Detections
Analytics

DISA STIG IE 10 V1R16

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG IE 10 V1R16

Updated: 6/3/2020

Authority: DISA STIG

Plugin: Windows

Revision: 1.1

Estimated Item Count: 151

Audit Items

DescriptionCategories
DISA_STIG_IE10_V1R15.audit
DISA_STIG_IE10_V1R16.audit
DTBI002 - The installed version of IE must be a supported version - IE Version

CONFIGURATION MANAGEMENT

DTBI002 - The installed version of IE must be a supported version - OS Version

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

DTBI010 - First Run Wizard settings must be established for a home page.

CONFIGURATION MANAGEMENT

DTBI014 - The Internet Explorer TLS parameter must be set correctly - Allow fallback to SSL 3.0

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI014 - The Internet Explorer TLS parameter must be set correctly - SecureProtocols

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI015 - The Internet Explorer warning about certificate address mismatch must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI018 - Check for publishers certificate revocation must be enforced.

IDENTIFICATION AND AUTHENTICATION

DTBI022 - The Download signed ActiveX controls property must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI023 - The Download unsigned ActiveX controls property must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI024 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI030 - Font downloads must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI031 - The Java permissions must be disallowed (Internet zone).

ACCESS CONTROL

DTBI032 - Accessing data sources across domains must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI036 - Functionality to drag and drop or copy and paste files must be disallowed (Internet zone).

CONFIGURATION MANAGEMENT

DTBI038 - Launching programs and files in IFRAME must be disallowed (Internet zone).

SYSTEM AND INFORMATION INTEGRITY

DTBI039 - Navigating windows and frames across different domains must be disallowed (Internet zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI042 - Userdata persistence must be disallowed (Internet zone).

ACCESS CONTROL

DTBI044 - Clipboard operations via script must be disallowed (Internet zone).

CONFIGURATION MANAGEMENT

DTBI046 - Logon options must be configured to prompt (Internet zone).

ACCESS CONTROL

DTBI061 - Java permissions must be configured with High Safety (Intranet zone).

ACCESS CONTROL

DTBI091 - Java permissions must be configured with High Safety (Trusted Sites zone).

ACCESS CONTROL

DTBI112 - The Download signed ActiveX controls property must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI113 - The Download unsigned ActiveX controls property must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI114 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI115 - ActiveX controls and plug-ins must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI116 - ActiveX controls marked safe for scripting must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI119 - File downloads must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI120 - Font downloads must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI121 - Java permissions must be disallowed (Restricted Sites zone).

ACCESS CONTROL

DTBI122 - Accessing data sources across domains must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI123 - The Allow META REFRESH property must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI126 - Functionality to drag and drop or copy and paste files must be disallowed (Restricted Sites zone).

CONFIGURATION MANAGEMENT

DTBI127 - Installation of desktop items must be disallowed (Restricted Sites zone).

CONFIGURATION MANAGEMENT

DTBI128 - Launching programs and files in IFRAME must be disallowed (Restricted Sites zone).

SYSTEM AND INFORMATION INTEGRITY

DTBI129 - Navigating windows and frames across different domains must be disallowed (Restricted Sites zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI132 - Rule Title- Userdata persistence must be disallowed (Restricted Sites zone).

ACCESS CONTROL

DTBI133 - Active scripting must be disallowed (Restricted Sites Zone).

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI134 - Clipboard operations via script must be disallowed (Restricted Sites zone).

CONFIGURATION MANAGEMENT

DTBI136 - Logon options must be configured and enforced (Restricted Sites zone).

ACCESS CONTROL

DTBI300 - Configuring History setting must be set to 40 days - DaysToKeep

CONFIGURATION MANAGEMENT

DTBI300 - Configuring History setting must be set to 40 days - URL History

CONFIGURATION MANAGEMENT

DTBI305 - Automatic configuration of Internet Explorer connections must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI315 - Participation in the Customer Experience Improvement Program must be disallowed.

CONFIGURATION MANAGEMENT

DTBI318 - Internet Explorer must be set to disallow users to add/delete sites.

CONFIGURATION MANAGEMENT

DTBI319 - Internet Explorer must be configured to disallow users to change policies.

CONFIGURATION MANAGEMENT

DTBI320 - Internet Explorer must be configured to use machine settings.

ACCESS CONTROL

DTBI325 - Security checking features must be enforced.

CONFIGURATION MANAGEMENT

DTBI340 - Active content from CDs must be disallowed to run on user machines.

CONFIGURATION MANAGEMENT