New hardening settings for baseline version 6.0
New hardening settings have been released with Security Center baseline version 6.0.
- Enforce application specific ACLs only for application data
- Disable legacy JQuery UI usage
- Display recommendations for high risk UI pages
- Enforce current password policy compliance requirements on login
- Prevent Users From Accepting Warning To Bypass CSRF Validation [Updated in Security Center 1.3 and 1.5]
- Require Minimum and Maximum Password Length [Updated in Security center 2.2]
- Limit session length for high assurance sessions
- Disable deprecated TLS versions
- Disable local login for users with Single Sign-On (SSO) enabled
- Reduce allowed bypasses for multifactor setup
- Prevent impersonating user from viewing application data
- Prevent verbose HTTP request logging
- Enable relay state in SAML requests to prevent replay attacks
- Minimize failed login attempts for high assurance sessions
- Apply continuous authentication policies to mobile sessions
- Disable use of TripleDES/3DES encryption algorithm