Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000112

    <GroupDescription></GroupDescription>
    Group
  • Adobe Acrobat Pro DC Continuous Enhanced Security for browser mode must be enabled.

    &lt;VulnDiscussion&gt;Enhanced Security (ES) is a sandbox capability that restricts access to system resources and prevents PDF cross domain access...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Adobe Acrobat Pro DC Continuous PDF file attachments must be blocked.

    &lt;VulnDiscussion&gt;Acrobat Pro allows for files to be attached to PDF documents. Attachments represent a potential security risk because they ca...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Adobe Acrobat Pro DC Continuous access to unknown websites must be restricted.

    &lt;VulnDiscussion&gt;Acrobat provides the ability for the user to store a list of websites with an associated behavior of allow, ask, or block. We...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Adobe Acrobat Pro DC Continuous access to websites must be blocked.

    &lt;VulnDiscussion&gt;PDF files can contain URLs that initiate connections to websites in order to share or get information. Any Internet access in...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Adobe Acrobat Pro DC Continuous must be configured to block Flash Content.

    &lt;VulnDiscussion&gt;Flash has a long history of vulnerabilities. Although Flash is no longer provided with Acrobat, if the system has Flash inst...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules