III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Clipboard operations via script must be disallowed (Internet zone).
<VulnDiscussion>A malicious script could use the clipboard in an undesirable manner, for example, if the user had recently copied confidentia...Rule Medium Severity -
SRG-APP-000219
<GroupDescription></GroupDescription>Group -
Logon options must be configured to prompt (Internet zone).
<VulnDiscussion>Users could submit credentials to servers operated by malicious individuals who could then attempt to connect to legitimate s...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Java permissions must be configured with High Safety (Intranet zone).
<VulnDiscussion>Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Anti-Malware programs against ActiveX controls must be run for the Intranet zone.
<VulnDiscussion>This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if the...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Java permissions must be configured with High Safety (Trusted Sites zone).
<VulnDiscussion>Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Anti-Malware programs against ActiveX controls must be run for the Trusted Sites zone.
<VulnDiscussion>This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if the...Rule Medium Severity -
SRG-APP-000039
<GroupDescription></GroupDescription>Group -
Dragging of content from different domains within a window must be disallowed (Internet zone).
<VulnDiscussion>This policy setting allows you to set options for dragging content from one domain to a different domain when the source and ...Rule Medium Severity -
SRG-APP-000039
<GroupDescription></GroupDescription>Group -
Dragging of content from different domains across windows must be disallowed (Restricted Sites zone).
<VulnDiscussion>This policy setting allows you to set options for dragging content from one domain to a different domain when the source and ...Rule Medium Severity -
SRG-APP-000112
<GroupDescription></GroupDescription>Group -
Internet Explorer Processes Restrict ActiveX Install must be enforced (Explorer).
<VulnDiscussion>Users often choose to install software such as ActiveX controls that are not permitted by their organization's security polic...Rule Medium Severity -
SRG-APP-000112
<GroupDescription></GroupDescription>Group -
Internet Explorer Processes Restrict ActiveX Install must be enforced (iexplore).
<VulnDiscussion>Users often choose to install software such as ActiveX controls that are not permitted by their organization's security polic...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.