V-31026 | Medium | Event tracing for Windows (ETW) for Common Language Runtime events must be enabled. | Event tracing captures information about applications utilizing the .NET CLR and the .NET CLR itself. This includes security oriented information, such as Strong Name and Authenticode... |
V-7061 | Medium | The Trust Providers Software Publishing State must be set to 0x23C00. | Microsoft Windows operating systems provide a feature called Authenticode. Authenticode technology and its underlying code signing mechanisms serve to provide a structure to identify software... |
V-30926 | Medium | The .NET CLR must be configured to use FIPS approved encryption modules. | FIPS encryption is configured via .NET configuration files. There are numerous configuration files that affect different aspects of .Net behavior. The .NET config files are described below.
... |
V-7055 | Medium | Digital signatures assigned to strongly named assemblies must be verified. | A strong name consists of the assembly's identity, simple text name, version number, and culture information (if provided)—plus a public key and a digital signature. Strong names serve to... |