UCF STIG Viewer Logo

Microsoft DotNet Framework 4.0 STIG

Findings (MAC I - Mission Critical Sensitive)

Finding ID Severity Title
V-30935 Medium .NET must be configured to validate strong names on full-trust assemblies.
V-7061 Medium The Trust Providers Software Publishing State must be set to 0x23C00.
V-7069 Medium CAS and policy configuration files must be backed up.
V-30926 Medium The .NET CLR must be configured to use FIPS approved encryption modules.
V-30968 Medium Trust must be established prior to enabling the loading of remote code in .Net 4.
V-18395 Medium .Net Framework versions installed on the system must be supported.
V-7063 Medium Developer certificates used with the .NET Publisher Membership Condition must be approved by the IAO.
V-32025 Medium Remoting Services TCP channels must utilize authentication and encryption.
V-7070 Medium Remoting Services HTTP channels must utilize authentication and encryption.
V-31026 Medium Event tracing for Windows (ETW) for Common Language Runtime events must be enabled.
V-7067 Medium Encryption keys used for the .NET Strong Name Membership Condition must be protected.
V-30986 Medium Software utilizing .Net 4.0 must be identified and relevant access controls configured.
V-81495 Medium Disable TLS RC4 cipher in .Net
V-7055 Medium Digital signatures assigned to strongly named assemblies must be verified.
V-30937 Low .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance.
V-30972 Low .NET default proxy settings must be reviewed and approved.