II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000278
Group -
Firefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download.
Some files can be downloaded or execute without user interaction. This setting ensures these files are not downloaded and executed.Rule Medium Severity -
SRG-APP-000141
Group -
Firefox must be configured to disable form fill assistance.
To protect privacy and sensitive data, Firefox provides the ability to configure the program so that data entered into forms is not saved. This mitigates the risk of a website gleaning private info...Rule Medium Severity -
SRG-APP-000141
Group -
Firefox must be configured to not use a password store with or without a master password.
Firefox can be set to store passwords for sites visited by the user. These individual passwords are stored in a file and can be protected by a master password. Autofill of the password can then be ...Rule Medium Severity -
SRG-APP-000141
Group -
Firefox must be configured to block pop-up windows.
Pop-up windows may be used to launch an attack within a new browser window with altered settings. This setting blocks pop-up windows created while the page is loading.Rule Medium Severity -
SRG-APP-000141
Group -
Firefox must be configured to prevent JavaScript from moving or resizing windows.
JavaScript can make changes to the browser's appearance. This activity can help disguise an attack taking place in a minimized background window. Configure the browser setting to prevent scripts on...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.