3.1 Configure 'Prevent Deleting Cookies'

Information

*Description*

This policy setting is used to prevent users from deleting cookies. This feature is available
in the Delete Browsing History dialog box. If you enable this policy setting, cookies will be
preserved when the user clicks Delete. If you disable this policy setting, cookies will be
deleted when the user clicks Delete. If you do not configure this policy setting, the user will
be able to choose whether to delete or preserve cookies when the user clicks Delete. If the
'Turn off Delete Browsing History functionality' policy is enabled, this policy is enabled by
default. Configure this setting in a manner that is consistent with the security and
operational requirements of your organization.

*Rationale*

If a user is suspected of visiting unauthorized website the information stored in the data
cookies could be useful in verifying where he or she went online.

Solution

Configure the following Group Policy setting in a manner that is consistent with the
security and operational requirements of your organization-

Impact-If you enable this policy setting, users will not be able to delete cookies. If you disable or do
not configure this policy setting, users will be able to delete cookies.

See Also

https://workbench.cisecurity.org/files/1516

Item Details

Audit Name: CIS IE 9 v1.0.0

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Windows

Control ID: f8a8e71b3f2c37be512ed42cd4caf10eb370e89e2ac7dc0e953155aa35c2aed3