Question on security Audit

One of my clients send me the scurity audit requirements and One of the Point is stating

On active Directory Servers : Update OpenSSL 1.0.1s (How do you do that ? Does all the Active Directory servers have this feature enabled?

2) Deactivate SSL2 and SSL3 and Activate TLS 1.1 and 1.2 On RDP  How do you do that?

Who is Participating?
btanConnect With a Mentor Exec ConsultantCommented:
For openssl update, you can get the update in (see "OpenSSL for Windows")
[   ]        2016-12-01 05:04  960K  
[   ]      2016-12-01 05:04  1.0M
Win32 OpenSSL v1.1.0c

For cipher update, use iiscrypto which is a GUI for disabling the SChannel registry value for SSLv2 nor SSLv3 and enable the TLS1.0 above .
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
(e.g Apply FIPS 140-2 settings -> Disables SSLv3 and older... make sure not to disable TLS 1.0 or might lose RDP with default settings.)
tools -
gazambeyAuthor Commented:
Good Explanations
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.