Microsoft InfoPath 2013 STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
DTOO133-Disable all trusted locations
Group -
DTOO157 - SharePoint Services Gradual Upgrade
Group -
DTOO167 - Forms Opening behavior - EMail /w code
Group -
Opening behavior for Email forms containing code or scripts must be controlled.
InfoPath notifies and prompts users before opening InfoPath email forms that contain code or script. If this restriction is relaxed, InfoPath will open email forms that contain code or script witho...Rule Medium Severity -
DTOO176 - Email forms beaconing UI
Group -
Email with InfoPath forms must be configured to show UI to recipients.
Malicious users could send InfoPath email forms with embedded web beacons that can be used to track when recipients open the form and provide confirmation that recipients' email addresses are valid...Rule Medium Severity -
DTOO169 - Disable dynamic caching / form template
Group -
Disable dynamic caching of the form template in InfoPath eMail forms.
By default, InfoPath 2007 caches form templates when they are attached to a mail item that is recognized as an InfoPath e-mail form. When users fill out forms that open with a restricted security l...Rule Medium Severity -
DTOO173 - E-Mail forms from Full Trust Zone
Group -
DTOO172 - EMail forms from Internet Zone
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.