Capacity
CCI-001166
Identify organization-defined unacceptable mobile code.
1
Rule
Severity: Medium
Adobe Reader DC must enable Enhanced Security in a Standalone Application.
1
Rule
Severity: Medium
Adobe Reader DC must enable Enhanced Security in a Browser.
1
Rule
Severity: Medium
Adobe Reader DC must enable Protected Mode.
1
Rule
Severity: Medium
Adobe Reader DC must enable Protected View.
1
Rule
Severity: Medium
Adobe Reader DC must Block Websites.
1
Rule
Severity: Medium
Adobe Reader DC must block access to Unknown Websites.
1
Rule
Severity: Medium
Adobe Reader DC must prevent opening files other than PDF or FDF.
1
Rule
Severity: Medium
Adobe Reader DC must block Flash Content.
2
Rule
Severity: High
An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.
2
Rule
Severity: Medium
The ALG must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
2
Rule
Severity: Medium
The application server must identify prohibited mobile code.
2
Rule
Severity: Medium
Unsigned Category 1A mobile code must not be used in the application in accordance with DoD policy.
1
Rule
Severity: Medium
The CA API Gateway must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
2
Rule
Severity: Medium
The IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
2
Rule
Severity: Medium
The Juniper Networks SRX Series Gateway IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
2
Rule
Severity: Medium
The Mainframe Product must identify prohibited mobile code.
1
Rule
Severity: Medium
OHS utilizing mobile code must meet DoD-defined mobile code requirements.
2
Rule
Severity: Medium
The TPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
2
Rule
Severity: Medium
The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
2
Rule
Severity: Medium
The Cisco ASA must be configured to use Advanced Malware Protection (AMP) features to detect and block the transmission of malicious software and malware.
2
Rule
Severity: Medium
Site tracking users location must be disabled.
2
Rule
Severity: Medium
Safe Browsing must be enabled.
2
Rule
Severity: Medium
Safe Browsing Extended Reporting must be disabled.
2
Rule
Severity: Medium
Anonymized data collection must be disabled.
2
Rule
Severity: Medium
Collection of WebRTC event logs must be disabled.
2
Rule
Severity: Medium
Guest Mode must be disabled.
2
Rule
Severity: Medium
AutoFill for credit cards must be disabled.
2
Rule
Severity: Medium
AutoFill for addresses must be disabled.
2
Rule
Severity: Medium
Import AutoFill form data must be disabled.
1
Rule
Severity: Medium
Internet Explorer Processes for MIME handling must be enforced. (Reserved)
1
Rule
Severity: Medium
Internet Explorer Processes for MIME handling must be enforced (Explorer).
1
Rule
Severity: Medium
Internet Explorer Processes for MIME handling must be enforced (iexplore).
1
Rule
Severity: Medium
Internet Explorer Processes for MIME sniffing must be enforced (Reserved).
1
Rule
Severity: Medium
Internet Explorer Processes for MIME sniffing must be enforced (Explorer).
1
Rule
Severity: Medium
Internet Explorer Processes for MIME sniffing must be enforced (iexplore).
1
Rule
Severity: Medium
Managing SmartScreen Filter use must be enforced.
2
Rule
Severity: Medium
Java software installed on a production IIS 10.0 web server must be limited to .class files and the Java Virtual Machine.
2
Rule
Severity: Medium
A web server utilizing mobile code must meet DoD-defined mobile code requirements.
1
Rule
Severity: High
Dragos Platforms must limit privileges and not allow the ability to run shell.
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules