STIGQter: STIG Summary: Microsoft Internet Explorer 11 Security Technical Implementation Guide Version: 1 Release: 19 Benchmark Date: 24 Jul 2020:

Prevent bypassing SmartScreen Filter warnings must be enabled.

DISA Rule

SV-79201r2_rule

Vulnerability Number

V-64711

Group Title

DTBI1060-IE11-Managing SmartScreen Filter Warnings

Rule Version

DTBI1060-IE11

Severity

CAT II

CCI(s)

• CCI-001242 - The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Weight

10

Fix Recommendation

If the system is on the SIPRNet, this requirement is NA.

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> ”Prevent bypassing SmartScreen Filter warnings” to ”Enabled”.

Check Contents

If the system is on the SIPRNet, this requirement is NA.

The policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> ”Prevent bypassing SmartScreen Filter warnings” must be ”Enabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter.

Criteria: If the value "PreventOverride" is REG_DWORD = 1, this is not a finding.

Vulnerability Number

V-64711

Documentable

False

Rule Version

DTBI1060-IE11

Severity Override Guidance

If the system is on the SIPRNet, this requirement is NA.

The policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> ”Prevent bypassing SmartScreen Filter warnings” must be ”Enabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter.

Criteria: If the value "PreventOverride" is REG_DWORD = 1, this is not a finding.

Check Content Reference

M

Target Key

2589

Comments