powershell_script ‘DisableWeakCiphers’ do guard_interpreter :powershell_script code <<-EOH Disable-TlsCipherSuite -Name “TLS_RSA_WITH_3DES_EDE_CBC_SHA” Disable-TlsCipherSuite -Name “TLS_RSA_WITH_RC4_128_SHA” Disable-TlsCipherSuite -Name “TLS_RSA_WITH_RC4_128_MD5” Disable-TlsCipherSuite -Name “TLS_DHE_RSA_WITH_AES_256_CBC_SHA” Disable-TlsCipherSuite -Name “TLS_DHE_RSA_WITH_AES_128_CBC_SHA” Disable-TlsCipherSuite -Name “TLS_DHE_RSA_WITH_AES_256_GCM_SHA384” Disable-TlsCipherSuite -Name “TLS_DHE_RSA_WITH_AES_128_GCM_SHA256” EOH end