| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-SW-89108 | 22.19.120.22 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-SW-89134 | 22.19.120.21 | 2026-03-04 | |||
Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-WS-92010 | 164.231.187.45 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
| MONT-WS-92040 | 164.231.187.72 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: FA8A28E5C7305C47B185A011067CD50419C4016B ~~~~~ 'Network security: Configure encryption types allowed for Kerberos' is Enabled: (AES128_HMAC_SHA1, AES256_HMAC_SHA1, and Future encryption types) Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters Value Name: SupportedEncryptionTypes Value: 0x7ffffff8 (2147483640) Type: REG_DWORD Comments |
|||||
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\ Value Name: SupportedEncryptionTypes Value Type: REG_DWORD Value: 0x7ffffff8 (2147483640)
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Configure encryption types allowed for Kerberos" to "Enabled" with only the following selected: AES128_HMAC_SHA1 AES256_HMAC_SHA1 Future encryption types