STIGQter: STIG Summary: Adobe Acrobat Professional DC Continuous Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 01 Jul 2019: STIGQter: STIG Summary: Adobe Acrobat Professional DC Continuous Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 01 Jul 2019:SV-94087r1_rule
V-79381
SRG-APP-000431
AADC-CN-001015
CAT II
10
Configure the following registry value:
Registry Hive:
HKEY_LOCAL_MACHINE
Registry Path:
\Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown
Value Name: iProtectedView
Type: REG_DWORD
Value: 2
Configure the policy value for Computer Configuration > Administrative Template > Adobe Acrobat Pro DC Continuous > Preferences > Security (Enhanced) > 'Protected View' to 'Enabled' and select 'All files' in the drop down box.
This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
Verify the following registry configuration:
Using the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown
Value Name: iProtectedView
Type: REG_DWORD
Value: 2
If the value for iProtectedView is not set to “2” and Type is not configured to REG_DWORD or does not exist, this is a finding.
GUI path: Edit > Preferences > Security (Enhanced) > In the 'Protected View' section, verify the radio button for 'All files' is checked and greyed out (locked). If the button is not checked nor greyed out, this is a finding.
Admin Template path: Computer Configuration > Administrative Template > Adobe Acrobat Pro DC Continuous > Preferences > Security (Enhanced) > 'Protected View' must be set to 'Enabled' and 'All files' selected in the drop down box.
This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
V-79381
False
AADC-CN-001015
Verify the following registry configuration:
Using the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown
Value Name: iProtectedView
Type: REG_DWORD
Value: 2
If the value for iProtectedView is not set to “2” and Type is not configured to REG_DWORD or does not exist, this is a finding.
GUI path: Edit > Preferences > Security (Enhanced) > In the 'Protected View' section, verify the radio button for 'All files' is checked and greyed out (locked). If the button is not checked nor greyed out, this is a finding.
Admin Template path: Computer Configuration > Administrative Template > Adobe Acrobat Pro DC Continuous > Preferences > Security (Enhanced) > 'Protected View' must be set to 'Enabled' and 'All files' selected in the drop down box.
This policy setting requires the installation of the AcrobatProDCContinuous custom templates included with the STIG package. "AcrobatProDCContinuous.admx" and "AcrobatProDCContinuous.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
M
3371