If you have clients connecting to a server and the clients don't specify a specific encryption algorithm in SQLNET.ENCRYPTION_TYPES_CLIENT, be aware that the order of the algorithms listed in SQLNET.ORA on the server side matters...
If you don't specify SQLNET.ENCRYPTION_TYPES_CLIENT from a 12.2 client configuration, a SQLNet client side trace shows the following possibilities, the choices are listed from most secure to least secure:
(3775811968) [04-OCT-2018 19:47:44:284] nam_gic: Counting # of items in "SQLNET.ENCRYPTION_TYPES_CLIENT" parameter
(3775811968) [04-O