Skip to content
Log In

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000112

    Group
    Show

  • Internet Explorer Processes Restrict ActiveX Install must be enforced (Reserved).

    Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose significant security and privacy risks to netw...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • Status bar updates via script must be disallowed (Internet zone).

    This policy setting allows you to manage whether script is allowed to update the status bar within the zone. A script running in the zone could cause false information to be displayed on the status...
    Rule Medium Severity
    Show

  • SRG-APP-000516

    Group
    Show

  • .NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone).

    Unsigned components are more likely to contain malicious code and it is more difficult to determine the author of the application - therefore they should be avoided if possible. This policy setting...
    Rule Medium Severity
    Show

  • SRG-APP-000516

    Group
    Show

  • .NET Framework-reliant components signed with Authenticode must be disallowed to run (Internet zone).

    It may be possible for someone to host malicious content on a website that takes advantage of these components. This policy setting allows you to manage whether .NET Framework components that are s...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • Scriptlets must be disallowed (Restricted Sites zone).

    This policy setting allows you to manage whether scriptlets can be allowed. Scriptlets hosted on sites located in this zone are more likely to contain malicious code. If you enable this policy sett...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • Status bar updates via script must be disallowed (Restricted Sites zone).

    A script running in the zone could cause false information to be displayed on the status bar, which could confuse the user and cause an undesirable action. This policy setting allows you to manage ...
    Rule Medium Severity
    Show

  • SRG-APP-000516

    Group
    Show

  • When Enhanced Protected Mode is enabled, ActiveX controls must be disallowed to run in Protected Mode.

    This setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX control installed that is not compatible with Enhanced Prot...
    Rule Medium Severity
    Show

  • SRG-APP-000039

    Group
    Show

  • Dragging of content from different domains across windows must be disallowed (Internet zone).

    This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows. If you enable this policy setting,...
    Rule Medium Severity
    Show

  • SRG-APP-000416

    Group
    Show

  • Turn off Encryption Support must be enabled.

    This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by allowing you to turn on/off support for TLS and SSL. TLS is a protocol for protecting commu...
    Rule Medium Severity
    Show

  • SRG-APP-000416

    Group
    Show

  • Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled.

    This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by blocking an insecure fallback to SSL when TLS 1.0 or greater fails. Satisfies: SRG-APP-000...
    Rule Medium Severity
    Show

  • SRG-APP-000456

    Group
    Show

  • The version of Internet Explorer running on the system must be a supported version.

    Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...
    Rule High Severity
    Show

  • SRG-APP-000516

    Group
    Show

  • The Internet Explorer warning about certificate address mismatch must be enforced.

    This parameter warns users if the certificate being presented by the website is invalid. Since server certificates are used to validate the identity of the web server it is critical to warn the use...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules