The OVAL Repository5.10.12013-08-03T07:05:58.458-04:00Verifies that SQL Server is running with a security CertificateMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to insure
that SQL Server has a security certicate.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies no Floppy Drives are installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to prevent
data being transfered off secured machines via floppy drives.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies there are no sharing of resourcesMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to prevent
data being transfered off secured machines via a share.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies that Anitvirus is installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This checks if an antivirus
is installed. NON-WMI Complaint products needs to be manually added as ORsKen LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies no USB Drives are installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2 This is intended to prevent
data being transfered off secured machines via USB (thumb) drives.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies that Firewall is installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This checks if a firewall
is installed. NON-WMI Complaint products needs to be manually added as ORsKen LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies there are no accounts that do not have expiring passwords or no passwordsMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to insure
that passwords are required and changed regularly.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies that Web Client Service is disabledMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to insure
that Web Client Service is disabled on appropriate machines, for example secured database
servers.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies no Infrared devices are installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to prevent
data being transfered off secured machines via infrared connections.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDVerifies no wireless adapters are installedMicrosoft Windows VistaMicrosoft Windows XPWorks on any Windows platform after Windows XP SP2. This is intended to prevent
data being transfered off secured machines via wireless connections.Ken LassesenDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: KSN is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: KSN is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: File monitoring is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: File monitoring is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: System Watcher is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: System Watcher is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Application StartUp Control is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Application StartUp Control is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Network Attack Blocker is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Network Attack Blocker is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Mail monitoring is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Mail monitoring is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: IM monitoring is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: IM monitoring is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Proactive Defence is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Proactive Defence is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Web monitoring is enabledMicrosoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows Server 2003Microsoft Windows XPMicrosoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Web monitoring is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Vulnerability Monitor is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Vulnerability Monitor is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Web Control is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Web Control is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Device Control is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Device Control is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Advanced Disinfection technology is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Advanced Disinfection technology is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Application Privilege Control is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Application Privilege Control is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8: Firewall is enabledMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8: Firewall is enabled.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDKaspersky Endpoint Security 8 is installedMicrosoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Kaspersky Endpoint Security 8Kaspersky Endpoint Security 8 is installed.Sergey ArtykhovDRAFTSergey ArtykhovINTERIMACCEPTEDACCEPTEDClear SSL Form Session DataMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThis will ensure that the form data stored in an SSL Secure session is cleared when the session ends.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisabling Auto-Install of Add-OnsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla Firefoxensure that no website is allowed to automatically install Add-Ons. Also, it will list how to ensure that proper notifications are shown when installing Add-Ons.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Sending LM HashMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Firefox from sending an LM Hash when authenticating to resources that request this authentication type.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Auto Notification of Outdated PluginsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThis feature automatically detects when installed Plugins are out of date and notifies the users to update the Plugins.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Blocking of Reported Attack SitesMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThis configuration will have Firefox check whether the site being visited may be an attempt to interfere with normal computer functions or send personal data to unauthorized parties over the Internet.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisallow JavaScript s Ability to Hide the Status BarMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent JavaScript from changing the Status Bar from showing the location of the content when a user visits a link or when content is being downloaded on a web page.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDBlock Pop-up WindowsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThe Pop-up Blocker is used to block Pop-ups which a website might open with or without any user interaction. These Pop-Ups can be used to open un-trusted malicious content.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Information Bar for Outdated PluginsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThis feature automatically shows an information bar when installed Plugins are out of date and notifies the users to update the Plugins.