Currently, MSB supports both the HTTPS and HTTP based REST APIs, HTTP APIs should be removed in F release.

Request from CII badged:

For each incoming network connection supported by your application:
1) Does it enable one of the insecure protocols or versions by default?
2) Is a variable needed to turn on the secure protocol, compared to turning on the insecure protocol?
3) Is the secure protocol disabled if the insecure protocol is enabled? (Is it a toggle?)
4) Is an insecure protocol accidently enabled if something is wrong with something needed for the secure protocol to work? (e.g. a missing key)
5) (no answers are good)

If there are no incoming connections:
1) Click (N/A)
2) In the description, enter the date (e.g., [2019/08/26]) and an indication why N/A was appropriate

If NO for all incoming connections:
1) Click (Met)
2) In the description, enter the date (e.g., [2019/08/26]) and an indication why (Met) is appropriate

If some of the answers are YES (you have some insecure protocols/versions enabled by default):
1) Click (Unmet)
2) In the description, enter the date (e.g., [2019/08/26]) and a description where something was not met.
3) File JIRA tickets for each issue that needs resolution.
4) In the description, enter the date and document which pieces meet or do not meet the criteria.
5) You can also document which pieces DO meet the criteria, if there is a mixture.