Our security team has raised a concern that our AD bind account is somehow using RC4 encryption or has it available as an option. 

Is there a way to determine what cipher suites are used to secure communication between Layer 7 and a remote Identity provider?
Can unsecure ciphers be removed? 

Release : 10.0

If do you need to review  ciphers for legacy compatibility, do the following:

1) SSH to the Gateway and open the java.security file for editing.

/opt/SecureSpan/JDK/conf/security/java.security

you can review this KB for references about : List of supported cipher suites in API Gateway 10.x

2) also you can configure ciphers from Policy Manager (Listen Ports section)

3) This was the ktpass command that worked for customer. 

ktpass -princ http/example.someca.domain.com@SOMECA.DOMAIN.COM -mapuser CA\edited-s-l7example -pass * -crypto AES256-SHA1 -ptype KRB5_NT_PRINCIPAL -out  C:\temp\cagatewaytmp.keytab