Back

Configure the "Access data sources across domains" setting.


CONTROL ID
04415
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if Internet Explorer can use Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO) to access data from another security zone. For Enterprise Client environments, the Access Data Sources Across Domains setting is Not Configured. For Specialized Security - Limited Function… (Pg 108, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Access data sources across domains" machine setting should be configured correctly for the Internet Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Access data sources a… (CCE-10380-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Access data sources across domains" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Acces… (CCE-10525-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • Disable the Access Data Sources Across Domains setting (oval:gov.nist.fdcc.ie7:def:674, oval:gov.nist.fdcc.ie7:def:652, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Access Data Sources Across Domains - Internet Zone - Local Computer (access_data_sources_across_domains_internet_zone_local_computer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Access Data Sources Across Domains - Restricted Sites Zone - Local Computer (AccessDataSourcesAcrossDomains_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). (xccdf_gov.nist_rule_access_data_sources_across_domains_internet_zone_local_computer, oval:gov.nist.USGCB.ie7:def:674, oval:gov.nist.USGCB.ie7:tst:3486, oval:gov.nist.USGCB.ie7:obj:14, oval:gov.nist.USGCB.ie7:ste:3494, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). (xccdf_gov.nist_rule_AccessDataSourcesAcrossDomains_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:652, oval:gov.nist.USGCB.ie7:tst:3600, oval:gov.nist.USGCB.ie7:obj:135, oval:gov.nist.USGCB.ie7:ste:3761, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). (xccdf_gov.nist_rule_AccessDataSourcesAcrossDomains_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31017, oval:gov.nist.USGCB.ie8:tst:31017, oval:gov.nist.USGCB.ie8:obj:31017, oval:gov.nist.USGCB.ie8:ste:31017, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)
  • This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). (xccdf_gov.nist_rule_AccessDataSourcesAcrossDomains_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31051, oval:gov.nist.USGCB.ie8:tst:31051, oval:gov.nist.USGCB.ie8:obj:31051, oval:gov.nist.USGCB.ie8:ste:31051, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)