Back

Configure the "Allow cut, copy, or paste operations from the clipboard via script" setting.


CONTROL ID
04418
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if a script can perform a clipboard operation, such as copy, cut, or paste. For Enterprise Client environments, the Allow Cut, Copy, Or Paste Operations From The Clipboard Via Script setting is Not Configured. For Specialized Security - Limited Functionality environments, thi… (Pg 109, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Internet Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Inte… (CCE-10002-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security P… (CCE-10539-5, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Internet Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zon… (CCE-16201-6, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Local Machine Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security … (CCE-16457-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security … (CCE-16926-8, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Intranet Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\… (CCE-16556-3, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Internet Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\… (CCE-15318-9, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Securi… (CCE-15255-3, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Internet Explorer Processes" machine setting should be configured correctly. Technical Mechanisms: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Applicatio… (CCE-16032-5, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: All Processes" machine setting should be configured correctly. Technical Mechanisms: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibilit… (CCE-15508-5, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Process List" machine setting should be configured correctly. Technical Mechanisms: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility… (CCE-15781-8, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Local Machine Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local M… (CCE-16044-0, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Rest… (CCE-16496-2, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Intranet Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zon… (CCE-15591-1, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Trusted Sites Zone. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted… (CCE-16084-6, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Internet Explorer Processes" current user setting should be configured correctly. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Applicati… (CCE-15964-0, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Process List" current user setting should be configured correctly. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibilit… (CCE-15991-3, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: All Processes" current user setting should be configured correctly. Technical Mechanisms: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibili… (CCE-15969-9, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • Disable the Allow Cut, Copy, Or Paste Operations From The Clipboard Via Script setting (oval:gov.nist.fdcc.ie7:def:506, oval:gov.nist.fdcc.ie7:def:249, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Allow cut, copy or paste operations from the clipboard via script - Internet Zone - Local Computer (allow_cut_copy_paste_operations_from_clipboard_via_script_internet_zone_local_computer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Allow cut, copy or paste operations from the clipboard via script - Restricted SitesZone - Local Computer (AllowCutCopyPasteOperationsFromClipboardViaScript_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region. If you enable this policy setting, a script can perform a clipboard operation. (xccdf_gov.nist_rule_AllowCutCopyPasteOperationsFromClipboardViaScript_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:249, oval:gov.nist.USGCB.ie7:tst:3201, oval:gov.nist.USGCB.ie7:obj:81, oval:gov.nist.USGCB.ie7:ste:2971, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region. If you enable this policy setting, a script can perform a clipboard operation. (xccdf_gov.nist_rule_allow_cut_copy_paste_operations_from_clipboard_via_script_internet_zone_local_computer, oval:gov.nist.USGCB.ie7:def:506, oval:gov.nist.USGCB.ie7:tst:3696, oval:gov.nist.USGCB.ie7:obj:53, oval:gov.nist.USGCB.ie7:ste:3748, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region. If you enable this policy setting, a script can perform a clipboard operation. (xccdf_gov.nist_rule_AllowCutCopyPasteOperationsFromClipboardViaScript_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31018, oval:gov.nist.USGCB.ie8:tst:31018, oval:gov.nist.USGCB.ie8:obj:31018, oval:gov.nist.USGCB.ie8:ste:31018, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)
  • This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region. If you enable this policy setting, a script can perform a clipboard operation. (xccdf_gov.nist_rule_AllowCutCopyPasteOperationsFromClipboardViaScript_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31054, oval:gov.nist.USGCB.ie8:tst:31054, oval:gov.nist.USGCB.ie8:obj:31054, oval:gov.nist.USGCB.ie8:ste:31054, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)