To determine if the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing policy is enabled or disabled on a computer, use REG.EXE built into Windows XP and later, or REG.EXE from the Windows 2000 Support Tools on the CD-ROM, to run the following scriptlet:

:: Default setting of the FIPS environment variable is N, disabled.
set FIPS=N
for /f "Tokens=1,3" %%a in ('reg query HKLM\System\CurrentControlSet\Control\Lsa ^|FIND /I "fipsalgorithmpolicy"') do (
 if "%%b" EQU "0x1" set FIPS=Y
)
NOTE: See How do I configure Windows Server 2003 Terminal Services for secure client communications?

NOTE: See Security configuration guidance support.