Back

Configure the "Scripting of Java applets" setting in limited functionality environments properly.


CONTROL ID
04439
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if scripts can access Java applets. For Enterprise Client environments, the Scripting Of Java Applets setting is Not Configured. For Specialized Security - Limited Functionality environments, this setting should be set to Enabled:Disable. This setting is applicable to the Res… (Pg 115, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Scripting of Java applets" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Scripting of J… (CCE-10083-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Scripting of Java applets" setting should be configured correctly for the Restricted Sites Zone. (oval:gov.nist.fdcc.ie7:def:280, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Scripting of Java Applets - Restricted Sites Zone - Local Computer (ScriptingOfJavaApplets_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows you to manage whether applets are exposed to scripts within the zone. If you enable this policy setting, scripts can access applets automatically without user intervention. (xccdf_gov.nist_rule_ScriptingOfJavaApplets_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:280, oval:gov.nist.USGCB.ie7:tst:3887, oval:gov.nist.USGCB.ie7:obj:37, oval:gov.nist.USGCB.ie7:ste:3633, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether applets are exposed to scripts within the zone. If you enable this policy setting, scripts can access applets automatically without user intervention. (xccdf_gov.nist_rule_ScriptingOfJavaApplets_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31077, oval:gov.nist.USGCB.ie8:tst:31077, oval:gov.nist.USGCB.ie8:obj:31077, oval:gov.nist.USGCB.ie8:ste:31077, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)