Skip to content
Log In

CCI-001166

Identify organization-defined unacceptable mobile code.

Adobe Reader DC must enable Enhanced Security in a Standalone Application.

1 rule found Severity: Medium

Logo

Adobe Reader DC must enable Enhanced Security in a Browser.

1 rule found Severity: Medium

Logo

Adobe Reader DC must enable Protected Mode.

1 rule found Severity: Medium

Logo

Adobe Reader DC must enable Protected View.

1 rule found Severity: Medium

Logo

Adobe Reader DC must Block Websites.

1 rule found Severity: Medium

Logo

Adobe Reader DC must block access to Unknown Websites.

1 rule found Severity: Medium

Logo

Adobe Reader DC must prevent opening files other than PDF or FDF.

1 rule found Severity: Medium

Logo

Adobe Reader DC must block Flash Content.

1 rule found Severity: Medium

Logo

The CA API Gateway must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.

1 rule found Severity: Medium

Logo

OHS utilizing mobile code must meet DoD-defined mobile code requirements.

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME handling must be enforced. (Reserved)

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME handling must be enforced (Explorer).

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME handling must be enforced (iexplore).

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME sniffing must be enforced (Reserved).

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME sniffing must be enforced (Explorer).

1 rule found Severity: Medium

Logo

Internet Explorer Processes for MIME sniffing must be enforced (iexplore).

1 rule found Severity: Medium

Logo

Managing SmartScreen Filter use must be enforced.

1 rule found Severity: Medium

Logo

The Cisco ASA must be configured to use Advanced Malware Protection (AMP) features to detect and block the transmission of malicious software and malware.

1 rule found Severity: Medium

Logo

Site tracking users location must be disabled.

1 rule found Severity: Medium

Logo

Safe Browsing must be enabled.

1 rule found Severity: Medium

Logo

Safe Browsing Extended Reporting must be disabled.

1 rule found Severity: Medium

Logo

Anonymized data collection must be disabled.

1 rule found Severity: Medium

Logo

Collection of WebRTC event logs must be disabled.

1 rule found Severity: Medium

Logo

Guest Mode must be disabled.

1 rule found Severity: Medium

Logo

AutoFill for credit cards must be disabled.

1 rule found Severity: Medium

Logo

AutoFill for addresses must be disabled.

1 rule found Severity: Medium

Logo

Import AutoFill form data must be disabled.

1 rule found Severity: Medium

Logo

Java software installed on a production IIS 10.0 web server must be limited to .class files and the Java Virtual Machine.

1 rule found Severity: Medium

Logo

The TPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.

1 rule found Severity: Medium

Logo

A web server utilizing mobile code must meet DoD-defined mobile code requirements.

1 rule found Severity: Medium

Logo

The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.

1 rule found Severity: Medium

Logo

An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.

1 rule found Severity: High

Logo

The ALG must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.

1 rule found Severity: Medium

Logo

The application server must identify prohibited mobile code.

1 rule found Severity: Medium

Logo

Unsigned Category 1A mobile code must not be used in the application in accordance with DoD policy.

1 rule found Severity: Medium

Logo

Dragos Platforms must limit privileges and not allow the ability to run shell.

1 rule found Severity: High

Logo

The IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.

1 rule found Severity: Medium

Logo

The Juniper Networks SRX Series Gateway IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.

1 rule found Severity: Medium

Logo

The Mainframe Product must identify prohibited mobile code.

1 rule found Severity: Medium

Logo