CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 4 of 4 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-223291	CAT II	MONT-WS-92040	Microsoft Office 365 ProPlus Security Te...	Office applications must be configured to specify ...		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\security If the value defaultencryption12 is set to REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\W.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1106 ResultHash: 51F7F04A8BE8E239EFB2FA6988635FFCEAD49DBD ~~~~~ 'Encryption type for password protected Office 97-2003 files' is Enabled: (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256) Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\16.0\common\security Value Name: defaultencryption12 Value: Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256 Type: REG_SZ Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl Scan Date: 2026-01-14T12:57:25.987513 Technology Area: Windows Operating System
V-223291	CAT II	MONT-WS-92010	Microsoft Office 365 ProPlus Security Te...	Office applications must be configured to specify ...		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\security If the value defaultencryption12 is set to REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: 51F7F04A8BE8E239EFB2FA6988635FFCEAD49DBD ~~~~~ 'Encryption type for password protected Office 97-2003 files' is Enabled: (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256) Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\16.0\common\security Value Name: defaultencryption12 Value: Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256 Type: REG_SZ Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl Scan Date: 2026-01-14T12:57:28.231385 Technology Area: Windows Operating System
V-223291	CAT II	MONT-SW-89108	Microsoft Office 365 ProPlus Security Te...	Office applications must be configured to specify ...		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\security If the value defaultencryption12 is set to REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89108\Scan.Admin UserSID: S-1-5-21-4163428051-2768110797-3591193048-1016 ResultHash: 51F7F04A8BE8E239EFB2FA6988635FFCEAD49DBD ~~~~~ 'Encryption type for password protected Office 97-2003 files' is Enabled: (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256) Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\16.0\common\security Value Name: defaultencryption12 Value: Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256 Type: REG_SZ Source: MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl Scan Date: 2026-03-04T15:25:16.145630 Technology Area: Windows Operating System
V-223291	CAT II	MONT-SW-89134	Microsoft Office 365 ProPlus Security Te...	Office applications must be configured to specify ...		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\security If the value defaultencryption12 is set to REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256. Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89134\dod_admin UserSID: S-1-5-21-4004422625-1934610219-1178763574-1001 ResultHash: 51F7F04A8BE8E239EFB2FA6988635FFCEAD49DBD ~~~~~ 'Encryption type for password protected Office 97-2003 files' is Enabled: (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256) Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\16.0\common\security Value Name: defaultencryption12 Value: Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256 Type: REG_SZ Source: MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl Scan Date: 2026-03-04T15:25:42.171357 Technology Area: Windows Operating System

CUI