Download IESS

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
Document related concepts

Wireless security wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Net bias wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer security wikipedia , lookup

Cross-site scripting wikipedia , lookup

Transcript 
Appendix C: Internet Explorer Security
Settings
Selecting Custom-Level Security Settings
Microsoft® Internet Explorer contains four default security zones: Internet, local
intranet, trusted sites, and restricted sites. Microsoft Internet Explorer 5.0
allows custom security levels to be defined for these security zones. You can
enable or disable specific security options depending on the needs of your
organization and its users. The custom-level security options for Internet
Explorer are grouped into the following categories:

ActiveX® controls and plug-ins

Cookies

Downloads

Java

Miscellaneous

Scripting

User authentication
Note These custom-level security options apply to Internet Explorer. These
security options are for Microsoft Windows® 32-bit platforms, but some options
might also apply to Windows 16-bit or UNIX platforms.
ActiveX Controls and Plug-Ins
ActiveX controls and plug-in options dictate how Internet Explorer approves,
downloads, runs, and allows ActiveX controls and plug-ins to interact with
scripts.
Note If a user downloads an ActiveX control from a site that is different from
the page on which it is used, Internet Explorer applies the more restrictive of the
two sites’ zone settings. For example, if a user accesses a Web page within a
zone that is set to permit a download, but the code is downloaded from another
zone that is set to prompt a user first, Internet Explorer will prompt the user
before downloading the ActiveX control.
The following options are included for ActiveX controls and plug-ins:

Download signed ActiveX controls. Determines whether users can
download signed ActiveX controls from a page in the zone.
2
Appendix C: Internet Explorer Security Settings

Download unsigned ActiveX controls. Determines whether users can
download unsigned ActiveX controls from the zone. ActiveX controls are
potentially harmful, especially when coming from an untrusted zone.

Initialize and script ActiveX controls not marked as safe. Determines
whether ActiveX controls that are classified as untrusted can be initialized.
Untrusted controls are not meant for use on Internet Web pages, but in some
cases, they can be used with pages that can absolutely be trusted to not use
the controls in a harmful way. Object safety must be enforced unless you
can trust all ActiveX controls and scripts on pages in the zone.

Run ActiveX controls and plug-ins. Determines whether Internet Explorer
can run ActiveX controls and plug-ins from pages in the zone.

Script ActiveX controls marked safe for scripting. Determines whether an
ActiveX control that is marked safe for scripting can interact with a script.
The following table identifies the default value for each custom-level security
option for ActiveX controls and plug-ins.
Security option
Low
Medium-low
Medium
High
Download signed ActiveX controls
Enable
Prompt
Prompt
Disable
Download unsigned ActiveX controls
Prompt
Disable
Disable
Disable
Initialize and script ActiveX controls not
marked as safe
Prompt
Disable
Disable
Disable
Run ActiveX controls and plug-ins
Enable
Enable
Enable
Disable
Script ActiveX controls marked safe for
scripting
Enable
Enable
Enable
Disable
Cookies
The cookie security options determine the settings for per-session cookies (text
files that store the user’s preferences) and cookies that are stored on the client
computer. The cookie security options include:

Allow cookies that are stored on your computer. Determines whether
cookies are stored on the hard drive for future browsing sessions. For
example, this option can allow a list of preferences or a user’s name to be
retained for the user’s next browsing session.

Allow per-session cookies (not stored). Determines how long cookies are
stored when users browse a Web site. For example, this setting can allow a
virtual shopping cart to be created while a user is shopping online. Persession cookies do not remain on the hard disk; they are, in effect, only for
the specific browsing session.
The following table identifies the default value for each custom-level security
option for cookies.
Security option
Low
Medium-low
Medium
High
Allow cookies that are stored on your
computer
Always
Always
Always
Disable
Allow per-session cookies (not stored)
Always
Always
Always
Disable
Appendix C: Internet Explorer Security Settings
3
Downloads
Download options specify how Internet Explorer handles downloads from the
Internet. The download options include:

File download. Controls whether file downloads are permitted within the
zone. This option is determined by the zone of the page that contains the
download link, not the zone from which the file originates.

Font download. Determines whether Web pages within the zone can
download Hypertext Markup Language (HTML) fonts.
The following table identifies the default value for each custom-level security
option for downloads.
Security option
Low
Medium-low
Medium
High
File download
Enable
Enable
Enable
Disable
Font download
Enable
Enable
Enable
Prompt
Java
Java options control the permissions that are granted to Java applets when Java
applets are downloaded and run in a security zone. Depending on the Internet
Explorer components that you install, you might not be able to view or set these
options.
If a Java applet is downloaded from a different site than the page on which it is
used, the more restrictive of the two sites’ zone settings is applied. For example,
if a user accesses a Web page within a zone that is set to allow a download, but
the code is downloaded from another zone that is set to prompt a user first,
Internet Explorer uses the prompt setting.
The only setting for Java is Java permissions. The following settings can be set
for Java permissions:

Custom. Controls permission settings individually.

Disable Java. Prevents any Java applets from running.

High safety. Enables applets to run in their own memory space, but does not
allow applets to make programming calls outside their own memory space.

Low safety. Enables applets to perform all operations.