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Remember Search and Form HistoryMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent search and form history from being stored.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable SSPI AuthenticationMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can be configured to leverage the Microsoft Windows Security Support Provider Interface (SSPI).Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisallow Credential StorageMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Firefox from storing credentials for certain websites.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Virus Scanning for DownloadsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can be configured to scan downloads for viruses.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Warning When Entering Insecure SiteMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can notify users when a user enters an insecure (non-SSL) site from an encrypted SSL site.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Prompting for Credential StorageMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Firefox from prompting when credentials are entered in website forms so credentials cannot be stored.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Javascript Function to Move or Resize Existing WindowsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javasript from moving or resizing existing windows.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Javascript Functions to Raise or Lower WindowsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javascript from raising or lowering windowsMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Displaying Javascript in History URLsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxThis will ensure that JavaScript URLs are not displayed in the history bar.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Always Ask Where to Save FilesMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox should prompt for a location to save files every time.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Downloading on DesktopMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can download content on the desktop or other locations. It is recommended not to download files on desktop.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Warning of Loading Mixed ContentMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxWarn users when unencrypted data is loaded in an SSL encrypted session.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDAccept Only 1st Party CookiesMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxCookies are used to track valid session on internet websites. Securing cookie handling will help secure a user s browser session. It is recommended to only accept 1st party cookies.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Javascript Functions Disable or Replace Context MenusMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javascript from disabling or replacing context menusMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Caching of SSL PagesMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Firefox from locally caching the content of SSL pages on disk.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Auto UpdateMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxEnable updates for Firefox and extensions installed on Firefox.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Javascript Functions to Hide the Status BarMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javascript from hiding the status barMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Warn When Sites Try to Install Add-onsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxWill warn user when a site tries to install an add-onMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDelete Download HistoryMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxDelete Download HistoryMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDelete Search and Form HistoryMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxDelete Search and Form HistoryMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Closing of Windows via ScriptsMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can be configured to prevent script from closing browser windows.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Referer from an SSL WebsiteMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can be configured to omit the HTTP Referer header when the referring site is protected by SSL.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Javascript Functions to Change Status Bar TextMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javascript from changing the status barMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Online Certificate Status ProtocolMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox checks with Online Certification Status Protocol (OCSP) to ensure that the certificates are valid.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable JavaMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxDisable Java in FirefoxMichael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisable Scripting of Plugins by JavaScriptMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Javascript from initiating and interacting with the Plug-ins installed in Firefox.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Blocking of Reported Web ForgeriesMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxTThis configuration will have Firefox actively check whether the site being visited may be an attempt to mislead you into providing personal information (this is often referred to as phishing).Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Ask About Cookies Every TimeMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrompt user for permission to use a cookie.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Warning When Submitting Clear Text Form DataMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxFirefox can notify users when a user sends form data to an insecure (non-SSL) site.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable Warning of Using Weak EncryptionMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxWarn users when a website is using weaker encryption.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDelete History and Form DataMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent Firefox from storing the sites visited, information typed in forms, and downloads from Internet resources.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDDisallow JavaScript s Ability to Change the Status Bar TextMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxPrevent JavaScript from changing the Status Bar when showing the location of the content when a user hovers of a hyperlink, a user visits a link, or when content is being downloaded on a web page.