Is Assessor’s remote assessment with WinRM over HTTP as secure as the assessment with WinRM over HTTPS?
Product Name
CIS-CAT Pro Assessor v4
Product Version
4.43.0+
Date
Dec 16, 2021
Problem
If we use a Window’s local or domain account for the remote assessment with WinRM over HTTP, could we enjoy the same level of encryption of communication as HTTPS?
Solution
HTTP doesn’t provide encryption, HTTPS does provide encryption. NTLMv2 authentication is the only supported authentication method for Windows assessments. Credentials will be encrypted when using NTLMv2 over HTTP. However, everything else will be in cleartext. When using HTTPS, all information will be encrypted.
Keywords; winrm encryption secure NTLM AES Kerberos
Content by Label