| Review the SharePoint server configuration to ensure mechanisms are used for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. |
Click "File", "Add/Remove Snap-in", and "add Group Policy Object Editor".
Enter a name for the Group Policy Object, or accept the default.
Navigate to Computer Policy >> Computer Configuration >> Administrative Templates >> Network >> SSL Configuration settings.
Right-click "SSL Configuration Settings", click "SSL Cipher Suite Orde"r, click "Edit".
In the "SSL Cipher Suite Order" dialog box, if "Enabled" is not selected, this is a finding.
Under Options, in the "SSL Cipher Suites" text box, a list of cipher suites will be displayed.
If any DES or RC4 cipher suites exist in the list, this is a finding.