II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000231
Group -
Userdata persistence must be disallowed (Restricted Sites zone).
Userdata persistence must have a level of protection based upon the site being accessed. This policy setting allows you to manage the preservation of information in the browser's history, in Favori...Rule Medium Severity -
SRG-APP-000141
Group -
Active scripting must be disallowed (Restricted Sites Zone).
Active scripts hosted on sites located in this zone are more likely to contain malicious code. Active scripting must have a level of protection based upon the site being accessed. This policy setti...Rule Medium Severity -
SRG-APP-000141
Group -
Clipboard operations via script must be disallowed (Restricted Sites zone).
A malicious script could use the clipboard in an undesirable manner, for example, if the user had recently copied confidential information to the clipboard while editing a document, a malicious scr...Rule Medium Severity -
SRG-APP-000219
Group -
Logon options must be configured and enforced (Restricted Sites zone).
Users could submit credentials to servers operated by malicious individuals who could then attempt to connect to legitimate servers with those captured credentials. Care must be taken with user cre...Rule Medium Severity -
SRG-APP-000089
Group -
Configuring History setting must be set to 40 days.
This setting specifies the number of days that Internet Explorer keeps track of the pages viewed in the History List. The delete Browsing History option can be accessed using Tools, Internet Option...Rule Medium Severity -
SRG-APP-000141
Group -
Internet Explorer must be set to disallow users to add/delete sites.
This setting prevents users from adding sites to various security zones. Users should not be able to add sites to different zones, as this could allow them to bypass security controls of the system...Rule Medium Severity -
SRG-APP-000516
Group -
Internet Explorer must be configured to disallow users to change policies.
Users who change their Internet Explorer security settings could enable the execution of dangerous types of code from the Internet and websites listed in the Restricted Sites zone in the browser. T...Rule Medium Severity -
SRG-APP-000516
Group -
Internet Explorer must be configured to use machine settings.
Users who change their Internet Explorer security settings could enable the execution of dangerous types of code from the Internet and websites listed in the Restricted Sites zone in the browser. T...Rule Medium Severity -
SRG-APP-000516
Group -
Security checking features must be enforced.
This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Explorer at risk. If you enable this ...Rule Medium Severity -
SRG-APP-000210
Group -
Software must be disallowed to run or install with invalid signatures.
Microsoft ActiveX controls and file downloads often have digital signatures attached that certify the file's integrity and the identity of the signer (creator) of the software. Such signatures help...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.