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDEnable SSL 3.0 and TLS 1.0Microsoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Windows Server 2012Mozilla FirefoxEnable Transport Layer Security for Firefox.Michael A. LogoydaDRAFTJonathan BakerINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDChandan SINTERIMACCEPTEDACCEPTEDMozilla Firefox is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows 7Mozilla FirefoxThe browser installed on the system is Mozilla FirefoxPrabhu S ADRAFTINTERIMACCEPTEDJ. Daniel BrownINTERIMACCEPTEDBhavya KINTERIMDragos PrisacaACCEPTEDSergey ArtykhovINTERIMSergey ArtykhovACCEPTEDACCEPTEDNetBIOS Over TCP/IP is enabledMicrosoft Windows 2000NetBIOS** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NETBIOS is running."Tiffany BergeronINTERIMACCEPTEDJonathan BakerINTERIMACCEPTEDJeff ChengINTERIMJeff ChengJeff ChengDragos PrisacaACCEPTEDNicholas HansenINTERIMACCEPTEDACCEPTEDMicrosoft Windows NT is installedMicrosoft Windows NTThe operating system installed on the system is Microsoft Windows NT.Andrew ButtnerACCEPTEDJonathan BakerINTERIMACCEPTEDJonathan BakerJeff ChengINTERIMACCEPTEDAndrew ButtnerINTERIMACCEPTEDTim HarrisonINTERIMACCEPTEDACCEPTEDroot\Microsoft\SqlServer\ComputerManagementSelect FriendlyName FROM SecurityCertificateroot\cimv2select Name from Win32_FloppyDriveroot\cimv2Select Name from Win32_Shareroot\SecurityCenterSELECT instanceGuid FROM AntiVirusProductroot\cimv2select Name from Win32_DiskDrive where InterfaceType='USB'root\SecurityCenterSELECT instanceGuid FROM FirewallProductroot\cimv2Select Name from Win32_UserAccount Where PasswordRequired = False OR PasswordExpires =
Falseroot\Microsoft\SqlServer\ComputerManagementSELECT Name FROM Win32_NetworkClient Where Name='Web Client Network' and
Status='OK'root\cimv2select Name from Win32_InfraredDeviceroot\cimv2Select Name from Win32_NetworkAdapter where Name LIKE '%Wireless%' or ProductName LIKE
'%Wireless%'HKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\settingsKSN_AllowGlobalHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\FileAntiVirusFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\File_MonitoringenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\SW_PDMenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\EntAppControlenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\EntAppControlinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\idsenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\idsinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\Mail_MonitoringenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\MailAntiVirusFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\IM_MonitoringenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\InstantMessengerFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\SW_PDM\profiles\SW2\settings\defuseBss_HKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\SW_PDM\profiles\SW2\settingsuseBss_HKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\Web_MonitoringenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\WebAntiVirusFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\VulnsScan2rtinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\VulnsScan2rtenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\WebControlenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\WebControlFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\DeviceControlFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\DeviceControlenabledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\AVService\settingsUseActiveDisinfectionHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\AVService\settings\defUseActiveDisinfectionHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\SystemWatcherFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\HipsTaskinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Controls\profiles\HipsTaskenabledHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D72DD679-A3EC-4FCF-AFAF-12E2552450B6}VersionMajorHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\Installer\features\FirewallFeatureinstalledHKEY_LOCAL_MACHINESOFTWARE\KasperskyLab\protected\KES8\profiles\Protection\profiles\Firewallenabledprefs.js(browser\.sessionstore\.privacy_level)1prefs.js(xpinstall\.whitelist\.required)1prefs.js(network\.ntlm\.send-lm-response)1prefs.js(plugins\.update\.notifyUser)1prefs.js(browser\.safebrowsing\.malware\.enabled)1prefs.js(dom\.disable_window_open_feature\.status)1prefs.js(privacy\.popups\.policy)1prefs.js(plugins\.hide_infobar_for_outdated_plugin)1prefs.js("browser\.formfill\.enable", false)1prefs.js(network\.auth\.use-sspi)1prefs.js("signon\.rememberSignons", false)1prefs.js(browser\.download\.manager\.scanWhenDone)1prefs.js(security\.warn_entering_weak)1prefs.js(security\.ask_for_password)1prefs.js("dom\.disable_window_move_resize", true)1prefs.js("dom\.disable_window_flip", false)1prefs.js(browser\.urlbar\.filter\.javascript)1prefs.js("browser\.download\.useDownloadDir", false)1prefs.js("browser\.download\.folderList", 2)1prefs.js(security\.warn_viewing_mixed)1prefs.js("network\.cookie\.cookieBehavior", 1)1prefs.js("dom\.event\.contextmenu\.enabled", false)1prefs.js(browser\.cache\.disk_cache_ssl)1prefs.js(app\.update\.auto)1prefs.js("dom\.disable_window_open_feature\.status", false)1prefs.js("xpinstall\.whitelist\.required", false)1prefs.js("browser\.download\.manager\.retention", 0)1prefs.js("browser\.formfill\.enable", false)1prefs.js(dom\.allow_scripts_to_close_windows)1prefs.js("network\.http\.sendSecureXSiteReferrer", false)1prefs.js("dom\.disable_window_status_change", false)1prefs.js(security\.OCSP\.enabled)1prefs.js("services\.sync\.prefs\.sync\.security\.enable_java", false)1prefs.js("security\.xpconnect\.plugin\.unrestricted", false)1prefs.js(browser\.safebrowsing\.enabled)1prefs.js("network\.cookie\.lifetimePolicy", 1)1profiles.ini(\w*\.default)1HKEY_CURRENT_USERVolatile EnvironmentAPPDATAprefs.js("security\.warn_submit_insecure", true)1prefs.js(security\.warn_entering_weak)1prefs.js("browser\.history_expire_days", 0)1prefs.js(dom\.disable_window_status_change)1HKEY_LOCAL_MACHINESOFTWARE\Mozilla\Mozilla Firefoxprefs.js(security\.enable_ssl3)1profiles.ini(\w*\.default)1HKEY_CURRENT_USERVolatile EnvironmentAPPDATAHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\NetBT\LinkageBindHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\NetBT\LinkageExportHKEY_LOCAL_MACHINESYSTEM\CurrentControlSet\Services\NetBT\LinkageRoute81"browser.formfill.enable", false"signon.rememberSignons", false"dom.disable_window_move_resize", true"browser.download.useDownloadDir", false"browser.download.folderList", 2"network.cookie.cookieBehavior", 1"dom.event.contextmenu.enabled", false"browser.download.manager.retention", 0"browser.formfill.enable", false"network.http.sendSecureXSiteReferrer", false"services.sync.prefs.sync.security.enable_java", false"security.xpconnect.plugin.unrestricted", false"network.cookie.lifetimePolicy", 1"security.warn_submit_insecure", true"browser.history_expire_days", 0^[0-9]+\..*$windows4.05.0000\Mozilla\Firefox\Profiles\\Mozilla\Firefox\\Mozilla\Firefox\Profiles\\Mozilla\Firefox\