Back

Configure the "Turn off Managing Phishing filter" setting.


CONTROL ID
02244
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The "Turn off Managing Phishing Filter" setting should be configured correctly. Technical Mechanisms: Local Internet Options: GPO Settings:[Computer Configuration | User Configuration]/Network/Internet Explorer Registry Keys:[HKLM | HKCU]\Software\Policies\Microsoft\Internet Explorer\PhishingFilt… (CCE-3866-1, Common Configuration Enumeration List, Combined XML: Internet Explorer 7, 5.20130214)
  • The "Turn off Managing Phishing Filter" setting should be configured correctly. Technical Mechanisms: (1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing Phishing filter (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Inte… (CCE-10540-3, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Turn off Managing Phishing Filter" setting should be configured correctly. (oval:gov.nist.fdcc.ie7:def:501, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Turn Off Managing Phishing Filter - Local Computer (TurnOffManagingPhishingFilter_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows the user to enable a phishing filter that will warn if the Web site being visited is known for fraudulent attempts to gather personal information through "phishing." (xccdf_gov.nist_rule_TurnOffManagingPhishingFilter_LocalComputer, oval:gov.nist.USGCB.ie7:def:501, oval:gov.nist.USGCB.ie7:tst:3256, oval:gov.nist.USGCB.ie7:obj:153, oval:gov.nist.USGCB.ie7:ste:3674, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows the user to enable a phishing filter that will warn if the Web site being visited is known for fraudulent attempts to gather personal information through "phishing." (xccdf_gov.nist_rule_TurnOffManagingPhishingFilter_LocalComputer, oval:gov.nist.USGCB.ie7:def:501, oval:gov.nist.USGCB.ie7:tst:32561, oval:gov.nist.USGCB.ie7:obj:153, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)