b659-2b8f11f5123e sort=namefirst=1rows=-1uuid=uuid=b9473918-de81-4fbc-b659-2b8f11f5123esort=namenameascending1911