18.8.22.1.5 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'

Information

This policy setting specifies whether the Internet Connection Wizard can connect to Microsoft to download a list of Internet Service Providers (ISPs).
The recommended state for this setting is: Enabled.

Rationale:
In an enterprise managed environment we want to lower the risk of a user unknowingly exposing sensitive data.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled:
Computer Configuration\Policies\Administrative Templates\System\Internet Communication Management\Internet Communication settings\Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com
Note: This Group Policy path is provided by the Group Policy template ICM.admx/adml that is included with all versions of the Microsoft Windows Administrative Templates.

Impact:
The 'Choose a list of Internet Service Providers' path in the Internet Connection Wizard causes the wizard to exit. This prevents users from retrieving the list of ISPs, which resides on Microsoft servers.

Default Value:
Disabled. (Users can connect to Microsoft to download a list of ISPs for their area.)

References:
1. CCE-33153-8

See Also

https://workbench.cisecurity.org/benchmarks/14249

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION

References: 800-53|CA-7, CSCv6|13, CSCv7|13.3

Plugin: Windows

Control ID: af4dc2a476e7281411ec4b3bf106fa0d6c87a9cf11f75f9380d6774b5b8d81dd