I - Mission Critical Public
Rules and Groups employed by this XCCDF Profile
-
DTOO295 - InfoPath e-mail forms in Outlook
Group -
InfoPath e-mail forms in Outlook must be disallowed.
Attackers can send users InfoPath e-mail forms in an attempt to gain access to confidential information. Depending on the level of trust of the forms, it might also be possible to gain access to o...Rule Medium Severity -
DTOO296 - Managed code from the Internet
Group -
Disabling opening forms with managed code from the Internet security zone must be configured.
When InfoPath solutions are opened locally, the location of the form is checked so that updates to the form can be downloaded. If a user saves a form locally from a location on the Internet and th...Rule Medium Severity -
DTOO297 - A form is digitally signed
Group -
A form that is digitally signed must be displayed with a warning.
This setting controls whether the user sees a dialog box when opening Microsoft InfoPath forms containing digitally signed content. By default, InfoPath shows the user a warning message when the fo...Rule Medium Severity -
DTOO309 - APTCA Assembly Allow List Enforcement
Group -
The InfoPath APTCA Assembly Allowable List must be enforced.
InfoPath 2010 forms' business logic can only call into Global Assembly Cache (GAC) assemblies listed in the APTCA Assembly Allowable List. If this configuration is changed, forms can call into any...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules