Configuring Windows Internet Explorer 7 Security Lesson 5
- Slides: 54
Configuring Windows Internet Explorer 7 Security Lesson 5
Technology Skill Understanding Internet Explorer Security Objective Domain Skill Domain # Configure and troubleshoot 2. 1 security for Windows Internet Explorer 7+ • Troubleshoot policysetting issues Understanding Security Zones Troubleshoot policy-setting 2. 1 issues Understanding Internet Explorer Protected Mode Troubleshoot Protected Mode issues Skills Matrix 2. 1
Technology Skill Understanding Active. X Opt -in and Active. X Installer Services Understanding Active. X Opt -in Understanding and Configuring the Active. X Installer Service Objective Domain Skill Domain # Active. X Opt-in and Active. X 2. 1 Installer Service Understanding and Managing Add-Ons Configure and troubleshoot 2. 1 security for Windows Internet Explorer 7+ Skills Matrix Active. X Opt-in and Active. X 2. 1 Installer Service
Technology Skill Understanding and Configuring the Phishing Filter Objective Domain Skill Domain # Configure and troubleshoot 2. 1 security for Windows Internet Explorer 7+ Resetting Internet Explorer Settings Configuring Additional Group Policy Security Settings Troubleshoot policy-setting 2. 1 issues Understanding Certificates Troubleshoot certificate issues Skills Matrix 2. 1
Understanding Internet Explorer Security Internet Explorer 7 security has several new additions, including Internet Explorer Protected Mode (available only on Windows Vista) and Active. X Opt-in. Ø Explorer Protected Mode Ø Active. X Opt-in and Active. X Installer Services Ø Phishing Filter Ø Reset Internet Explorer Settings (REIS) Understanding Internet Explorer Security
Configuring IE 7 Security Settings Through Group Policy Click Start. In the Start Search box, key gpmc. msc and then press Ctrl + Shift + Enter. A User Account Control dialog box appears. Provide OK. administrator credentials, and then click In the console tree, expand Forest: Forest. Name > Domains > Domain. Name > Group Policy Objects. Understanding Internet Explorer Security
Configuring IE 7 Security Settings Through Group Policy (cont. ) • Right-click the Group Policy object for which you want to configure Internet Explorer security settings, and then click Edit. The Group Policy Object Editor opens with the GPO you selected loaded. • In the console tree, expand Computer Configuration > Administrative Templates > Windows Components > Internet Explorer. Understanding Internet Explorer Security
Configuring IE 7 Security Settings Through Group Policy (cont. ) Internet Explorer Group Policy settings Understanding Internet Explorer Security
Understanding Security Zones Security zones are divisions of URL namespaces that enable you to vary security according to where the content is coming from. Ø Internet Ø Local Intranet Ø Trusted Sites Ø Restricted Sites Ø Local Machine Understanding Security Zones
Understanding Security Zones (cont. ) Low security Ø Default template for the Local Machine zone Ø Minimal safeguards and warning prompts provided Ø Most content is downloaded and run without prompts Ø All active content can run Ø Appropriate for sites that you absolutely trust Understanding Security Zones
Understanding Security Zones (cont. ) Medium-low security Ø Default template for the Local Intranet zone Ø Appropriate for websites on your local network (intranet) Ø Most content will run without prompting you Ø Unsigned Active. X controls will not be downloaded Ø Same as Medium level without prompts Understanding Security Zones
Understanding Security Zones (cont. ) Medium security Ø Default template for the Trusted Sites zone Ø Prompts before downloading potentially unsafe content Ø Unsigned Active. X controls will not be downloaded Understanding Security Zones
Understanding Security Zones (cont. ) Medium-high security Ø Default template for the Internet zone Ø Appropriate for most websites Ø Prompts before downloading potentially unsafe content Ø Unsigned Active. X controls will not be downloaded Understanding Security Zones
Understanding Security Zones (cont. ) High security Ø Default template for the Restricted Sites zone Ø Appropriate for websites that might contain harmful content Ø Maximum safeguards Ø Less secure features are disabled Understanding Security Zones
Configuring Zone Security Settings Locally It is not uncommon for a user to experience browser problems due to an action that is disallowed by the settings for the security zone. In Internet Explorer, in the Tools menu, click Internet Options. Click the Security tab. Understanding Security Zones
Configuring Zone Security Settings Locally (cont. ) In the Select a zone to view or change security settings section, select the zone for which you want to configure a security setting. To change the template that Windows assigns to the zone, use the slide in the Security level for this zone section. To customize security for the selected zone, click Custom level. The Security Settings – Zone. Name Zone dialog box appears. Understanding Security Zones
Configuring Zone Security Settings Locally (cont. ) • To configure custom settings, select the options as desired for each of the security settings in the Settings standard list box. • To restore all settings to their original configuration, click Reset. Understanding Security Zones
Internet Explorer Protected Mode is a feature of Internet Explorer 7 available on Windows Vista. Protected Mode protects against unsolicited installation of software and modification of data. Understanding Internet Explorer Protected Mode
Enabling or Disabling Protected Mode Locally Select a zone to view or change security settings from the Security tab to configure Protected Mode. Understanding Internet Explorer Protected Mode
Configuring Protected Mode Through Group Policy Open the GPO you want to edit in the Group Policy Object Editor. In the console of the Group Policy Object Editor, expand Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page. Understanding Internet Explorer Protected Mode
Configuring Protected Mode Through Group Policy (cont. ) • Select Zone. Name, where Zone. Name is the zone for which you want to configure Windows Protected Mode policy. • In the details pane, right-click Turn on Protected Mode, and then click Properties. Understanding Internet Explorer Protected Mode
Configure Protected Mode Through Group Policy (cont. ) Select one of the following: Ø Not Configured – Select this option to enable users to turn Windows Protected Mode on or off for this zone. Ø Enabled – Select this option to turn on Protected Mode for this zone and to disallow users the ability to turn it off. Understanding Internet Explorer Protected Mode
Configure Protected Mode Through Group Policy (cont. ) Select one of the following: Ø Disabled – Select this option to turn off Protected Mode for this zone and to disallow users the ability to turn it on. Understanding Internet Explorer Protected Mode
Active. X Opt-in and Active. X Installer Services Active. X Opt-in limits exposure to malicious Active. X controls by disabling most Active. X controls and by requiring permission from a user with administrator credentials before installing any of the remainder of Active. X controls. The Active. X Installer Services enable administrators to specify a list of Active. X controls that users are enabled to install without administrator credentials. Understanding Active. X Opt-in and Active. X Installer Services
Active. X Opt-in and Active. X Installer Services (cont. ) By default, Active. X Opt-in will not disable the following Active. X controls: Ø Commonly used controls whose security Microsoft has already deemed acceptable Ø Controls used in a previous version of Internet Explorer before upgrading to Internet Explorer 7 Ø Controls that Active. X Opt-in automatically enables during the install process when the user downloads them using IE 7 Understanding Active. X Opt-in and Active. X Installer Services
Active. X Opt-in and Active. X Installer Services (cont. ) When you select Install Active. X Control, a User Account Control dialog box will open. You can then provide administrator credentials to install the Active. X Control. Understanding Active. X Opt-in and Active. X Installer Services
Enabling or Disabling Active. X Opt -in Locally Open the Security Settings – Zone. Name Zone dialog box for the zone in which you want to enable or disable Active. X Opt-in. Scroll the list box until you find the Active. X controls and plug-ins section. Understanding Active. X Opt-in and Active. X Installer Services
Enabling or Disabling Active. X Opt -in Locally (cont. ) Under the Allow previously unused Active. X controls to run without prompt setting, select one of the following: Ø Disable – Select this option to Enable Active. X Opt-in (this is correct: you disable this setting to enable Active. X Opt-in). Ø Enable – Select this option to disable Active. X Opt -in (this is correct: you enable this setting to disable Active. X Opt-in). Understanding Active. X Opt-in and Active. X Installer Services
Configuring Active. X Opt-in Through Group Policy Turn Off First-Run Opt-In Properties dialog box with Enabled selected Understanding Active. X Opt-in and Active. X Installer Services
Active. X Installer Service The Active. X Installer Service (Ax. IS) enables administrators to allow standard users to install Active. X controls. Using the Active. X Installer Service requires four components: Ø Internet Explorer 7+ Ø Active. X Installer Service Ø Group Policy configuration Ø Approved installation sites for Active. X controls Understanding Active. X Opt-in and Active. X Installer Services
Turning on the Active. X Installer Service Locally Select the Active. X Installer Service check box, and then click OK. Understanding Active. X Opt-in and Active. X Installer Services
Configuring Active. X Installer Service Through Group Policy Key 2, 2, 1, 0 x 00002000 to: Ø Install Active. X controls silently (TPSSigned. Contro=2 and Signed. Control=2), Ø Require user permission to install unsigned Active. X controls (Unsigned. Control=1) Ø Ignore invalid certificate dates for Active. X controls: (Server. Certificate. Policy=0 x 00002000) Understanding Active. X Opt-in and Active. X Installer Services
Managing Add-ons You can manage Add-ons using the Manage Add -ons dialog box. Add-ons extend the functionality of Internet Explorer, but can also be malicious or cause instability or poor performance. Understanding and Managing Add-ons
Running Internet Explorer Without Add-Ons From the Start menu, click All Programs. Click Accessories, click System Tools, and then click Internet Explorer (No Add-ons). An intercept page indicates that Internet Explorer is running without add-ons. Understanding and Managing Add-ons
Managing Internet Explorer -Ons Add-ons that have been used by Internet Explorer – Select this option to display a complete list of the add-ons that reside on your computer. Add-ons currently loaded in Internet Explorer – Select this option to display only those add-ons that were needed for the current web page or a recently viewed web page. Understanding and Managing Add-ons
Managing Internet Explorer -Ons (cont. ) Add-ons that run without requiring permission – Select this option to display addons that are pre-approved by Microsoft, your computer manufacturer, or a service provider. These add-ons are less likely to be the cause of problems. Downloaded Active. X Controls (32 -bit) – Select this option to display only 32 -bit Active. X controls. Understanding and Managing Add-ons
Certificates identify the owner of Internet entities, such as websites. They also enable you to communicate with other users through public key encryption. Understanding Certificates
Certificates (cont. ) If you click Certificate Error, the Untrusted Certificate warning box will open. You can click View certificates to see detailed information on the certificate, including who issued it. Understanding Certificates
Phishing Filter Phishing is the action taken when attackers attempt to trick users into giving personal or financial information through fraudulent emails for the purpose of identity theft. The Phishing Filter monitors websites and alerts you when it suspects that you have encountered a phishing website. Understanding and Configuring the Phishing Filter
Enabling or Disabling the Phishing Filter Locally Open Internet Explorer, and then open the Security Settings – Zone. Name Zone dialog box for the zone in which you want to enable or disable the Phishing Filter. In the Security Settings – Zone. Name Zone dialog box, scroll the list box until you find the Miscellaneous section. Understanding and Configuring the Phishing Filter
Enabling or Disabling the Phishing Filter Locally (cont. ) Continue scrolling down to the Use Phishing Filter setting, and then select one of the following: Ø Disable – Select this option to disable the Phishing Filter. Ø Enable – Select this option to enable the Phishing Filter. Understanding and Configuring the Phishing Filter
Configuring the Phishing Filter Through Group Policy Ø Not Configured – Select this option to prompt users to choose the mode of operation for the Phishing Filter. Ø Enabled – Select this option to enable the Phishing Filter without prompting the user. Ø Disabled – Select this option to prompt users to choose the mode of operation for the Phishing Filter. Understanding and Configuring the Phishing Filter
Resetting Internet Explorer Settings You can reset many Internet Explorer settings simultaneously to restore the browser to a more uncorrupted state in an attempt to remedy instability. Resetting Internet Explorer Settings
Resetting Internet Explorer Settings (cont. ) REIS resets the following: Ø Browser settings – Resets all user-defined browser settings Ø Extensibility – Any extensions that you have added, such as toolbars, are prevented from running automatically. Also, Active. X Opt-in is reset. Resetting Internet Explorer Settings
