IISCrypto - Best Practices - SWEET32 Vulnerability Remediation Param
Summary
This document applies the IISCrypto BestPractice Template to remediate the SWEET32 Vulnerability. A reboot is mandatory after applying the template to validate the changes. The script can reboot the machine depending on the user parameters input.
Requirements
Place the attached BestPractice.ictpl file in the "LTShare/Transfer/configs/IISCrypto" directory as BestPractice.ictpl on the Automate Server. This path can be found at the WebDAV login for the hosted partners.
Sample Run
Dependencies
Variables
| Name | Description |
|---|---|
| ProjectName | BestPractice |
| WorkingDirectory | C:/ProgramData/_automation/script/BestPractice |
| ShellResult | Output of the command applying the template |
User Parameters
| Name | Example | Required | Description |
|---|---|---|---|
| Reboot_Immediately | 1 | False | Setting this parameter to 1 will reboot the computer immediately after applying the template. |
| Prompt_User_To_Reboot | 1 | False | Setting this parameter to 1 will mark the Pending Reboot EDF, which will initiate the Dynamic Reboot Prompt solution. |
Note:
- The
Reboot_Immediatelyparameter takes precedence overPrompt_User_To_Rebootif both parameters are set. - If neither of the parameters is set to 1, then the script will neither reboot the computer nor initiate reboot prompts for the user, but it will implement the template. Changes will not be validated unless the computer restarts.
Output
- Script Logs
- EDF
- User Prompts