These flags are set based on a cumulative set of values in the UserAccountControl Attribute. For more inforation please see this article.
DES keys are not considered secure. QAS uses AES keys. Setting this would cause QAS to fail.