Microsoft Internet Explorer 11 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000141
Group -
When uploading files to a server, the local directory path must be excluded (Restricted Sites zone).
This policy setting controls whether or not the local path information will be sent when uploading a file via a HTML form. If the local path information is sent, some information may be unintention...Rule Medium Severity -
SRG-APP-000516
Group -
Security Warning for unsafe files must be disallowed (Restricted Sites zone).
This policy setting controls whether or not the 'Open File - Security Warning' message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file ...Rule Medium Severity -
SRG-APP-000210
Group -
SRG-APP-000141
Group -
SRG-APP-000112
Group -
SRG-APP-000141
Group -
Status bar updates via script must be disallowed (Internet zone).
This policy setting allows you to manage whether script is allowed to update the status bar within the zone. A script running in the zone could cause false information to be displayed on the status...Rule Medium Severity -
SRG-APP-000516
Group -
SRG-APP-000516
Group -
.NET Framework-reliant components signed with Authenticode must be disallowed to run (Internet zone).
It may be possible for someone to host malicious content on a website that takes advantage of these components. This policy setting allows you to manage whether .NET Framework components that are s...Rule Medium Severity -
SRG-APP-000141
Group -
SRG-APP-000141
Group -
Status bar updates via script must be disallowed (Restricted Sites zone).
A script running in the zone could cause false information to be displayed on the status bar, which could confuse the user and cause an undesirable action. This policy setting allows you to manage ...Rule Medium Severity -
SRG-APP-000516
Group -
SRG-APP-000039
Group -
Dragging of content from different domains across windows must be disallowed (Internet zone).
This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows. If you enable this policy setting,...Rule Medium Severity -
SRG-APP-000416
Group -
Turn off Encryption Support must be enabled.
This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by allowing you to turn on/off support for TLS and SSL. TLS is a protocol for protecting commu...Rule Medium Severity -
SRG-APP-000416
Group -
Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled.
This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by blocking an insecure fallback to SSL when TLS 1.0 or greater fails. Satisfies: SRG-APP-000...Rule Medium Severity -
SRG-APP-000456
Group -
The version of Internet Explorer running on the system must be a supported version.
Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.