Back

Configure the "Automatic prompting for file downloads" setting in limited functionality environments properly.


CONTROL ID
04426
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if users are prompted for non-user-initiated downloads. For Enterprise Client environments, the Automatic Prompting For File Downloads setting is Not Configured. For Specialized Security - Limited Functionality environments, this setting should be set to Enabled:Enable. This … (Pg 111, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Automatic prompting for file downloads" machine setting should be configured correctly for the Internet Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Automatic prompti… (CCE-10389-5, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Automatic prompting for file downloads" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\A… (CCE-9959-8, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • Enable the Automatic Prompting For File Downloads setting for limited functionality environments (oval:gov.nist.fdcc.ie7:def:1113, oval:gov.nist.fdcc.ie7:def:252, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Automatic prompting for file downloads - Internet Zone - Local Computer (AutomaticPromptingFileDownloads_InternetZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Automatic prompting for file downloads - Restricted Sites Zone - Local Computer (AutomaticPromptingFileDownloads_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads. (xccdf_gov.nist_rule_AutomaticPromptingFileDownloads_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:252, oval:gov.nist.USGCB.ie7:tst:3850, oval:gov.nist.USGCB.ie7:obj:31, oval:gov.nist.USGCB.ie7:ste:3661, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads. (xccdf_gov.nist_rule_AutomaticPromptingFileDownloads_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:1113, oval:gov.nist.USGCB.ie7:tst:3904, oval:gov.nist.USGCB.ie7:obj:146, oval:gov.nist.USGCB.ie7:ste:3936, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads. (xccdf_gov.nist_rule_AutomaticPromptingFileDownloads_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31025, oval:gov.nist.USGCB.ie8:tst:31025, oval:gov.nist.USGCB.ie8:obj:31025, oval:gov.nist.USGCB.ie8:ste:31025, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)
  • This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads. (xccdf_gov.nist_rule_AutomaticPromptingFileDownloads_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31063, oval:gov.nist.USGCB.ie8:tst:31063, oval:gov.nist.USGCB.ie8:obj:31063, oval:gov.nist.USGCB.ie8:ste:31063, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)