II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000089
Group -
Deleting websites that the user has visited must be disallowed.
This policy prevents users from deleting the history of websites the user has visited. If you enable this policy setting, websites the user has visited will be preserved when the user clicks "Delet...Rule Medium Severity -
SRG-APP-000080
Group -
InPrivate Browsing must be disallowed.
InPrivate Browsing lets the user control whether or not Internet Explorer saves the browsing history, cookies, and other data. User control of settings is not the preferred control method. The InPr...Rule Medium Severity -
SRG-APP-000141
Group -
Scripting of Internet Explorer WebBrowser control property must be disallowed (Internet zone).
This policy setting controls whether a page may control embedded WebBrowser control via script. Scripted code hosted on sites located in this zone is more likely to contain malicious code. If you e...Rule Medium Severity -
SRG-APP-000141
Group -
When uploading files to a server, the local directory path must be excluded (Internet zone).
This policy setting controls whether or not the local path information will be sent when uploading a file via a HTML form. If the local path information is sent, some information may be unintention...Rule Medium Severity -
SRG-APP-000141
Group -
Internet Explorer Processes for Notification Bars must be enforced (Reserved).
This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are restricted. By default, the Notification Bar is dis...Rule Medium Severity -
SRG-APP-000516
Group -
Security Warning for unsafe files must be set to prompt (Internet zone).
This policy setting controls whether or not the 'Open File - Security Warning' message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file ...Rule Medium Severity -
SRG-APP-000141
Group -
Internet Explorer Processes for Notification Bars must be enforced (Explorer).
This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are restricted. By default, the Notification Bar is dis...Rule Medium Severity -
SRG-APP-000210
Group -
ActiveX controls without prompt property must be used in approved domains only (Internet zone).
This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed the ActiveX control. If the user were to disable ...Rule Medium Severity -
SRG-APP-000141
Group -
Internet Explorer Processes for Notification Bars must be enforced (iexplore).
This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are restricted. By default, the Notification Bar is dis...Rule Medium Severity -
SRG-APP-000141
Group -
Cross-Site Scripting Filter must be enforced (Internet zone).
The Cross-Site Scripting Filter is designed to prevent users from becoming victims of unintentional information disclosure. This setting controls if the Cross-Site Scripting (XSS) Filter detects an...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.