Medium safety. Enables applets to run in their own memory space. In
addition, applets are given other capabilities, such as access to a safe and
secure storage area on the client computer, and user-controlled file input and
output.
The following table identifies the default value for each custom-level security
option for Java settings.
Security option
Low
Medium-low
Medium
High
Java permissions
Low safety
Medium safety
Medium safety
High safety
Miscellaneous
Miscellaneous options control file and data access options. The following
options are available for configuration:
4
Appendix C: Internet Explorer Security Settings

Access data sources across domains. Specifies whether components that
connect to data sources can be allowed to connect to a different server to
obtain data.

Drag and drop, or copy and paste files. Controls whether users can drag and
drop, or copy and paste, files from Web pages within the zone.

Installation of desktop items. Controls whether users can install desktop
items from Web pages within the zone.

Launching applications and files in an IFRAME. Controls whether users can
launch applications and files from an element containing a directory or
folder reference (known as an IFRAME) in Web pages within the zone.

Software channel permissions. Controls the permissions given to software
distribution channels. This option has the following settings:
 High safety. Prevents users from being notified of software updates by email, software packages from being automatically downloaded to users’
computers, and software packages from being automatically installed on
users’ computers.
 Low safety. Notifies users of software updates by e-mail, software
packages to be automatically downloaded to users’ computers, and
software packages to be automatically installed on users’ computers.
 Medium safety. Notifies users of software updates by e-mail and
software packages to be automatically downloaded to (but not installed
on) users’ computers. The software packages must be validly signed; the
user is not prompted about the download.

Submit nonencrypted form data. Determines whether HTML pages in the
zone can submit forms to, or accept forms from, servers in the zone. Forms
sent with Secure Sockets Layer (SSL) encryption are always allowed; this
option only affects data that non-SSL forms submit.

Userdata persistence. Determines whether a Web page can save a small file
of personal information associated with the page at the client computer.
The following table identifies the default value for each custom-level security
option for miscellaneous settings.
Security option
Low
Medium-low
Medium
High
Access data sources across domains
Enable
Prompt
Disable
Disable
Drag and drop, or copy and paste files
Enable
Enable
Enable
Prompt
Installation of desktop items
Enable
Enable
Prompt
Disable
Launching applications and files in an
IFRAME
Enable
Enable
Prompt
Disable
Software channel permissions
Low safety
Medium safety
Medium safety
High safety
Submit nonencrypted form data
Enable
Enable
Prompt
Prompt
Userdata persistence
Enable
Enable
Enable
Disable
Scripting
Scripting options specify how Internet Explorer will handle any scripts that are
encountered. Options include:

Active scripting. Determines whether Internet Explorer can run script code
on pages in the zone.
Appendix C: Internet Explorer Security Settings
5

Allow paste operations via script. Determines whether a Web page can cut,
copy, and paste information from the Clipboard.

Scripting of Java applets. Determines whether scripts within the zone can
use objects that exist within Java applets. This capability allows a script on a
Web page to interact with a Java applet.
The following table identifies the default value for each custom-level security
option for scripting.
Security option
Low
Medium-low
Medium
High
Active scripting
Enable
Enable
Enable
Enable
Allow paste operations via script
Enable
Enable
Enable
Disable
Scripting of Java applets
Enable
Enable
Enable
Disable
User authentication
User authentication determines how Hypertext Transfer Protocol (HTTP) user
authentication is handled. The one setting, Logon, can be set to one of four
values:

Anonymous logon. Disables HTTP authentication and uses the assigned
anonymous account for all file and resource access permissions.

Automatic logon only in Intranet zone. Prompts for user account and
password to access data in other zones. After users are prompted, these
values can be used silently for the remainder of the session.

Automatic logon with current user name and password. Attempts to log on
by using Microsoft Windows NT® Challenge/Response (also known as
NTLM authentication), an authentication protocol between the client
computer and the application server. If the server supports Windows NT
Challenge/Response, the logon request uses the network user name and
password to log on. This is transparent to the user accessing the server. If
the server does not support Windows NT Challenge/Response, users are
prompted to provide their user name and password.

Prompt for user name and password. Prompts users for their user account
and password. After users are prompted, the submitted credentials are used
for the remainder of the session and the user is not prompted to re-enter the
credentials.
The following table identifies the default value for the custom-level security
option for Logon.
Security option
Low
Medium-low
Medium
High
Logon
Automatic
Automatic
Prompt
Prompt
Related documents
Lsn 14: Client Side Vulnerabilties
Lsn 14: Client Side Vulnerabilties
Java Development Kit and Installation Instructions for
Java Development Kit and Installation Instructions for
Java Software Development Kit (JDK 8u121) installation Step by
Java Software Development Kit (JDK 8u121) installation Step by
Guide to the Eclipse IDE
Guide to the Eclipse IDE
Install the JAVA runtime problem
Install the JAVA runtime problem
A Java Environment for High-Performance Computing
A Java Environment for High-Performance Computing
The First Crusade (7.6.6) Background: In 1096, thousands of
The First Crusade (7.6.6) Background: In 1096, thousands of
Java JRE / Web Start Setup Guide
Java JRE / Web Start Setup Guide
How to Write, Compile, and Run a Simple Java Program
How to Write, Compile, and Run a Simple Java Program
Programming
Programming
Table of Contents - Baton Rouge Community College
Table of Contents - Baton Rouge Community College
Internet Explorer Settings For Federated Identity Service
Internet Explorer Settings For Federated Identity Service
huang
huang