1.3 Set 'Prevent Bypassing SmartScreen Filter Warnings' to 'Enabled'

Information



The SmartScreen Filter prevents users from navigating to and downloading from sites
known to host malicious content, including Phishing or malicious software attacks. If you
enable this policy setting, the user is not permitted to navigate to sites identified as unsafe
by the SmartScreen Filter. If you disable this policy setting or do not configure it, the user
can ignore SmartScreen Filter warnings and navigate to unsafe sites. The recommended
state for this setting is- Enabled.

*Rationale*

If this setting is enabled and the SmartScreen Filter is active, the user can ignore a
SmartScreen Filter warning and navigate to a site determined to be unsafe.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Prevent Bypassing SmartScreen Filter Warnings

Impact-Users cannot navigate to sites detected as unsafe by the SmartScreen Filter.

Default Value-Disabled

See Also

https://workbench.cisecurity.org/files/1518

Item Details

Audit Name: CIS IE 11 v1.0.0

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1.

Plugin: Windows

Control ID: 5be4e5ece1c45f82fb64f6fadbc7ca7ed3df87feb80bbde0e46b2f76ead17dd0