II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000141
Group -
Clipboard operations via script must be disallowed (Internet zone).
A malicious script could use the clipboard in an undesirable manner, for example, if the user had recently copied confidential information to the clipboard while editing a document, a malicious scr...Rule Medium Severity -
SRG-APP-000219
Group -
Logon options must be configured to prompt (Internet zone).
Users could submit credentials to servers operated by malicious individuals who could then attempt to connect to legitimate servers with those captured credentials. Care must be taken with user cre...Rule Medium Severity -
SRG-APP-000141
Group -
Java permissions must be configured with High Safety (Intranet zone).
Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, options can be chosen from the drop-down bo...Rule Medium Severity -
SRG-APP-000207
Group -
Anti-Malware programs against ActiveX controls must be run for the Intranet zone.
This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on pages. If you enable this policy setting, Inte...Rule Medium Severity -
SRG-APP-000141
Group -
Java permissions must be configured with High Safety (Trusted Sites zone).
Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, options can be chosen from the drop-down bo...Rule Medium Severity -
SRG-APP-000207
Group -
Anti-Malware programs against ActiveX controls must be run for the Trusted Sites zone.
This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on pages. If you enable this policy setting, Inte...Rule Medium Severity -
SRG-APP-000039
Group -
Dragging of content from different domains within a window must be disallowed (Internet zone).
This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the same window. If you enable this policy setting, u...Rule Medium Severity -
SRG-APP-000039
Group -
Dragging of content from different domains across windows must be disallowed (Restricted Sites zone).
This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows. If you enable this policy setting,...Rule Medium Severity -
SRG-APP-000112
Group -
Internet Explorer Processes Restrict ActiveX Install must be enforced (Explorer).
Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose significant security and privacy risks to netw...Rule Medium Severity -
SRG-APP-000112
Group -
Internet Explorer Processes Restrict ActiveX Install must be enforced (iexplore).
Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose significant security and privacy risks to netw...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.