Resetting Internet Explorer Settings (cont. ) Browsing history and temporary files are restored including temporary Internet files, cookies, browsing history, form data, passwords, and auto-complete data. Manufacturer settings for Internet Explorer as set by the computer manufacturer are restored. Resetting Internet Explorer Settings
Resetting Internet Explorer Settings (cont. ) Reset Internet Explorer Settings on the Advanced tab of the Internet Options dialog box. Resetting Internet Explorer Settings
Managing Internet Explorer Security Using Group Policy You can centrally manage Internet Explorer 7 security settings by using Group Policy. Configuring Additional Group Policy Security Settings
You Learned Internet Explorer 7 security is improved compared with previous versions. It is raised further by Internet Explorer Protected Mode, which is available only on Windows Vista. Protected Mode protects against unsolicited installation of software and modification of data. You learned how to enable or disable Protected Mode. Summary
You Learned (cont. ) Security zones divide URL namespaces and enable you to vary security according to where the content is coming from. You learned how to configure zone security settings. Summary
You Learned (cont. ) Active. X Opt-in limits exposure to malicious Active. X controls by disabling most Active. X controls by default and requiring permission from a user with administrator credentials before installing any of the remaining Active. X controls. Summary
You Learned (cont. ) Active. X Installer Services enable administrators to specify a list of Active. X controls that users can install without administrator credentials. You learned how to enable or disable Active. X Opt-in. You learned how to configure the Active. X Installer Service. Summary
You Learned (cont. ) Add-ons extend the functionality of Internet Explorer, but they can also be malicious or cause instability or poor performance. You learned how to manage Add-ons using the Manage Add-ons dialog box. You learned how to run Internet Explorer without add-ons. Summary
You Learned (cont. ) Certificates identify the owner of Internet entities, such as websites. They also enable you to communicate with other users through public key encryption. The Phishing filter monitors websites and alerts you when it suspects that you have encountered a phishing website. Summary
You Learned (cont. ) You learned how to enable or disable the Phishing Filter. You learned how to configure the Phishing Filter. You learned how to simultaneously reset many Internet Explorer settings using REIS to restore the browser to a more uncorrupted state in an attempt to remedy instability. Summary
- Windows 7 internet security settings
- Rosemarie rizzo parse human becoming theory
- Cisco otv white paper
- Dansguardian squid
- Configuring a network operating system
- Configuring a network operating system
- Packet tracer configuring multiarea ospfv2
- Security private
- Windows explorer
- Windows explorer
- Vinnie liu
- Web resurs manzili
- 1994 netscape navigator
- Firefox o internet explorer
- Analyse internet explorer
- Trident web browser
- Activar cookies explorer
- Internet explorer architecture
- Paul cullimore
- Pengertian internet explorer
- Sebutkan bagian-bagian browser internet explorer
- Java internet explorer
- Windows movie maker fade out audio
- Windows 2000 media player
- Alternatief voor windows live mail
- Windows driver kit windows 7
- Windows movie maker download microsoft
- Skins windows media player
- Windows identity foundation windows 10
- Windws update
- Download windows xp mode
- Windows mobile center windows 10
- Manual windows movie maker
- Ipseq
- Windows xp mode for windows 10
- What is wins
- What is internet
- Security strategies in windows platforms and applications
- Security strategies in windows platforms and applications
- Microsoft windows 10 security update
- Security strategies in windows platforms and applications
- Nexpose
- Windows security book
- Lab 16-3 microsoft windows os security settings
- Security architecture for the internet protocol
- What is internet security and acceleration server
- The most complex part of tls is the __________.
- Angel binary internet security
- Iss vulnerability scanner
- Internet security case study
- Vpn vs peerblock
- What is the osi security architecture?
- Security guide to network security fundamentals
- Wireless security in cryptography and network security
- Visa international security model