Back

Configure the "Turn on Protected Mode" settingĀ in limited functionality environments properly.


CONTROL ID
02245
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The "Turn on Protected Mode" setting should be configured correctly for the Internet Zone. Technical Mechanisms: GPO Setting: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Protected Mode Parameters: e… (CCE-4643-3, Common Configuration Enumeration List, Combined XML: Internet Explorer 7, 5.20130214)
  • The "Turn on Protected Mode" setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: GPO Setting: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on Protected Mod… (CCE-3909-9, Common Configuration Enumeration List, Combined XML: Internet Explorer 7, 5.20130214)
  • The "Turn on Protected Mode" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on … (CCE-9945-7, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Turn on Protected Mode" setting should be configured correctly for the Internet Zone. (oval:gov.nist.fdcc.ie7:def:111999, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • The "Turn on Protected Mode" setting should be configured correctly for the Restricted Sites Zone. (oval:gov.nist.fdcc.ie7:def:62199, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Turn On Protected Mode - Internet Zone - Local Computer (TurnOnProtectedMode_InternetZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Turn On Protected Mode - Restricted Sites Zone - Local Computer (TurnOnProtectedMode_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • The "Turn on Protected Mode" setting should be configured correctly for the Restricted Sites Zone. (xccdf_gov.nist_rule_TurnOnProtectedMode_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:62199, oval:gov.nist.USGCB.ie7:tst:378299, oval:gov.nist.USGCB.ie7:obj:11499, oval:gov.nist.USGCB.ie7:ste:324299, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • The "Turn on Protected Mode" setting should be configured correctly for the Restricted Sites Zone. (xccdf_gov.nist_rule_TurnOnProtectedMode_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31080, oval:gov.nist.USGCB.ie8:tst:31080, oval:gov.nist.USGCB.ie8:obj:31080, oval:gov.nist.USGCB.ie8:ste:31080, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)