| EMET Default Protections for Internet Explorer must be enabled. | CONFIGURATION MANAGEMENT |
| Enable 64-bit Processes for Enhanced Protected Mode | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable Enhanced Protected Mode For Internet Explorer 11 | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer 6-11 check | |
| Internet Zone - Disable 'Access data sources across domains' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Active scripting' | |
| Internet Zone - Disable 'Allow dragging of content between domains into separate windows' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Allow dragging of content between domains into the same windows' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Allow META refresh' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Allow previously unused ActiveX controls to run without prompt' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Allow programmatic clipboard access' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Allow script-initiated windows without size or position constraints' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Allow scripting of Microsoft web browser control' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Allow scriptlets' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Allow Status bar updates via script' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Allow webpages to use restricted protocols for active content' | |
| Internet Zone - Disable 'Allow websites to open windows without address or status bars' | |
| Internet Zone - Disable 'Allow websites to prompt for information using scripted windows' | |
| Internet Zone - Disable 'Automatic prompting for ActiveX controls' | |
| Internet Zone - Disable 'Binary and script behaviors' | SYSTEM AND INFORMATION INTEGRITY |
| Internet Zone - Disable 'Display video and animation on a web page that does not use external media player' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Don't prompt for client certificate selection when no certificates or only one certificate exists' | |
| Internet Zone - Disable 'Download signed ActiveX controls' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Download unsigned ActiveX controls' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Enable .NET Framework setup' | |
| Internet Zone - Disable 'Enable MIME Sniffing' | SYSTEM AND INFORMATION INTEGRITY |
| Internet Zone - Disable 'File download' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Font download' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Include local directory path when uploading to a server' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Initialize and script ActiveX controls not marked as safe' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Launching programs and files in an IFRAME' | SYSTEM AND INFORMATION INTEGRITY |
| Internet Zone - Disable 'Loose XAML' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Navigate windows and frames across different domains' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Permissions for components with manifests' | |
| Internet Zone - Disable 'Render Legacy Filters' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Run ActiveX controls and plug-ins' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Run components not signed with Authenticode' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Run components signed with Authenticode' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Script ActiveX controls marked for safe scripting' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Scripting of Java applets' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Submit non-encrypted form data' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Disable 'Use Pop-up Blocker' | CONFIGURATION MANAGEMENT |
| Internet Zone - Disable 'Use SmartScreen Filter' | SYSTEM AND INFORMATION INTEGRITY |
| Internet Zone - Disable 'User data persistence' | ACCESS CONTROL |
| Internet Zone - Disable 'Websites in less privileged content zone can navigate into this zone' | ACCESS CONTROL |
| Internet Zone - Disable 'XAML Browser Applications' | |
| Internet Zone - Disable 'XPS Documents' | |
| Internet Zone - Enable 'Allow ActiveX Filtering' | |
| Internet Zone - Enable 'Enable XSS filter' | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Zone - Enable 'Only allow approved domains to use ActiveX without prompt' | SYSTEM AND COMMUNICATIONS PROTECTION |
