Microsoft InfoPath 2010 STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
DTOO133-Disable all trusted locations
Group -
DTOO157 - SharePoint Services Gradual Upgrade
Group -
Redirection behavior for upgraded web sites by SharePoint must be blocked.
InfoPath automatically redirects user requests for sites that have not been upgraded to the temporary URL if it is located on the local intranet, but blocks them if the temporary URL is located els...Rule Medium Severity -
DTOO167 - Forms Opening behavior - EMail /w code
Group -
Opening behavior for EMail forms containing code or scripts must be controlled.
InfoPath notifies and prompts users before opening InfoPath e-mail forms that contain code or script. If this restriction is relaxed, InfoPath will open e-mail forms that contain code or script wit...Rule Medium Severity -
DTOO176 - Email forms beaconing UI
Group -
DTOO169 - Disable dynamic caching / form template
Group -
Dynamic caching of InfoPath eMail forms must be disabled.
InfoPath caches form templates when they are attached to a mail item recognized as an InfoPath e-mail form. When users fill out forms running with a restricted security level, InfoPath uses the cac...Rule Medium Severity -
DTOO173 - E-Mail forms from Full Trust Zone
Group -
Disabling of email forms from the Full Trust Security Zone must be configured.
InfoPath provides three security levels for form templates: Restricted, Domain, and Full Trust. The security levels determine whether a form template can access data on other domains, or access fil...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.