Skip to content

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Site tracking of a user’s location must be disabled.

    &lt;VulnDiscussion&gt;Set whether websites can track users' physical locations. Tracking can be allowed by default ("AllowGeolocation") or denied b...
    Rule Medium Severity
  • SRG-APP-000080

    <GroupDescription></GroupDescription>
    Group
  • Browser history must be saved.

    &lt;VulnDiscussion&gt;This setting disables deleting browser history and download history and prevents users from changing this setting.&lt;/VulnDi...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Edge development tools must be disabled.

    &lt;VulnDiscussion&gt;While the risk associated with browser development tools is more related to the proper design of a web application, a risk ve...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Download restrictions must be configured.

    &lt;VulnDiscussion&gt;Configure the type of downloads that Microsoft Edge completely blocks, without letting users override the security decision. ...
    Rule Low Severity
  • SRG-APP-000378

    <GroupDescription></GroupDescription>
    Group
  • URLs must be whitelisted for plugin use if used.

    &lt;VulnDiscussion&gt;Define a list of sites, based on URL patterns that can open pop-up windows.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Extensions installation must be blocklisted by default.

    &lt;VulnDiscussion&gt;List specific extensions that users cannot install in Microsoft Edge. When this policy is deployed, any extensions on this li...
    Rule Medium Severity
  • SRG-APP-000386

    <GroupDescription></GroupDescription>
    Group
  • Extensions that are approved for use must be allowlisted if used.

    &lt;VulnDiscussion&gt;By default, all extensions are allowed. However, if all extensions are blocked by setting the "ExtensionInstallBlockList" pol...
    Rule Low Severity
  • SRG-APP-000400

    <GroupDescription></GroupDescription>
    Group
  • The Password Manager must be disabled.

    &lt;VulnDiscussion&gt;Enable Microsoft Edge to save user passwords. If this policy is enabled, users can save their passwords in Microsoft Edge. T...
    Rule Medium Severity
  • SRG-APP-000456

    <GroupDescription></GroupDescription>
    Group
  • The version of Microsoft Edge running on the system must be a supported version.

    &lt;VulnDiscussion&gt;Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products t...
    Rule High Severity
  • SRG-APP-000560

    <GroupDescription></GroupDescription>
    Group
  • Edge must be configured to allow only TLS.

    &lt;VulnDiscussion&gt;Sets the minimum supported version of SSL. If this policy is not configured, Microsoft Edge uses a default minimum version, T...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules