ࡱ>       f2\p Sain, Joe Ba==xN%58X@"1rCalibri1rCalibri1rCalibri1rCalibri1rCalibri1h8rCambria1,8rCalibri18rCalibri18rCalibri1rCalibri1rCalibri1<rCalibri1>rCalibri1?rCalibri14rCalibri14rCalibri1 rCalibri1 rCalibri1rCalibri1rCalibri1 rCalibri1rCalibri1rArial1rArial1rArial1rArial1 rArial1rArial1rCalibri1 rArial1rArial1<rArial1rArial1rVerdana1rArial"$"#,##0_);\("$"#,##0\)!"$"#,##0_);[Red]\("$"#,##0\)""$"#,##0.00_);\("$"#,##0.00\)'""$"#,##0.00_);[Red]\("$"#,##0.00\)7*2_("$"* #,##0_);_("$"* \(#,##0\);_("$"* "-"_);_(@_).))_(* #,##0_);_(* \(#,##0\);_(* "-"_);_(@_)?,:_("$"* #,##0.00_);_("$"* \(#,##0.00\);_("$"* "-"??_);_(@_)6+1_(* #,##0.00_);_(* \(#,##0.00\);_(* "-"??_);_(@_)[$-409]General                                                                       ( (     ff + ) , *      P  P         ` (d (d (d (d (d (d (d (d (d (d (d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d 1(d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (d (                                                                                                                                                                  !                                                                                       ! ! ! ! ! ! ! ! ! ! !                                                                                                                                  !  ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  ! ! !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    !                                                                                                                                              ! ! ! ! ! ! ! ! ! !                                                ! ! ! ! ! ! ! ! !  ! !           ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  ! ! ! ! ! ! ! ! ! !  !  ! ! ! !       (   (                              !       #   a>   @ @  !8@ @ )x@ @   `@ @   `@ @  8@ @ x@ @  x@ @   8@ @ (8@ @ (x@ @  (x@ @   p@ @   0@ @  (x@ @   p@ @  ||I/2}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-} 00\);_(*}-} 00\);_(*}-}/ 00\);_(*}-}0 00\);_(*}-}1 00\);_(*}-}2 00\);_(*}-}4 00\);_(*}-}6 00\);_(*}A}6 00\);_(*;_(@_) }A}7 00\);_(*?;_(@_) }A}8 00\);_(*23;_(@_) }-}9 00\);_(*}A}5 a00\);_(*;_(@_) }A}) 00\);_(*;_(@_) }A} e00\);_(*;_(@_) }}; ??v00\);_(*̙;_(@_)    }}3 ???00\);_(*;_(@_) ??? ??? ??? ???}}- }00\);_(*;_(@_)    }A}< }00\);_(*;_(@_) }}. 00\);_(*;_(@_) ??? ??? ??? ???}-}8 00\);_(*}}1 00\);_(*;_(@_)    }-}4 00\);_(*}U}7 00\);_(*;_(@_)  }A}" 00\);_(*;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*23;_(@_) }A}# 00\);_(*;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*23;_(@_) }A}$ 00\);_(*;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*23;_(@_) }A}% 00\);_(*;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*23;_(@_) }A}& 00\);_(*;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*L;_(@_) }A}  00\);_(*23;_(@_) }A}' 00\);_(* ;_(@_) }A} 00\);_(*ef ;_(@_) }A} 00\);_(*L ;_(@_) }A}! 00\);_(*23 ;_(@_) }}*}}9}(}+00\);_(*}(};00\);_(*}-}<_(*}-}=_(*}(}?_(*}(}@_(*}(}C_(*}(}D_(*}-}E_(*}}F}(}G_(*}-}H_(*}<}( _(* 3 ;_(}<}* _(*3 ;_(}(}3 _(*}<} e_(*3 ;_(}(}H _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(}+ _(*}(}- _(*}(}. _(*}(}/ _(*}(}0 _(*}(}1 _(*}(}2 _(*}(}3 _(*}(}4 _(*}(}5 _(*}(}6 _(*}(}8 _(*}(}9 _(*}(}: _(*}(}; _(*}(}< _(*}(}= _(*}(}> _(*}(}? _(*}(}@ _(*}(}A _(*}(}C _(*}(}D _(*}(}E _(*}(}F _(*}(}G _(*}(}H _(*}(}I _(*}(}J _(*}(}K _(*}(}L _(*}(}N _(*}(}O _(*}(}P _(*}(}Q _(*}(}R _(*}(}S _(*}(}T _(*}(}U _(*}(}V _(*}(}W _(*}(}Y _(*}(}Z _(*}(}[ _(*}(}\ _(*}(}] _(*}(}^ _(*}(}_ _(*}(}` _(*}(}a _(*}(}b _(*}(}d _(*}(}e _(*}(}f _(*}(}  _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}(} _(*}-} _(*}(} _(*}(}  _(*}(}  _(*}(}  _(*}(}  _(*}}2 _(*3 ;_(    20% - Accent1M 20% - Accent1 ef % 20% - Accent2M" 20% - Accent2 ef % 20% - Accent3M& 20% - Accent3 ef % 20% - Accent4M* 20% - Accent4 ef % 20% - Accent5M. 20% - Accent5 ef % 20% - Accent6M2 20% - Accent6  ef % 40% - Accent1M 40% - Accent1 L % 40% - Accent2M# 40% - Accent2 L渷 % 40% - Accent3M' 40% - Accent3 L % 40% - Accent4M+ 40% - Accent4 L % 40% - Accent5M/ 40% - Accent5 L % 40% - Accent6M3 40% - Accent6  Lմ % 60% - Accent1M 60% - Accent1 23 % 60% - Accent2M$ 60% - Accent2 23ږ % 60% - Accent3M( 60% - Accent3 23כ % 60% - Accent4M, 60% - Accent4 23 % 60% - Accent5M0 60% - Accent5 23 %! 60% - Accent6M4 60% - Accent6  23 % "Accent1AAccent1 O % #Accent2A!Accent2 PM % $Accent3A%Accent3 Y % %Accent4A)Accent4 d % &Accent5A-Accent5 K % 'Accent6A1Accent6  F %( Accent6 2@ Accent6 2  F )Bad9Bad  % *Bad 28Bad 2  +Blue Background@Blue Background  ,Bold- Calculation Calculation  }% . Check Cell Check Cell  %????????? ???/ Comma0( Comma [0]1&Currency2. Currency [0]3Excel Built-in Normal 1PExcel Built-in Normal 1 4Explanatory TextG5Explanatory Text % 5Good;Good  a%6 Heading 1G Heading 1 I}%O7 Heading 2G Heading 2 I}%?8 Heading 3G Heading 3 I}%239 Heading 49 Heading 4 I}%: Hyperlink 2 ;InputuInput ̙ ??v% < Linked CellK Linked Cell }% =Mine >Mine 10 ?Mine 11 @Mine 12 AMine 13 BMine 14 CMine 15 DMine 16 EMine 17 FMine 18 GMine 19 HMine 2I Mine 2 10J Mine 2 11K Mine 2 12L Mine 2 13M Mine 2 14N Mine 2 15O Mine 2 16P Mine 2 17Q Mine 2 18R Mine 2 19 SMine 2 2T Mine 2 20U Mine 2 21V Mine 2 22W Mine 2 23X Mine 2 24Y Mine 2 25Z Mine 2 26[ Mine 2 27\ Mine 2 28] Mine 2 29 ^Mine 2 3_ Mine 2 30` Mine 2 31a Mine 2 32b Mine 2 33c Mine 2 34d Mine 2 35e Mine 2 36f Mine 2 37g Mine 2 38h Mine 2 39 iMine 2 4j Mine 2 40k Mine 2 41l Mine 2 42m Mine 2 43n Mine 2 44o Mine 2 45p Mine 2 46q Mine 2 47r Mine 2 48s Mine 2 49 tMine 2 5u Mine 2 50v Mine 2 51w Mine 2 52x Mine 2 53y Mine 2 54 zMine 2 6 {Mine 2 7 |Mine 2 8 }Mine 2 9 ~Mine 20 Mine 21 Mine 22 Mine 23 Mine 24 Mine 25 Mine 26 Mine 27 Mine 28 Mine 29 Mine 3 Mine 30 Mine 31 Mine 32 Mine 33 Mine 34 Mine 35 Mine 36 Mine 37 Mine 38 Mine 39 Mine 4 Mine 40 Mine 41 Mine 42 Mine 43 Mine 44 Mine 45 Mine 46 Mine 47 Mine 48 Mine 49 Mine 5 Mine 50 Mine 51 Mine 52 Mine 53 Mine 54 Mine 6 Mine 7 Mine 8 Mine 9 My Normal NeutralANeutral  e% Neutral 2@ Neutral 2  e3Normal % Normal 10 Normal 10 2 Normal 109 Normal 109 2 Normal 109 3 Normal 11 Normal 110 Normal 110 2 Normal 110 3 Normal 12 Normal 127 Normal 127 2 Normal 13 Normal 135 Normal 135 2 Normal 136 Normal 136 2 Normal 137 Normal 137 2 Normal 138 Normal 138 2 Normal 139 Normal 139 2 Normal 14 Normal 140 Normal 140 2 Normal 143 Normal 143 2 Normal 144 Normal 144 2 Normal 15 Normal 16 Normal 17 Normal 18 Normal 19 Normal 2 Normal 2 10 Normal 2 10 2 Normal 2 11 Normal 2 12 Normal 2 13 Normal 2 14 Normal 2 15 Normal 2 16 Normal 2 17 Normal 2 18Normal 2 18 10Normal 2 18 10 2Normal 2 18 10 3Normal 2 18 11Normal 2 18 11 2Normal 2 18 12Normal 2 18 12 2Normal 2 18 13Normal 2 18 13 2Normal 2 18 14Normal 2 18 14 2Normal 2 18 15Normal 2 18 15 2Normal 2 18 16Normal 2 18 16 2Normal 2 18 17Normal 2 18 17 2Normal 2 18 18Normal 2 18 18 2Normal 2 18 19Normal 2 18 19 2 Normal 2 18 2Normal 2 18 20Normal 2 18 20 2Normal 2 18 21Normal 2 18 21 2Normal 2 18 22Normal 2 18 22 2Normal 2 18 23Normal 2 18 23 2Normal 2 18 24Normal 2 18 25Normal 2 18 26Normal 2 18 27 Normal 2 18 3Normal 2 18 3 2Normal 2 18 3 3 Normal 2 18 4Normal 2 18 4 2Normal 2 18 4 3 Normal 2 18 5Normal 2 18 5 2Normal 2 18 5 3 Normal 2 18 6Normal 2 18 6 2Normal 2 18 6 3 Normal 2 18 7Normal 2 18 7 2 Normal 2 18 7 3  Normal 2 18 8 Normal 2 18 8 2 Normal 2 18 8 3  Normal 2 18 9Normal 2 18 9 2Normal 2 18 9 3 Normal 2 19Normal 2 19 10Normal 2 19 10 2Normal 2 19 10 3Normal 2 19 11Normal 2 19 11 2Normal 2 19 12Normal 2 19 12 2Normal 2 19 13Normal 2 19 13 2Normal 2 19 14Normal 2 19 14 2Normal 2 19 15Normal 2 19 15 2Normal 2 19 16Normal 2 19 16 2 Normal 2 19 17!Normal 2 19 17 2"Normal 2 19 18#Normal 2 19 18 2$Normal 2 19 19%Normal 2 19 19 2& Normal 2 19 2'Normal 2 19 20(Normal 2 19 20 2)Normal 2 19 21*Normal 2 19 21 2+Normal 2 19 22,Normal 2 19 22 2-Normal 2 19 23.Normal 2 19 23 2/Normal 2 19 240Normal 2 19 251Normal 2 19 262Normal 2 19 273 Normal 2 19 34Normal 2 19 3 25Normal 2 19 3 36 Normal 2 19 47Normal 2 19 4 28Normal 2 19 4 39 Normal 2 19 5:Normal 2 19 5 2;Normal 2 19 5 3< Normal 2 19 6=Normal 2 19 6 2>Normal 2 19 6 3? Normal 2 19 7@Normal 2 19 7 2ANormal 2 19 7 3B Normal 2 19 8CNormal 2 19 8 2DNormal 2 19 8 3E Normal 2 19 9FNormal 2 19 9 2GNormal 2 19 9 3H Normal 2 26 Normal 2 2 I Normal 2 2 10J Normal 2 2 11K Normal 2 2 12L Normal 2 2 13M Normal 2 2 14N Normal 2 2 15O Normal 2 2 16P Normal 2 2 17Q Normal 2 2 18R Normal 2 2 19S Normal 2 2 2TNormal 2 2 2 10UNormal 2 2 2 10 2VNormal 2 2 2 10 3WNormal 2 2 2 11XNormal 2 2 2 11 2YNormal 2 2 2 11 3ZNormal 2 2 2 12[Normal 2 2 2 12 2\Normal 2 2 2 12 3]Normal 2 2 2 13^Normal 2 2 2 13 2_Normal 2 2 2 13 3`Normal 2 2 2 14aNormal 2 2 2 14 2bNormal 2 2 2 14 3cNormal 2 2 2 15dNormal 2 2 2 15 2eNormal 2 2 2 16fNormal 2 2 2 16 2gNormal 2 2 2 17hNormal 2 2 2 17 2iNormal 2 2 2 18jNormal 2 2 2 18 2kNormal 2 2 2 19lNormal 2 2 2 2mNormal 2 2 2 20nNormal 2 2 2 21oNormal 2 2 2 22pNormal 2 2 2 23qNormal 2 2 2 24rNormal 2 2 2 25sNormal 2 2 2 26tNormal 2 2 2 27uNormal 2 2 2 28vNormal 2 2 2 29wNormal 2 2 2 3xNormal 2 2 2 3 2yNormal 2 2 2 3 3zNormal 2 2 2 3 4{Normal 2 2 2 3 5|Normal 2 2 2 3 6}Normal 2 2 2 30~Normal 2 2 2 30 2Normal 2 2 2 31Normal 2 2 2 31 2Normal 2 2 2 32Normal 2 2 2 32 2Normal 2 2 2 33Normal 2 2 2 33 2Normal 2 2 2 34Normal 2 2 2 34 2Normal 2 2 2 35Normal 2 2 2 35 2Normal 2 2 2 36Normal 2 2 2 36 2Normal 2 2 2 37Normal 2 2 2 37 2Normal 2 2 2 38Normal 2 2 2 39Normal 2 2 2 4Normal 2 2 2 40Normal 2 2 2 41Normal 2 2 2 42Normal 2 2 2 43Normal 2 2 2 44Normal 2 2 2 45Normal 2 2 2 46Normal 2 2 2 47Normal 2 2 2 48Normal 2 2 2 48 2Normal 2 2 2 49Normal 2 2 2 5Normal 2 2 2 5 2Normal 2 2 2 5 3Normal 2 2 2 5 4Normal 2 2 2 50@Normal 2 2 2 50 Normal 2 2 2 50 2DNormal 2 2 2 50 2 Normal 2 2 2 50 3DNormal 2 2 2 50 3 Normal 2 2 2 50 4DNormal 2 2 2 50 4 Normal 2 2 2 50 5DNormal 2 2 2 50 5 Normal 2 2 2 50 6DNormal 2 2 2 50 6 Normal 2 2 2 50 7DNormal 2 2 2 50 7 Normal 2 2 2 50 8DNormal 2 2 2 50 8 Normal 2 2 2 51@Normal 2 2 2 51 Normal 2 2 2 52@Normal 2 2 2 52 Normal 2 2 2 53@Normal 2 2 2 53 Normal 2 2 2 54Normal 2 2 2 55Normal 2 2 2 56Normal 2 2 2 57Normal 2 2 2 58Normal 2 2 2 59Normal 2 2 2 6Normal 2 2 2 60Normal 2 2 2 7Normal 2 2 2 7 2Normal 2 2 2 7 3Normal 2 2 2 8Normal 2 2 2 8 2Normal 2 2 2 8 3Normal 2 2 2 9Normal 2 2 2 9 2Normal 2 2 2 9 3 Normal 2 2 20 Normal 2 2 21 Normal 2 2 22 Normal 2 2 23 Normal 2 2 24 Normal 2 2 25Normal 2 2 25 10Normal 2 2 25 10 2Normal 2 2 25 10 3Normal 2 2 25 11Normal 2 2 25 11 2Normal 2 2 25 12Normal 2 2 25 12 2Normal 2 2 25 13Normal 2 2 25 13 2Normal 2 2 25 14Normal 2 2 25 14 2Normal 2 2 25 15Normal 2 2 25 15 2Normal 2 2 25 16Normal 2 2 25 16 2Normal 2 2 25 17Normal 2 2 25 17 2Normal 2 2 25 18Normal 2 2 25 18 2Normal 2 2 25 19Normal 2 2 25 19 2Normal 2 2 25 2Normal 2 2 25 20Normal 2 2 25 20 2Normal 2 2 25 21Normal 2 2 25 21 2Normal 2 2 25 22Normal 2 2 25 22 2Normal 2 2 25 23Normal 2 2 25 23 2Normal 2 2 25 24Normal 2 2 25 25Normal 2 2 25 3Normal 2 2 25 3 2Normal 2 2 25 3 3Normal 2 2 25 4Normal 2 2 25 4 2Normal 2 2 25 4 3Normal 2 2 25 5Normal 2 2 25 5 2Normal 2 2 25 5 3Normal 2 2 25 6Normal 2 2 25 6 2Normal 2 2 25 6 3Normal 2 2 25 7Normal 2 2 25 7 2Normal 2 2 25 7 3Normal 2 2 25 8Normal 2 2 25 8 2Normal 2 2 25 8 3Normal 2 2 25 9Normal 2 2 25 9 2Normal 2 2 25 9 3 Normal 2 2 26 Normal 2 2 27 Normal 2 2 28Normal 2 2 28 10Normal 2 2 28 10 2Normal 2 2 28 11Normal 2 2 28 11 2Normal 2 2 28 12Normal 2 2 28 12 2Normal 2 2 28 13Normal 2 2 28 13 2Normal 2 2 28 14Normal 2 2 28 14 2Normal 2 2 28 15Normal 2 2 28 15 2Normal 2 2 28 16Normal 2 2 28 16 2Normal 2 2 28 17Normal 2 2 28 17 2 Normal 2 2 28 18 Normal 2 2 28 18 2 Normal 2 2 28 19 Normal 2 2 28 19 2 Normal 2 2 28 2Normal 2 2 28 2 2Normal 2 2 28 2 3Normal 2 2 28 20Normal 2 2 28 20 2Normal 2 2 28 21Normal 2 2 28 21 2Normal 2 2 28 22Normal 2 2 28 22 2Normal 2 2 28 3Normal 2 2 28 3 2Normal 2 2 28 3 3Normal 2 2 28 4Normal 2 2 28 4 2Normal 2 2 28 4 3Normal 2 2 28 5Normal 2 2 28 5 2Normal 2 2 28 5 3Normal 2 2 28 6 Normal 2 2 28 6 2!Normal 2 2 28 6 3"Normal 2 2 28 7#Normal 2 2 28 7 2$Normal 2 2 28 7 3%Normal 2 2 28 8&Normal 2 2 28 8 2'Normal 2 2 28 8 3(Normal 2 2 28 9)Normal 2 2 28 9 2*Normal 2 2 28 9 3+ Normal 2 2 29< Normal 2 2 29 , Normal 2 2 3- Normal 2 2 30< Normal 2 2 30 . Normal 2 2 31< Normal 2 2 31 / Normal 2 2 32< Normal 2 2 32 0 Normal 2 2 33< Normal 2 2 33 1 Normal 2 2 34< Normal 2 2 34 2 Normal 2 2 35< Normal 2 2 35 3 Normal 2 2 36< Normal 2 2 36 4 Normal 2 2 37< Normal 2 2 37 5 Normal 2 2 38< Normal 2 2 38 6 Normal 2 2 39< Normal 2 2 39 7 Normal 2 2 48 Normal 2 2 40< Normal 2 2 40 9 Normal 2 2 41< Normal 2 2 41 : Normal 2 2 42< Normal 2 2 42 ; Normal 2 2 43< Normal 2 2 43 < Normal 2 2 44< Normal 2 2 44 = Normal 2 2 45< Normal 2 2 45 > Normal 2 2 46< Normal 2 2 46 ? Normal 2 2 47< Normal 2 2 47 @ Normal 2 2 48< Normal 2 2 48 A Normal 2 2 49< Normal 2 2 49 B Normal 2 2 5C Normal 2 2 50< Normal 2 2 50 D Normal 2 2 51< Normal 2 2 51 E Normal 2 2 52< Normal 2 2 52 F Normal 2 2 53< Normal 2 2 53 G Normal 2 2 54< Normal 2 2 54 H Normal 2 2 55< Normal 2 2 55 I Normal 2 2 56< Normal 2 2 56 J Normal 2 2 57< Normal 2 2 57 K Normal 2 2 58< Normal 2 2 58 L Normal 2 2 59< Normal 2 2 59 M Normal 2 2 6N Normal 2 2 60< Normal 2 2 60 O Normal 2 2 61< Normal 2 2 61 P Normal 2 2 62< Normal 2 2 62 Q Normal 2 2 63< Normal 2 2 63 R Normal 2 2 64< Normal 2 2 64 S Normal 2 2 65< Normal 2 2 65 T Normal 2 2 66< Normal 2 2 66 U Normal 2 2 67< Normal 2 2 67 V Normal 2 2 68< Normal 2 2 68 W Normal 2 2 69< Normal 2 2 69 X Normal 2 2 7Y Normal 2 2 70< Normal 2 2 70 Z Normal 2 2 71< Normal 2 2 71 [ Normal 2 2 72< Normal 2 2 72 \ Normal 2 2 73< Normal 2 2 73 ] Normal 2 2 74< Normal 2 2 74 ^ Normal 2 2 75< Normal 2 2 75 _ Normal 2 2 76< Normal 2 2 76 ` Normal 2 2 77< Normal 2 2 77 a Normal 2 2 78< Normal 2 2 78 b Normal 2 2 79< Normal 2 2 79 c Normal 2 2 8d Normal 2 2 80< Normal 2 2 80 e Normal 2 2 85< Normal 2 2 85 f Normal 2 2 86< Normal 2 2 86 g Normal 2 2 9h Normal 2 20iNormal 2 20 10jNormal 2 20 10 2kNormal 2 20 10 3lNormal 2 20 11mNormal 2 20 11 2nNormal 2 20 12oNormal 2 20 12 2pNormal 2 20 13qNormal 2 20 13 2rNormal 2 20 14sNormal 2 20 14 2tNormal 2 20 15uNormal 2 20 15 2vNormal 2 20 16wNormal 2 20 16 2xNormal 2 20 17yNormal 2 20 17 2zNormal 2 20 18{Normal 2 20 18 2|Normal 2 20 19}Normal 2 20 19 2~ Normal 2 20 2Normal 2 20 20Normal 2 20 20 2Normal 2 20 21Normal 2 20 21 2Normal 2 20 22Normal 2 20 22 2Normal 2 20 23Normal 2 20 23 2Normal 2 20 24Normal 2 20 25Normal 2 20 26Normal 2 20 27 Normal 2 20 3Normal 2 20 3 2Normal 2 20 3 3 Normal 2 20 4Normal 2 20 4 2Normal 2 20 4 3 Normal 2 20 5Normal 2 20 5 2Normal 2 20 5 3 Normal 2 20 6Normal 2 20 6 2Normal 2 20 6 3 Normal 2 20 7Normal 2 20 7 2Normal 2 20 7 3 Normal 2 20 8Normal 2 20 8 2Normal 2 20 8 3 Normal 2 20 9Normal 2 20 9 2Normal 2 20 9 3 Normal 2 21Normal 2 21 10Normal 2 21 10 2Normal 2 21 10 3Normal 2 21 11Normal 2 21 11 2Normal 2 21 12Normal 2 21 12 2Normal 2 21 13Normal 2 21 13 2Normal 2 21 14Normal 2 21 14 2Normal 2 21 15Normal 2 21 15 2Normal 2 21 16Normal 2 21 16 2Normal 2 21 17Normal 2 21 17 2Normal 2 21 18Normal 2 21 18 2Normal 2 21 19Normal 2 21 19 2 Normal 2 21 2Normal 2 21 20Normal 2 21 20 2Normal 2 21 21Normal 2 21 21 2Normal 2 21 22Normal 2 21 22 2Normal 2 21 23Normal 2 21 23 2Normal 2 21 24Normal 2 21 25Normal 2 21 26Normal 2 21 27 Normal 2 21 3Normal 2 21 3 2Normal 2 21 3 3 Normal 2 21 4Normal 2 21 4 2Normal 2 21 4 3 Normal 2 21 5Normal 2 21 5 2Normal 2 21 5 3 Normal 2 21 6Normal 2 21 6 2Normal 2 21 6 3 Normal 2 21 7Normal 2 21 7 2Normal 2 21 7 3 Normal 2 21 8Normal 2 21 8 2Normal 2 21 8 3 Normal 2 21 9Normal 2 21 9 2Normal 2 21 9 3 Normal 2 22Normal 2 22 10Normal 2 22 10 2Normal 2 22 10 3Normal 2 22 11Normal 2 22 11 2Normal 2 22 12Normal 2 22 12 2Normal 2 22 13Normal 2 22 13 2Normal 2 22 14Normal 2 22 14 2Normal 2 22 15Normal 2 22 15 2Normal 2 22 16Normal 2 22 16 2Normal 2 22 17Normal 2 22 17 2Normal 2 22 18Normal 2 22 18 2Normal 2 22 19Normal 2 22 19 2 Normal 2 22 2Normal 2 22 20Normal 2 22 20 2Normal 2 22 21Normal 2 22 21 2Normal 2 22 22Normal 2 22 22 2Normal 2 22 23Normal 2 22 23 2Normal 2 22 24Normal 2 22 25Normal 2 22 26Normal 2 22 27 Normal 2 22 3Normal 2 22 3 2Normal 2 22 3 3 Normal 2 22 4Normal 2 22 4 2Normal 2 22 4 3 Normal 2 22 5Normal 2 22 5 2Normal 2 22 5 3 Normal 2 22 6Normal 2 22 6 2Normal 2 22 6 3 Normal 2 22 7Normal 2 22 7 2 Normal 2 22 7 3  Normal 2 22 8 Normal 2 22 8 2 Normal 2 22 8 3  Normal 2 22 9Normal 2 22 9 2Normal 2 22 9 3 Normal 2 23Normal 2 23 10Normal 2 23 10 2Normal 2 23 10 3Normal 2 23 11Normal 2 23 11 2Normal 2 23 12Normal 2 23 12 2Normal 2 23 13Normal 2 23 13 2Normal 2 23 14Normal 2 23 14 2Normal 2 23 15Normal 2 23 15 2Normal 2 23 16Normal 2 23 16 2 Normal 2 23 17!Normal 2 23 17 2"Normal 2 23 18#Normal 2 23 18 2$Normal 2 23 19%Normal 2 23 19 2& Normal 2 23 2'Normal 2 23 20(Normal 2 23 20 2)Normal 2 23 21*Normal 2 23 21 2+Normal 2 23 22,Normal 2 23 22 2-Normal 2 23 23.Normal 2 23 23 2/Normal 2 23 240Normal 2 23 251Normal 2 23 262Normal 2 23 273 Normal 2 23 34Normal 2 23 3 25Normal 2 23 3 36 Normal 2 23 47Normal 2 23 4 28Normal 2 23 4 39 Normal 2 23 5:Normal 2 23 5 2;Normal 2 23 5 3< Normal 2 23 6=Normal 2 23 6 2>Normal 2 23 6 3? Normal 2 23 7@Normal 2 23 7 2ANormal 2 23 7 3B Normal 2 23 8CNormal 2 23 8 2DNormal 2 23 8 3E Normal 2 23 9FNormal 2 23 9 2GNormal 2 23 9 3H Normal 2 24INormal 2 24 10JNormal 2 24 10 2KNormal 2 24 10 3LNormal 2 24 11MNormal 2 24 11 2NNormal 2 24 12ONormal 2 24 12 2PNormal 2 24 13QNormal 2 24 13 2RNormal 2 24 14SNormal 2 24 14 2TNormal 2 24 15UNormal 2 24 15 2VNormal 2 24 16WNormal 2 24 16 2XNormal 2 24 17YNormal 2 24 17 2ZNormal 2 24 18[Normal 2 24 18 2\Normal 2 24 19]Normal 2 24 19 2^ Normal 2 24 2_Normal 2 24 20`Normal 2 24 20 2aNormal 2 24 21bNormal 2 24 21 2cNormal 2 24 22dNormal 2 24 22 2eNormal 2 24 23fNormal 2 24 23 2gNormal 2 24 24hNormal 2 24 25iNormal 2 24 26jNormal 2 24 27k Normal 2 24 3lNormal 2 24 3 2mNormal 2 24 3 3n Normal 2 24 4oNormal 2 24 4 2pNormal 2 24 4 3q Normal 2 24 5rNormal 2 24 5 2sNormal 2 24 5 3t Normal 2 24 6uNormal 2 24 6 2vNormal 2 24 6 3w Normal 2 24 7xNormal 2 24 7 2yNormal 2 24 7 3z Normal 2 24 8{Normal 2 24 8 2|Normal 2 24 8 3} Normal 2 24 9~Normal 2 24 9 2Normal 2 24 9 3 Normal 2 25Normal 2 25 10Normal 2 25 10 2Normal 2 25 10 3Normal 2 25 11Normal 2 25 11 2Normal 2 25 12Normal 2 25 12 2Normal 2 25 13Normal 2 25 13 2Normal 2 25 14Normal 2 25 14 2Normal 2 25 15Normal 2 25 15 2Normal 2 25 16Normal 2 25 16 2Normal 2 25 17Normal 2 25 17 2Normal 2 25 18Normal 2 25 18 2Normal 2 25 19Normal 2 25 19 2 Normal 2 25 2Normal 2 25 20Normal 2 25 20 2Normal 2 25 21Normal 2 25 21 2Normal 2 25 22Normal 2 25 22 2Normal 2 25 23Normal 2 25 23 2Normal 2 25 24Normal 2 25 25Normal 2 25 26Normal 2 25 27 Normal 2 25 3Normal 2 25 3 2Normal 2 25 3 3 Normal 2 25 4Normal 2 25 4 2Normal 2 25 4 3 Normal 2 25 5Normal 2 25 5 2Normal 2 25 5 3 Normal 2 25 6Normal 2 25 6 2Normal 2 25 6 3 Normal 2 25 7Normal 2 25 7 2Normal 2 25 7 3 Normal 2 25 8Normal 2 25 8 2Normal 2 25 8 3 Normal 2 25 9Normal 2 25 9 2Normal 2 25 9 3 Normal 2 26Normal 2 26 10Normal 2 26 10 2Normal 2 26 10 3Normal 2 26 11Normal 2 26 11 2Normal 2 26 12Normal 2 26 12 2Normal 2 26 13Normal 2 26 13 2Normal 2 26 14Normal 2 26 14 2Normal 2 26 15Normal 2 26 15 2Normal 2 26 16Normal 2 26 16 2Normal 2 26 17Normal 2 26 17 2Normal 2 26 18Normal 2 26 18 2Normal 2 26 19Normal 2 26 19 2 Normal 2 26 2Normal 2 26 20Normal 2 26 20 2Normal 2 26 21Normal 2 26 21 2Normal 2 26 22Normal 2 26 22 2Normal 2 26 23Normal 2 26 23 2Normal 2 26 24Normal 2 26 25Normal 2 26 26Normal 2 26 27 Normal 2 26 3Normal 2 26 3 2Normal 2 26 3 3 Normal 2 26 4Normal 2 26 4 2Normal 2 26 4 3 Normal 2 26 5Normal 2 26 5 2Normal 2 26 5 3 Normal 2 26 6Normal 2 26 6 2Normal 2 26 6 3 Normal 2 26 7Normal 2 26 7 2Normal 2 26 7 3 Normal 2 26 8Normal 2 26 8 2Normal 2 26 8 3 Normal 2 26 9Normal 2 26 9 2Normal 2 26 9 3 Normal 2 27Normal 2 27 10Normal 2 27 10 2Normal 2 27 10 3Normal 2 27 11Normal 2 27 11 2Normal 2 27 12Normal 2 27 12 2Normal 2 27 13Normal 2 27 13 2Normal 2 27 14Normal 2 27 14 2Normal 2 27 15Normal 2 27 15 2Normal 2 27 16Normal 2 27 16 2Normal 2 27 17Normal 2 27 17 2Normal 2 27 18Normal 2 27 18 2Normal 2 27 19Normal 2 27 19 2 Normal 2 27 2Normal 2 27 20Normal 2 27 20 2 Normal 2 27 21 Normal 2 27 21 2 Normal 2 27 22 Normal 2 27 22 2 Normal 2 27 23Normal 2 27 23 2Normal 2 27 24Normal 2 27 25Normal 2 27 26Normal 2 27 27 Normal 2 27 3Normal 2 27 3 2Normal 2 27 3 3 Normal 2 27 4Normal 2 27 4 2Normal 2 27 4 3 Normal 2 27 5Normal 2 27 5 2Normal 2 27 5 3 Normal 2 27 6Normal 2 27 6 2Normal 2 27 6 3 Normal 2 27 7 Normal 2 27 7 2!Normal 2 27 7 3" Normal 2 27 8#Normal 2 27 8 2$Normal 2 27 8 3% Normal 2 27 9&Normal 2 27 9 2'Normal 2 27 9 3( Normal 2 28)Normal 2 28 10*Normal 2 28 10 2+Normal 2 28 10 3,Normal 2 28 11-Normal 2 28 11 2.Normal 2 28 12/Normal 2 28 12 20Normal 2 28 131Normal 2 28 13 22Normal 2 28 143Normal 2 28 14 24Normal 2 28 155Normal 2 28 15 26Normal 2 28 167Normal 2 28 16 28Normal 2 28 179Normal 2 28 17 2:Normal 2 28 18;Normal 2 28 18 2<Normal 2 28 19=Normal 2 28 19 2> Normal 2 28 2?Normal 2 28 20@Normal 2 28 20 2ANormal 2 28 21BNormal 2 28 21 2CNormal 2 28 22DNormal 2 28 22 2ENormal 2 28 23FNormal 2 28 23 2GNormal 2 28 24HNormal 2 28 25INormal 2 28 26JNormal 2 28 27K Normal 2 28 3LNormal 2 28 3 2MNormal 2 28 3 3N Normal 2 28 4ONormal 2 28 4 2PNormal 2 28 4 3Q Normal 2 28 5RNormal 2 28 5 2SNormal 2 28 5 3T Normal 2 28 6UNormal 2 28 6 2VNormal 2 28 6 3W Normal 2 28 7XNormal 2 28 7 2YNormal 2 28 7 3Z Normal 2 28 8[Normal 2 28 8 2\Normal 2 28 8 3] Normal 2 28 9^Normal 2 28 9 2_Normal 2 28 9 3` Normal 2 29a Normal 2 3b Normal 2 30cNormal 2 30 10dNormal 2 30 10 2eNormal 2 30 10 3fNormal 2 30 11gNormal 2 30 11 2hNormal 2 30 12iNormal 2 30 12 2jNormal 2 30 13kNormal 2 30 13 2lNormal 2 30 14mNormal 2 30 14 2nNormal 2 30 15oNormal 2 30 15 2pNormal 2 30 16qNormal 2 30 16 2rNormal 2 30 17sNormal 2 30 17 2tNormal 2 30 18uNormal 2 30 18 2vNormal 2 30 19wNormal 2 30 19 2x Normal 2 30 2yNormal 2 30 20zNormal 2 30 20 2{Normal 2 30 21|Normal 2 30 21 2}Normal 2 30 22~Normal 2 30 22 2Normal 2 30 23Normal 2 30 23 2Normal 2 30 24Normal 2 30 25Normal 2 30 26Normal 2 30 27 Normal 2 30 3Normal 2 30 3 2Normal 2 30 3 3 Normal 2 30 4Normal 2 30 4 2Normal 2 30 4 3 Normal 2 30 5Normal 2 30 5 2Normal 2 30 5 3 Normal 2 30 6Normal 2 30 6 2Normal 2 30 6 3 Normal 2 30 7Normal 2 30 7 2Normal 2 30 7 3 Normal 2 30 8Normal 2 30 8 2Normal 2 30 8 3 Normal 2 30 9Normal 2 30 9 2Normal 2 30 9 3 Normal 2 31Normal 2 31 10Normal 2 31 10 2Normal 2 31 10 3Normal 2 31 11Normal 2 31 11 2Normal 2 31 12Normal 2 31 12 2Normal 2 31 13Normal 2 31 13 2Normal 2 31 14Normal 2 31 14 2Normal 2 31 15Normal 2 31 15 2Normal 2 31 16Normal 2 31 16 2Normal 2 31 17Normal 2 31 17 2Normal 2 31 18Normal 2 31 18 2Normal 2 31 19Normal 2 31 19 2 Normal 2 31 2Normal 2 31 20Normal 2 31 20 2Normal 2 31 21Normal 2 31 21 2Normal 2 31 22Normal 2 31 22 2Normal 2 31 23Normal 2 31 23 2Normal 2 31 24Normal 2 31 25Normal 2 31 26Normal 2 31 27 Normal 2 31 3Normal 2 31 3 2Normal 2 31 3 3 Normal 2 31 4Normal 2 31 4 2Normal 2 31 4 3 Normal 2 31 5Normal 2 31 5 2Normal 2 31 5 3 Normal 2 31 6Normal 2 31 6 2Normal 2 31 6 3 Normal 2 31 7Normal 2 31 7 2Normal 2 31 7 3 Normal 2 31 8Normal 2 31 8 2Normal 2 31 8 3 Normal 2 31 9Normal 2 31 9 2Normal 2 31 9 3 Normal 2 32Normal 2 32 10Normal 2 32 10 2Normal 2 32 10 3Normal 2 32 11Normal 2 32 11 2Normal 2 32 12Normal 2 32 12 2Normal 2 32 13Normal 2 32 13 2Normal 2 32 14Normal 2 32 14 2Normal 2 32 15Normal 2 32 15 2Normal 2 32 16Normal 2 32 16 2Normal 2 32 17Normal 2 32 17 2Normal 2 32 18Normal 2 32 18 2Normal 2 32 19Normal 2 32 19 2 Normal 2 32 2Normal 2 32 20Normal 2 32 20 2Normal 2 32 21Normal 2 32 21 2Normal 2 32 22Normal 2 32 22 2Normal 2 32 23Normal 2 32 23 2Normal 2 32 24Normal 2 32 25Normal 2 32 26Normal 2 32 27 Normal 2 32 3Normal 2 32 3 2Normal 2 32 3 3 Normal 2 32 4Normal 2 32 4 2Normal 2 32 4 3 Normal 2 32 5Normal 2 32 5 2Normal 2 32 5 3 Normal 2 32 6Normal 2 32 6 2Normal 2 32 6 3 Normal 2 32 7Normal 2 32 7 2Normal 2 32 7 3 Normal 2 32 8Normal 2 32 8 2Normal 2 32 8 3 Normal 2 32 9Normal 2 32 9 2 Normal 2 32 9 3  Normal 2 33 Normal 2 33 10 Normal 2 33 10 2 Normal 2 33 10 3Normal 2 33 11Normal 2 33 11 2Normal 2 33 12Normal 2 33 12 2Normal 2 33 13Normal 2 33 13 2Normal 2 33 14Normal 2 33 14 2Normal 2 33 15Normal 2 33 15 2Normal 2 33 16Normal 2 33 16 2Normal 2 33 17Normal 2 33 17 2Normal 2 33 18Normal 2 33 18 2Normal 2 33 19Normal 2 33 19 2  Normal 2 33 2!Normal 2 33 20"Normal 2 33 20 2#Normal 2 33 21$Normal 2 33 21 2%Normal 2 33 22&Normal 2 33 22 2'Normal 2 33 23(Normal 2 33 23 2)Normal 2 33 24*Normal 2 33 25+Normal 2 33 26,Normal 2 33 27- Normal 2 33 3.Normal 2 33 3 2/Normal 2 33 3 30 Normal 2 33 41Normal 2 33 4 22Normal 2 33 4 33 Normal 2 33 54Normal 2 33 5 25Normal 2 33 5 36 Normal 2 33 67Normal 2 33 6 28Normal 2 33 6 39 Normal 2 33 7:Normal 2 33 7 2;Normal 2 33 7 3< Normal 2 33 8=Normal 2 33 8 2>Normal 2 33 8 3? Normal 2 33 9@Normal 2 33 9 2ANormal 2 33 9 3B Normal 2 34CNormal 2 34 10DNormal 2 34 10 2ENormal 2 34 10 3FNormal 2 34 11GNormal 2 34 11 2HNormal 2 34 12INormal 2 34 12 2JNormal 2 34 13KNormal 2 34 13 2LNormal 2 34 14MNormal 2 34 14 2NNormal 2 34 15ONormal 2 34 15 2PNormal 2 34 16QNormal 2 34 16 2RNormal 2 34 17SNormal 2 34 17 2TNormal 2 34 18UNormal 2 34 18 2VNormal 2 34 19WNormal 2 34 19 2X Normal 2 34 2YNormal 2 34 20ZNormal 2 34 20 2[Normal 2 34 21\Normal 2 34 21 2]Normal 2 34 22^Normal 2 34 22 2_Normal 2 34 23`Normal 2 34 23 2aNormal 2 34 24bNormal 2 34 25cNormal 2 34 26dNormal 2 34 27e Normal 2 34 3fNormal 2 34 3 2gNormal 2 34 3 3h Normal 2 34 4iNormal 2 34 4 2jNormal 2 34 4 3k Normal 2 34 5lNormal 2 34 5 2mNormal 2 34 5 3n Normal 2 34 6oNormal 2 34 6 2pNormal 2 34 6 3q Normal 2 34 7rNormal 2 34 7 2sNormal 2 34 7 3t Normal 2 34 8uNormal 2 34 8 2vNormal 2 34 8 3w Normal 2 34 9xNormal 2 34 9 2yNormal 2 34 9 3z Normal 2 35{Normal 2 35 10|Normal 2 35 10 2}Normal 2 35 10 3~Normal 2 35 11Normal 2 35 11 2Normal 2 35 12Normal 2 35 12 2Normal 2 35 13Normal 2 35 13 2Normal 2 35 14Normal 2 35 14 2Normal 2 35 15Normal 2 35 15 2Normal 2 35 16Normal 2 35 16 2Normal 2 35 17Normal 2 35 17 2Normal 2 35 18Normal 2 35 18 2Normal 2 35 19Normal 2 35 19 2 Normal 2 35 2Normal 2 35 20Normal 2 35 20 2Normal 2 35 21Normal 2 35 21 2Normal 2 35 22Normal 2 35 22 2Normal 2 35 23Normal 2 35 23 2Normal 2 35 24Normal 2 35 25Normal 2 35 26Normal 2 35 27 Normal 2 35 3Normal 2 35 3 2Normal 2 35 3 3 Normal 2 35 4Normal 2 35 4 2Normal 2 35 4 3 Normal 2 35 5Normal 2 35 5 2Normal 2 35 5 3 Normal 2 35 6Normal 2 35 6 2Normal 2 35 6 3 Normal 2 35 7Normal 2 35 7 2Normal 2 35 7 3 Normal 2 35 8Normal 2 35 8 2Normal 2 35 8 3 Normal 2 35 9Normal 2 35 9 2Normal 2 35 9 3 Normal 2 36 Normal 2 36 2Normal 2 36 2 10Normal 2 36 2 10 2Normal 2 36 2 11Normal 2 36 2 11 2Normal 2 36 2 12Normal 2 36 2 12 2Normal 2 36 2 13Normal 2 36 2 13 2Normal 2 36 2 14Normal 2 36 2 14 2Normal 2 36 2 15Normal 2 36 2 15 2Normal 2 36 2 16Normal 2 36 2 16 2Normal 2 36 2 17Normal 2 36 2 17 2Normal 2 36 2 18Normal 2 36 2 18 2Normal 2 36 2 19Normal 2 36 2 19 2Normal 2 36 2 2Normal 2 36 2 2 2Normal 2 36 2 2 3Normal 2 36 2 20Normal 2 36 2 20 2Normal 2 36 2 21Normal 2 36 2 21 2Normal 2 36 2 22Normal 2 36 2 22 2Normal 2 36 2 23Normal 2 36 2 24Normal 2 36 2 3Normal 2 36 2 3 2Normal 2 36 2 3 3Normal 2 36 2 4Normal 2 36 2 4 2Normal 2 36 2 4 3Normal 2 36 2 5Normal 2 36 2 5 2Normal 2 36 2 5 3Normal 2 36 2 6Normal 2 36 2 6 2Normal 2 36 2 6 3Normal 2 36 2 7Normal 2 36 2 7 2Normal 2 36 2 7 3Normal 2 36 2 8Normal 2 36 2 8 2Normal 2 36 2 8 3Normal 2 36 2 9Normal 2 36 2 9 2Normal 2 36 2 9 3 Normal 2 36 3 Normal 2 36 4 Normal 2 36 5 Normal 2 36 6 Normal 2 37 Normal 2 37 2Normal 2 37 2 10Normal 2 37 2 10 2Normal 2 37 2 11Normal 2 37 2 11 2Normal 2 37 2 12Normal 2 37 2 12 2Normal 2 37 2 13Normal 2 37 2 13 2Normal 2 37 2 14Normal 2 37 2 14 2Normal 2 37 2 15Normal 2 37 2 15 2Normal 2 37 2 16Normal 2 37 2 16 2Normal 2 37 2 17Normal 2 37 2 17 2Normal 2 37 2 18Normal 2 37 2 18 2Normal 2 37 2 19Normal 2 37 2 19 2Normal 2 37 2 2Normal 2 37 2 2 2Normal 2 37 2 2 3Normal 2 37 2 20Normal 2 37 2 20 2Normal 2 37 2 21Normal 2 37 2 21 2 Normal 2 37 2 22 Normal 2 37 2 22 2 Normal 2 37 2 23 Normal 2 37 2 24 Normal 2 37 2 3Normal 2 37 2 3 2Normal 2 37 2 3 3Normal 2 37 2 4Normal 2 37 2 4 2Normal 2 37 2 4 3Normal 2 37 2 5Normal 2 37 2 5 2Normal 2 37 2 5 3Normal 2 37 2 6Normal 2 37 2 6 2Normal 2 37 2 6 3Normal 2 37 2 7Normal 2 37 2 7 2Normal 2 37 2 7 3Normal 2 37 2 8Normal 2 37 2 8 2Normal 2 37 2 8 3Normal 2 37 2 9 Normal 2 37 2 9 2!Normal 2 37 2 9 3" Normal 2 37 3# Normal 2 37 4$ Normal 2 37 5% Normal 2 37 6& Normal 2 38' Normal 2 38 2(Normal 2 38 2 10)Normal 2 38 2 10 2*Normal 2 38 2 11+Normal 2 38 2 11 2,Normal 2 38 2 12-Normal 2 38 2 12 2.Normal 2 38 2 13/Normal 2 38 2 13 20Normal 2 38 2 141Normal 2 38 2 14 22Normal 2 38 2 153Normal 2 38 2 15 24Normal 2 38 2 165Normal 2 38 2 16 26Normal 2 38 2 177Normal 2 38 2 17 28Normal 2 38 2 189Normal 2 38 2 18 2:Normal 2 38 2 19;Normal 2 38 2 19 2<Normal 2 38 2 2=Normal 2 38 2 2 2>Normal 2 38 2 2 3?Normal 2 38 2 20@Normal 2 38 2 20 2ANormal 2 38 2 21BNormal 2 38 2 21 2CNormal 2 38 2 22DNormal 2 38 2 22 2ENormal 2 38 2 23FNormal 2 38 2 24GNormal 2 38 2 3HNormal 2 38 2 3 2INormal 2 38 2 3 3JNormal 2 38 2 4KNormal 2 38 2 4 2LNormal 2 38 2 4 3MNormal 2 38 2 5NNormal 2 38 2 5 2ONormal 2 38 2 5 3PNormal 2 38 2 6QNormal 2 38 2 6 2RNormal 2 38 2 6 3SNormal 2 38 2 7TNormal 2 38 2 7 2UNormal 2 38 2 7 3VNormal 2 38 2 8WNormal 2 38 2 8 2XNormal 2 38 2 8 3YNormal 2 38 2 9ZNormal 2 38 2 9 2[Normal 2 38 2 9 3\ Normal 2 39] Normal 2 39 2^Normal 2 39 2 10_Normal 2 39 2 10 2`Normal 2 39 2 11aNormal 2 39 2 11 2bNormal 2 39 2 12cNormal 2 39 2 12 2dNormal 2 39 2 13eNormal 2 39 2 13 2fNormal 2 39 2 14gNormal 2 39 2 14 2hNormal 2 39 2 15iNormal 2 39 2 15 2jNormal 2 39 2 16kNormal 2 39 2 16 2lNormal 2 39 2 17mNormal 2 39 2 17 2nNormal 2 39 2 18oNormal 2 39 2 18 2pNormal 2 39 2 19qNormal 2 39 2 19 2rNormal 2 39 2 2sNormal 2 39 2 2 2tNormal 2 39 2 2 3uNormal 2 39 2 20vNormal 2 39 2 20 2wNormal 2 39 2 21xNormal 2 39 2 21 2yNormal 2 39 2 22zNormal 2 39 2 22 2{Normal 2 39 2 23|Normal 2 39 2 24}Normal 2 39 2 3~Normal 2 39 2 3 2Normal 2 39 2 3 3Normal 2 39 2 4Normal 2 39 2 4 2Normal 2 39 2 4 3Normal 2 39 2 5Normal 2 39 2 5 2Normal 2 39 2 5 3Normal 2 39 2 6Normal 2 39 2 6 2Normal 2 39 2 6 3Normal 2 39 2 7Normal 2 39 2 7 2Normal 2 39 2 7 3Normal 2 39 2 8Normal 2 39 2 8 2Normal 2 39 2 8 3Normal 2 39 2 9Normal 2 39 2 9 2Normal 2 39 2 9 3 Normal 2 4 Normal 2 40Normal 2 40 10Normal 2 40 10 2Normal 2 40 11Normal 2 40 11 2Normal 2 40 12Normal 2 40 12 2Normal 2 40 13Normal 2 40 13 2Normal 2 40 14Normal 2 40 14 2Normal 2 40 15Normal 2 40 15 2Normal 2 40 16Normal 2 40 16 2Normal 2 40 17Normal 2 40 17 2Normal 2 40 18Normal 2 40 18 2Normal 2 40 19Normal 2 40 19 2 Normal 2 40 2Normal 2 40 2 2Normal 2 40 2 3Normal 2 40 20Normal 2 40 20 2Normal 2 40 21Normal 2 40 21 2Normal 2 40 22Normal 2 40 22 2Normal 2 40 23Normal 2 40 24 Normal 2 40 3Normal 2 40 3 2Normal 2 40 3 3 Normal 2 40 4Normal 2 40 4 2Normal 2 40 4 3 Normal 2 40 5Normal 2 40 5 2Normal 2 40 5 3 Normal 2 40 6Normal 2 40 6 2Normal 2 40 6 3 Normal 2 40 7Normal 2 40 7 2Normal 2 40 7 3 Normal 2 40 8Normal 2 40 8 2Normal 2 40 8 3 Normal 2 40 9Normal 2 40 9 2Normal 2 40 9 3 Normal 2 41Normal 2 41 10Normal 2 41 10 2Normal 2 41 11Normal 2 41 11 2Normal 2 41 12Normal 2 41 12 2Normal 2 41 13Normal 2 41 13 2Normal 2 41 14Normal 2 41 14 2Normal 2 41 15Normal 2 41 15 2Normal 2 41 16Normal 2 41 16 2Normal 2 41 17Normal 2 41 17 2Normal 2 41 18Normal 2 41 18 2Normal 2 41 19Normal 2 41 19 2 Normal 2 41 2Normal 2 41 2 2Normal 2 41 2 3Normal 2 41 20Normal 2 41 20 2Normal 2 41 21Normal 2 41 21 2Normal 2 41 22Normal 2 41 22 2 Normal 2 41 3Normal 2 41 3 2Normal 2 41 3 3 Normal 2 41 4Normal 2 41 4 2Normal 2 41 4 3 Normal 2 41 5Normal 2 41 5 2Normal 2 41 5 3 Normal 2 41 6Normal 2 41 6 2Normal 2 41 6 3 Normal 2 41 7Normal 2 41 7 2Normal 2 41 7 3 Normal 2 41 8Normal 2 41 8 2Normal 2 41 8 3 Normal 2 41 9Normal 2 41 9 2Normal 2 41 9 3 Normal 2 42 Normal 2 43 Normal 2 44 Normal 2 45 Normal 2 46 Normal 2 47 Normal 2 48 Normal 2 49 Normal 2 5 Normal 2 50 Normal 2 51 Normal 2 52 Normal 2 6 Normal 2 7  Normal 2 8  Normal 2 808 Normal 2 80   Normal 2 9  Normal 20  Normal 21 Normal 22 Normal 23 Normal 24 Normal 25 Normal 26 Normal 27 Normal 28 Normal 29 Normal 3 Normal 3 10 Normal 3 11 Normal 3 12 Normal 3 13 Normal 3 14 Normal 3 15 Normal 3 16 Normal 3 17 Normal 3 18  Normal 3 19! Normal 3 2" Normal 3 20# Normal 3 21$ Normal 3 22% Normal 3 23& Normal 3 24' Normal 3 25( Normal 3 26) Normal 3 27* Normal 3 28+ Normal 3 29, Normal 3 3- Normal 3 30. Normal 3 4/ Normal 3 50 Normal 3 61 Normal 3 72 Normal 3 83 Normal 3 94 Normal 305 Normal 316 Normal 327 Normal 338 Normal 349 Normal 35: Normal 36; Normal 37< Normal 38= Normal 39 >Normal 4? Normal 40@ Normal 41A Normal 42B Normal 43C Normal 44D Normal 45E Normal 46F Normal 47G Normal 48H Normal 49 INormal 5J Normal 50K Normal 51L Normal 52M Normal 53N Normal 54O Normal 55P Normal 56Q Normal 57R Normal 58S Normal 59 TNormal 6U Normal 6 2V Normal 6 2 10WNormal 6 2 10 2XNormal 6 2 10 3Y Normal 6 2 11ZNormal 6 2 11 2[ Normal 6 2 12\Normal 6 2 12 2] Normal 6 2 13^Normal 6 2 13 2_ Normal 6 2 14`Normal 6 2 14 2a Normal 6 2 15bNormal 6 2 15 2c Normal 6 2 16dNormal 6 2 16 2e Normal 6 2 17fNormal 6 2 17 2g Normal 6 2 18hNormal 6 2 18 2i Normal 6 2 19jNormal 6 2 19 2k Normal 6 2 2l Normal 6 2 20mNormal 6 2 20 2n Normal 6 2 21oNormal 6 2 21 2p Normal 6 2 22qNormal 6 2 22 2r Normal 6 2 23sNormal 6 2 23 2t Normal 6 2 24u Normal 6 2 25v Normal 6 2 26w Normal 6 2 27x Normal 6 2 3yNormal 6 2 3 2zNormal 6 2 3 3{ Normal 6 2 4|Normal 6 2 4 2}Normal 6 2 4 3~ Normal 6 2 5Normal 6 2 5 2Normal 6 2 5 3 Normal 6 2 6Normal 6 2 6 2Normal 6 2 6 3 Normal 6 2 7Normal 6 2 7 2Normal 6 2 7 3 Normal 6 2 8Normal 6 2 8 2Normal 6 2 8 3 Normal 6 2 9Normal 6 2 9 2Normal 6 2 9 3 Normal 6 3 Normal 60 Normal 61 Normal 62 Normal 63 Normal 64 Normal 65 Normal 66 Normal 67 Normal 68 Normal 69 Normal 7 108 Normal 7 10  Normal 7 118 Normal 7 11  Normal 7 128 Normal 7 12  Normal 7 138 Normal 7 13  Normal 7 148 Normal 7 14  Normal 7 158 Normal 7 15  Normal 7 168 Normal 7 16  Normal 7 178 Normal 7 17  Normal 7 188 Normal 7 18  Normal 7 198 Normal 7 19  Normal 7 2 Normal 7 2 10 Normal 7 2 11 Normal 7 2 12 Normal 7 2 13 Normal 7 2 14 Normal 7 2 15 Normal 7 2 16 Normal 7 2 17 Normal 7 2 18 Normal 7 2 19 Normal 7 2 2Normal 7 2 2 2Normal 7 2 2 3Normal 7 2 2 4Normal 7 2 2 5Normal 7 2 2 6 Normal 7 2 20 Normal 7 2 21 Normal 7 2 22 Normal 7 2 23 Normal 7 2 24 Normal 7 2 25 Normal 7 2 26 Normal 7 2 27 Normal 7 2 28 Normal 7 2 29 Normal 7 2 3 Normal 7 2 30 Normal 7 2 31 Normal 7 2 32 Normal 7 2 33 Normal 7 2 34 Normal 7 2 35 Normal 7 2 36 Normal 7 2 37 Normal 7 2 38 Normal 7 2 39 Normal 7 2 4 Normal 7 2 40 Normal 7 2 41 Normal 7 2 42 Normal 7 2 43 Normal 7 2 44 Normal 7 2 45 Normal 7 2 46 Normal 7 2 47 Normal 7 2 48< Normal 7 2 48 Normal 7 2 48 2@Normal 7 2 48 2 Normal 7 2 48 3@Normal 7 2 48 3 Normal 7 2 48 4@Normal 7 2 48 4 Normal 7 2 48 5@Normal 7 2 48 5 Normal 7 2 48 6@Normal 7 2 48 6 Normal 7 2 48 7@Normal 7 2 48 7 Normal 7 2 48 8@Normal 7 2 48 8  Normal 7 2 49< Normal 7 2 49  Normal 7 2 5 Normal 7 2 50< Normal 7 2 50  Normal 7 2 51< Normal 7 2 51  Normal 7 2 52 Normal 7 2 53 Normal 7 2 54 Normal 7 2 55 Normal 7 2 56 Normal 7 2 57 Normal 7 2 6 Normal 7 2 7 Normal 7 2 8 Normal 7 2 9 Normal 7 208 Normal 7 20  Normal 7 218 Normal 7 21  Normal 7 228 Normal 7 22  Normal 7 238 Normal 7 23  Normal 7 248 Normal 7 24  Normal 7 258 Normal 7 25  Normal 7 268 Normal 7 26  Normal 7 278 Normal 7 27  Normal 7 288 Normal 7 28  Normal 7 298 Normal 7 29  Normal 7 3 Normal 7 308 Normal 7 30  Normal 7 318 Normal 7 31  Normal 7 328 Normal 7 32  Normal 7 338 Normal 7 33  Normal 7 348 Normal 7 34  Normal 7 358 Normal 7 35  Normal 7 368 Normal 7 36  Normal 7 378 Normal 7 37  Normal 7 388 Normal 7 38  Normal 7 398 Normal 7 39  Normal 7 4 Normal 7 408 Normal 7 40  Normal 7 418 Normal 7 41  Normal 7 428 Normal 7 42  Normal 7 438 Normal 7 43  Normal 7 448 Normal 7 44  Normal 7 458 Normal 7 45  Normal 7 468 Normal 7 46  Normal 7 478 Normal 7 47  Normal 7 488 Normal 7 48  Normal 7 498 Normal 7 49  Normal 7 5; Normal 7 5 % Normal 7 508 Normal 7 50   Normal 7 51  Normal 7 66 Normal 7 6   Normal 7 76 Normal 7 7   Normal 7 86 Normal 7 8   Normal 7 96 Normal 7 9  Normal 70 Normal 71 Normal 72 Normal 73 Normal 74 Normal 75 Normal 76 Normal 76 2 Normal 77 Normal 78 Normal 78 2 Normal 79 Normal 8 Normal 80 Normal 81 Normal 82 Normal 83 Normal 84  Normal 85! Normal 86" Normal 87# Normal 88$ Normal 89 %Normal 9& Normal 9 2' Normal 9 3( Normal 9 4) Normal 90* Normal 91( Normal 91+ Normal 92, Normal 93- Normal 94. Normal 95/ Normal 960 Normal 97 1Noteb Note   2Note 2fNote 2   3OutputwOutput  ???%????????? ???4$Percent 5Style 1 6Title1Title I}% 7TotalMTotal %OO8 Warning Text? Warning Text %XTableStyleMedium2PivotStyleLight16`  ie8cce-COMBINED-5.xlsaix5.3 hpux11.23ie7ie8 office2k7 office2010rhel4rhel5solaris8solaris9 solaris10weblogicserver11gwin2kwinxpwin2k3vistawin2k8win7win2k8r2YYYYYYYYYY Y Y Y Y YYYYYb:B1\:G4b1:8 Last modified: 2010-09-25Version: 5.20100926CCE IDCCE DescriptionCCE ParametersCCE Technical Mechanisms Old v4 CCE IDMicrosoft Security Compliance Management Toolkit for Internet Explorer 8, Version 1.0: "Internet Explorer 8 Security Baseline.xml"HMicrosoft Security Compliance Manager (SCM) Baselines and Settings Packs1USGCB Beta 2010-08-31 XCCDF (USGCB-ie8_xccdf.xml)/USGCB Beta 2010-08-31 OVAL (USGCB-ie8_oval.xml) CCE-10002-4The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Internet Zone.enabled/disabled/promptJ(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow cut, copy or paste operations from the clipboard via script (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1407CCE-49Setting Index #32: This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in the security zone. Microsoft Tool: Security Compliance Manager (SCM) Microsoft Baseline: Internet Explorer 8 SCM URL: http://go.microsoft.com/fwlink/?LinkId=113940 CCE-10004-0The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.enabled/disabledh(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Only allow approved domains to use ActiveX controls without prompt (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4\120bSetting Index #20: This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on Web sites other than the Web site that installed the ActiveX control. CCE-10033-9wThe "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Internet Zone.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow drag and drop or copy and paste files (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1802CCE-685Setting Index #33: This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone. CCE-10037-0kThe "Security Zones: Do not allow users to change policies" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Zones: Do not allow users to change policies (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_options_editCCE-833Setting Index #91: If you enable this policy setting, you disable the Custom Level button and Security level for this zone slider on the Security tab in the Internet Options dialog box. CCE-10052-9wThe "Allow software to run or install even if the signature is invalid" machine setting should be configured correctly.6(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow software to run or install even if the signature is invalid (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Download\RunInvalidSignaturesCCE-449TSetting Index #83: Allow software to run or install even if the signature is invalid CCE-10065-1sThe "Use SmartScreen Filter" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.9(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2\2301zSetting Index #22: This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-10074-3]The "Check for server certificate revocation" machine setting should be configured correctly.+(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Check for server certificate revocation (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocationCCE-690Setting Index #24: This policy setting allows you to manage whether Internet Explorer will check revocation status of servers' certificates. CCE-10083-4mThe "Scripting of Java applets" machine setting should be configured correctly for the Restricted Sites Zone.*(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Scripting of Java applets (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1402CCE-1000tSetting Index #77: This policy setting allows you to manage whether applets are exposed to scripts within the zone. CCE-10094-1fThe "Use Pop-up Blocker" machine setting should be configured correctly for the Restricted Sites Zone.#(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Use Pop-up Blocker (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1809CCE-660dSetting Index #79: This policy setting allows you to manage whether unwanted pop-up windows appear. CCE-10096-6_The "Security Zones: Use only machine settings" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Zones: Use only machine settings (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_onlyCCE-5bSetting Index #92: This policy setting affects how security zone changes apply to different users. CCE-10107-1{The "Open files based on content, not file extension" machine setting should be configured correctly for the Internet Zone.8(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Open files based on content, not file extension (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2100CCE-910Setting Index #46: This policy setting allows you to manage MIME sniffing for file promotion from one type to another based on a MIME sniff. A MIME sniff is the recognition by Internet Explorer of the file type based on a bit signature. CCE-10138-6kThe "Consistent Mime Handling: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\Internet Explorer ProcessesCCE-382Setting Index #7: When set to Enabled, Internet Explorer examines each received file for a consistent MIME type. When set to Disabled or Not configured, Internet Explorer does not require consistent MIME data from each file. CCE-10145-1vThe "Use SmartScreen Filter" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.<(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4\2301zSetting Index #21: Th< is policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-10163-4nThe "Use SmartScreen Filter" machine setting should be configured correctly for the Locked-Down Intranet Zone.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1\2301zSetting Index #18: This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-10182-4\The "Java permissions" machine setting should be configured correctly for the Internet Zone.8Custom/Disable Java/High safety/Low safety/Medium safety(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Java permissions (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1C00CCE-132ZSetting Index #42: This policy setting allows you to manage permissions for Java applets. CCE-10211-1gThe "Use SmartScreen Filter" machine setting should be configured correctly for the Local Machine Zone.$(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2301zSetting Index #15: This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-10235-0eThe "Do not allow users to enable or disable add-ons" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Do not allow users to enable or disable add-ons (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoExtensionManagementCCE-708Setting Index #84: This policy setting allows you to manage whether users have the ability to allow or deny add-ons through Add-On Manager. CCE-10253-3ZThe "Prevent "Fix settings" functionality" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\\Prevent "Fix settings" functionality (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Security\DisableFixSecuritySettingsCCE-948Setting Index #51: This policy setting prevents users from performing the "Fix settings" functionality related to the Security Settings Check in Internet Explorer. CCE-10265-7sThe "MK Protocol Security Restriction: Internet Explorer Processes" machine setting should be configured correctly.;(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Internet Explorer Processes (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\(Reserved)CCE-591 Setting Index #9: When this setting is configured to Enabled, the MK protocol is blocked for Windows Explorer and Internet Explorer, which causes resources that use it to fail. When this setting is configured to Disabled, other applications can use the MK protocol API. CCE-10277-2The "Open files based on content, not file extension" machine setting should be configured correctly for the Restricted Sites Zone.@(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Open files based on content, not file extension (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2100CCE-409Setting Index #72: This policy setting allows you to manage MIME sniffing for file promotion from one type to another based on a MIME sniff. CCE-10291-3The "Turn on the auto-complete feature for user names and passwords on forms" current user setting should be configured correctly.(1) GPO: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on the auto-complete feature for user names and passwords on forms (2) Registry Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FormSuggest PasswordsCCE-721Setting Index #96: This policy setting controls automatic completion of user names and passwords in forms on Web pages, and prevents user prompts to save passwords. CCE-10347-3The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Restricted Sites Zone.J(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Initialize and script ActiveX controls not marked as safe (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1201CCE-26aSetting Index #67: This policy setting allows you to manage ActiveX controls not marked as safe. CCE-10360-6The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Restricted Sites Zone.>(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Launching applications and files in an IFRAME (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1804CCE-339Setting Index #69: This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. CCE-10380-4nThe "Access data sources across domains" machine setting should be configured correctly for the Internet Zone.+(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Access data sources across domains (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406CCE-47Setting Index #31: This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). CCE-10387-9SThe "Disable "Configuring History"" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Disable "Configuring History" (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History\DaysToKeepCCE-66Setting Index #25: This setting specifies the number of days that Internet Explorer keeps track of the pages viewed in the History List. CCE-10388-7YThe "Disable AutoComplete for forms" current user setting should be configured correctly.(1) GPO: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable AutoComplete for forms (2) Registry Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\FormSuggestCCE-478eSetting Index #2: This policy setting controls automatic completion of fields in forms on Web pages. CCE-10389-5rThe "Automatic prompting for file downloads" machine setting should be configured correctly for the Internet Zone./(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Automatic prompting for file downloads (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2200CCE-16xSetting Index #38: This policy setting determines whether users will be prompted for non user-initiated fi< le downloads. CCE-10393-7jThe "Allow active scripting" machine setting should be configured correctly for the Restricted Sites Zone.'(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow active scripting (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1400CCE-292kSetting Index #54: This policy setting allows you to manage whether script code on pages in the zone is run CCE-10394-5lThe "Security Zones: Do not allow users to add/delete sites" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Zones: Do not allow users to add/delete sites (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_zones_map_editCCE-146iSetting Index #90: Enable this policy setting to disable the site management settings for security zones. CCE-10396-0OThe "Disable the Advanced page" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Advanced Page (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\AdvancedTabCCE-810Setting Index #29: This policy setting works in conjunction with other settings to ensure that users cannot change the settings that are configured in the Advanced tab of Internet Explorer. CCE-10403-4`The "Allow font downloads" machine setting should be configured correctly for the Internet Zone.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow font downloads (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1604CCE-491nSetting Index #34: This policy setting allows you to manage whether pages of the zone may download HTML fonts. CCE-10405-9kThe "Restrict ActiveX Install: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\Internet Explorer ProcessesCCE-119Setting Index #10: This policy setting provides the ability to block ActiveX control installation prompts for Internet Explorer processes. CCE-10415-8cThe "Disable Save this program to disk option" current user setting should be configured correctly.(1) GPO: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Disable Save this program to disk option (2) Registry Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoSelectDownloadDirCCE-412Setting Index #5: This policy setting prevents users from saving a program or file that Internet Explorer has downloaded to the hard disk. CCE-10431-5wThe "Allow status bar updates via script" machine setting should be configured correctly for the Restricted Sites Zone.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow status bar updates via script (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2103CCE-129Setting Index #63: This policy setting allows you to manage whether script is allowed to update the status bar within the zone. CCE-10433-1nThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Internet Zone.+(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Download unsigned ActiveX controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1004CCE-176Setting Index #40: This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. CCE-10436-4YThe "Prevent ignoring certificate errors" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Prevent ignoring certificate errors (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\PreventIgnoreCertErrorsCCE-938Setting Index #52: When a user experiences Secure Socket Layer/Transport Layer Security (SSL/TLS) certificate errors such as "expired," "revoked," or "name mismatch," Internet Explorer blocks the user's ability to continue browsing the Web site. CCE-10461-2vThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Restricted Sites Zone.3(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Download unsigned ActiveX controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1004CCE-1012Setting Index #66: This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. CCE-10464-6UThe "Disable changing proxy settings" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing proxy settings (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\ProxyCCE-62WSetting Index #28: This policy setting removes users' ability to change proxy settings. CCE-10466-1hThe "Allow file downloads" machine setting should be configured correctly for the Restricted Sites Zone.%(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow file downloads (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1803CCE-970pSetting Index #58: This policy setting allows you to manage whether file downloads are permitted from the zone. CCE-10470-3tThe "Download signed ActiveX controls" machine setting should be configured correctly for the Restricted Sites Zone.1(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Download signed ActiveX controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1001CCE-52Setting Index #65: This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone. CCE-10472-9YThe "Logon options" machine setting should be configured correctly for the Internet Zone.Anonymous logon/Automatic logon only in Intranet zone/Automatic logon with current username and password/Prompt for user name and password(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Logon options (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00CCE-720WSetting Index #44: This policy setting allows you to manage settings for logon options. CCE-10475-2wThe "Allow installation of desktop items" machine setting should be configured correctly for the Restricted Sites Zone.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow installation of desktop items (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1800CCE-763{Setting Index #60: This policy setting allows you< to manage whether users can install Active Desktop items from this zone. CCE-10486-9^The "Use Pop-up Blocker" machine setting should be configured correctly for the Internet Zone.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Use Pop-up Blocker (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1809CCE-1002Setting Index #48: This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. CCE-10503-1`The "Disable changing certificate settings" current user setting should be configured correctly.(1) GPO: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing certificate settings (2) Registry Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\CertificatesCCE-1037tSetting Index #3: This policy setting removes a user's ability to change certificate settings in Internet Explorer. CCE-10525-4vThe "Access data sources across domains" machine setting should be configured correctly for the Restricted Sites Zone.3(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Access data sources across domains (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406CCE-636Setting Index #53: This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). CCE-10539-5The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Restricted Sites Zone.R(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow cut, copy or paste operations from the clipboard via script (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1407CCE-1031Setting Index #56: This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in the security zone. CCE-10547-8uThe "Allow binary and script behaviors" machine setting should be configured correctly for the Restricted Sites Zone.'enabled/disabled/Administrator approved2(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow binary and script behaviors (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2000CCE-178`Setting Index #55: This policy setting allows you to manage dynamic binary and script behaviors. CCE-10550-2OThe "Disable the Security page" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Security Page (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\SecurityTabCCE-595eSetting Index #30: This policy setting removes the Security tab from the Internet Options dialog box. CCE-10554-4The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Restricted Sites Zone.B(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Script ActiveX controls marked safe for scripting (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1405CCE-973[Setting Index #76: Restricted Sites Zone: Script ActiveX controls marked safe for scripting CCE-10561-9The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Internet Zone.B(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Initialize and script ActiveX controls not marked as safe (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1201CCE-586aSetting Index #41: This policy setting allows you to manage ActiveX controls not marked as safe. CCE-10574-2qThe "Protection From Zone Elevation: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\Internet Explorer ProcessesCCE-347Setting Index #13: This setting controls the Internet Explorer restrictions on each Web page that it opens. These restrictions depend on the location of the Web page (such as Internet zone, Intranet zone, or Local Machine zone). CCE-10578-3iThe "Restrict File Download: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\Internet Explorer ProcessesCCE-668Setting Index #11: When set to Enabled, file download prompts that are not user-initiated are blocked for Internet Explorer processes. When set to Disabled, file download prompts will occur that are not user-initiated for Internet Explorer processes. CCE-10581-7gThe "Automatically check for Internet Explorer updates" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Automatically check for Internet Explorer updates (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\NoUpdateCheckCCE-1008~Setting Index #23: This policy setting allows you to manage whether Internet Explorer checks the Internet for newer versions. CCE-10594-0NThe "Turn off Crash Detection" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Crash Detection (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoCrashDetectionCCE-753Setting Index #94: This policy setting allows you to manage the crash detection feature of add-on management in Internet Explorer. CCE-10604-7xThe "Scripted Window Security Restrictions: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\Internet Explorer ProcessesCCE-827Setting Index #12: When set to Enabled, pop-up windows will not display in Windows Explorer or for Internet Explorer processes. When set to Disabled or Do not configure, scripts can create pop-up windows and windows that can hide other windows. CCE-10605-4ZThe "Disable changing connection settings" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing connection settings (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\Connection SettingsCCE-611ZSetting Index #27: This policy setting removes users' ability to change dial-up settings. CCE-10607-0bThe "Turn off the Security Settings Check feature" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the Security Settings Check feature (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Security\DisableSe< curitySettingsCheckCCE-1054Setting Index #82: This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Explorer at risk. CCE-10609-6The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Restricted Sites Zone.[(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2101CCE-698Setting Index #80: This policy setting allows you to manage whether Web sites from less privileged zones can navigate into this zone. CCE-10620-3dThe "Java permissions" machine setting should be configured correctly for the Restricted Sites Zone.!(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Java permissions (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1C00CCE-1088YSetting Index #68: This policy setting allows you to manage permissions for Java applets. CCE-10622-9The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Internet Zone.S(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Web sites in less privileged Web content zones can navigate into this zone (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2101CCE-724Setting Index #49: This policy setting allows you to manage whether Web sites from less privileged zones can navigate into this zone. CCE-10635-1oThe "Mime Sniffing Safety Feature: Internet Explorer Processes" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\Internet Explorer ProcessesCCE-985Setting Index #8: When set to Enabled, MIME sniffing will not promote a file of one type to a more dangerous file type. When set to Disabled, MIME sniffing configures Internet Explorer processes to allow the promotion of a file to a more dangerous file type. CCE-10638-5gThe "Disable changing Automatic Configuration settings" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Automatic Configuration settings (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\AutoconfigCCE-471mSetting Index #26: This policy setting removes a user's ability to change automatically configured settings. CCE-10642-7The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Restricted Sites Zone.E(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Navigate windows and frames across different domains (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1607CCE-995Setting Index #71: This policy setting allows you to manage the opening of sub-frames and access of applications across different domains. CCE-10651-8aThe "Logon options" machine setting should be configured correctly for the Restricted Sites Zone.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Logon options (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1A00CCE-128WSetting Index #70: This policy setting allows you to manage settings for logon options. CCE-10664-1fThe "Allow META REFRESH" machine setting should be configured correctly for the Restricted Sites Zone.#(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow META REFRESH (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1608CCE-680Setting Index #61: This policy setting allows you to manage whether a user's browser can be redirected to another Web page if the author of the Web page uses the Meta Refresh setting to redirect browsers to another Web page. CCE-9230-4The "Only use the ActiveX Installer Service for installation of ActiveX Controls" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Only use the ActiveX Installer Service for installation of ActiveX Controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AxInstaller\OnlyUseAXISForActiveXInstall`Setting Index #85: This policy setting allows you to specify how ActiveX controls are installed. CCE-9233-8cThe "Prevent Bypassing SmartScreen Filter Warnings" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent Bypassing SmartScreen Filter Warnings (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\PreventOverrideSetting Index #86: The SmartScreen Filter prevents users from navigating to and downloading from sites known to host malicious content, including Phishing or malicious software attacks. CCE-9238-7NThe "Prevent Deleting Cookies" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Cookies (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Privacy\CleanCookiesVSetting Index #87: This policy setting is used to prevent users from deleting cookies. CCE-9489-6nThe "Use SmartScreen Filter" machine setting should be configured correctly for the Locked-Down Internet Zone.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\2301zSetting Index #17: This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-9504-2gThe "Disable Per-User Installation of ActiveX Controls" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Per-User Installation of ActiveX Controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Security\ActiveX\BlockNonAdminActiveXInstalljSetting Index #4: This policy setting allows you to disable the per-user installation of ActiveX controls. CCE-9580-2TThe "Turn off ActiveX opt-in prompt" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off ActiveX opt-in prompt (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\NoFirsttimepromptXSetting Index #93: This policy setting allows you to turn off the ActiveX opt-in prompt. CCE-9599-2The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Locked-Down Internet Zone.`(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Contro< l Panel\Security Page\Locked-Down Internet Zone\Only allow approved domains to use ActiveX controls without prompt (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\120bSetting Index #16: This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on Web sites other than the Web site that installed the ActiveX control. CCE-9652-9QThe "Turn off Encryption Support" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn off Encryption Support (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocolsSetting Index #95: This policy setting allows you to turn off support for Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, Secure Sockets Layer (SSL) 2.0 or SSL 3.0 in the browser. CCE-9660-2fThe "Intranet Sites: Include all network paths (UNCs)" machine setting should be configured correctly.4(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all network paths (UNCs) (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranetCCE-876Setting Index #50: This policy setting controls whether URLs representing UNCs are mapped into the local Intranet security zone. CCE-9667-7The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Restricted Sites Zone.<(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow drag and drop or copy and paste files (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1802CCE-41Setting Index #57: This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone. CCE-9669-3pThe "Software channel permissions" machine setting should be configured correctly for the Restricted Sites Zone.$Low safety/Medium safety/High safety-(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Software channel permissions (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1E05CCE-520YSetting Index #78: This policy setting allows you to manage software channel permissions. CCE-9673-5The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Restricted Sites Zone.O(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run .NET Framework-reliant components signed with Authenticode (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2001CCE-563Setting Index #74: This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. CCE-9750-1oThe "Allow status bar updates via script" machine setting should be configured correctly for the Internet Zone.,(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow status bar updates via script (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103CCE-914Setting Index #37: This policy setting allows you to manage whether script is allowed to update the status bar within the zone. CCE-9775-8fThe "Turn off "Delete Browsing History" functionality" machine setting should be configured correctly.&(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Turn off "Delete Browsing History" functionality (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\DisableDeleteBrowsingHistoryCCE-1010Setting Index #81: This policy setting prevents users from performing the "Delete Browsing History" action in Internet Explorer. CCE-9790-7oThe "Allow installation of desktop items" machine setting should be configured correctly for the Internet Zone.,(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow installation of desktop items (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1800CCE-355zSetting Index #35: This policy setting allows you to manage whether users can install Active Desktop items from this zone. CCE-9792-3tThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Restricted Sites Zone.1(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run ActiveX controls and plugins (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1200CCE-841Setting Index #75: This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone. CCE-9793-1The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Internet Zone.K(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Only allow approved domains to use ActiveX controls without prompt (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\120bSetting Index #14: This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on Web sites other than the Web site that installed the ActiveX control.[Rule 'OnlyAllowApprovedDomainsToUseActiveXControlsWithoutPrompt_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31101' CCE-9814-5The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Restricted Sites Zone.T(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow script-initiated windows without size or position constraints (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2102CCE-208Setting Index #62: This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars. CCE-9821-0yThe "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Internet Zone.6(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Launching applications and files in an IFRAME (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1804CCE-689Setting Index #43: This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. CCE-9832-7The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Restricted Sites Zone.S(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Only allow a< pproved domains to use ActiveX controls without prompt (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\120bSetting Index #89: This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on Web sites other than the Web site that installed the ActiveX control.bRule 'OnlyAllowApprovedDomainsToUseActiveXControlsWithoutPrompt_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31106' CCE-9865-7The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Internet Zone.=(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Navigate windows and frames across different domains (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1607CCE-245Setting Index #45: This policy setting allows you to manage the opening of sub-frames and access of applications across different domains. CCE-9867-3sThe "Use SmartScreen Filter" machine setting should be configured correctly for the Locked-Down Local Machine Zone.9(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Use SmartScreen Filter (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\2301zSetting Index #19: This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. CCE-9869-9`The 'Software channel permissions' setting should be configured correctly for the Internet Zone.%(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Software channel permissions (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05CCE-359Setting Index #47: This policy setting allows you to manage software channel permissions. If you enable this policy setting, you can choose the following options from the drop-down box: CCE-9882-2The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Internet Zone.L(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow script-initiated windows without size or position constraints (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2102CCE-280Setting Index #36: This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars. CCE-9889-7_The "Prevent Deleting Temporary Internet Files" machine setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Temporary Internet Files (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Privacy\CleanTIFgSetting Index #88: This policy setting is used to prevent users from deleting temporary Internet files. CCE-9898-8The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Restricted Sites Zone.S(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2004CCE-678lSetting Index #73: Restricted Sites Zone: Run .NET Framework-reliant components not signed with Authenticode CCE-9917-6lThe "Download signed ActiveX controls" machine setting should be configured correctly for the Internet Zone.)(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Download signed ActiveX controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1001CCE-1013Setting Index #39: This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone. CCE-9959-8zThe "Automatic prompting for file downloads" machine setting should be configured correctly for the Restricted Sites Zone.7(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Automatic prompting for file downloads (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2200CCE-175wSetting Index #64: This policy setting determines whether users will be prompted for non user-initiated file downloads. CCE-9982-0hThe "Allow font downloads" machine setting should be configured correctly for the Restricted Sites Zone.%(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow font downloads (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1604CCE-882nSetting Index #59: This policy setting allows you to manage whether pages of the zone may download HTML fonts. CCE-10293-9kThe "Allow active content from CDs to run on user machines" machine setting should be configured correctly.](1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow active content from CDs to run on user machines (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings\LOCALMACHINE_CD_UNLOCK CCE-9779-0The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Internet Zone.8GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow scripting of Internet Explorer web browser control Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1206SRule 'AllowScriptingOfInternetExplorerWebBrowserControl_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31098' CCE-10725-0The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Restricted Sites Zone.@GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow scripting of Internet Explorer web browser control Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1206ZRule 'AllowScriptingOfInternetExplorerWebBrowserControl_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31103' CCE-10685-6\The "Allow Scriptlets" machine setting should be configured correctly for the Internet Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow Scriptlets (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1209 CCE-10630-2dThe "Allow Scriptlets" machine setting should be configured correctly for the Restricted Sites Zone.GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow Scriptlets Registry Key: HKLM\HKLM\Software\Policies\Mic< rosoft\Windows\CurrentVersion\Internet Settings\Zones\4\12098Rule 'AllowScriptlets_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31061' CCE-10055-2aThe "Check for signatures on downloaded programs" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Check for signatures on downloaded programs (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Download]CheckExeSignatures CCE-10590-8dThe "Configure Delete Browsing History on exit" current user setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Configure Delete Browsing History on exit (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy\ClearBrowsingHistoryOnExit9Rule 'ConfigureDeleteBrowsingHistoryonexit_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31095' CCE-9987-9gThe "Disable Automatic Install of Internet Explorer components" setting should be configured correctly.GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Automatic Install of Internet Explorer components Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\NoJITSetup CCE-10634-4kThe "Disable Periodic Check For Internet Explorer Software Updates" setting should be configured correctly.GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Periodic Check for Internet Explorer software updates Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\NoUpdateCheck CCE-10632-8OThe "Disable showing the splash screen" setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable showing the splash screen (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\NoSplash CCE-10095-8xThe "Download signed ActiveX controls" machine setting should be configured correctly for the Locked-Down Internet Zone.=(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Download signed ActiveX controls (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1001 CCE-9905-1ZThe "Allow third-party browser extensions" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow third-party browser extensions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\Enable Browser Extensions CCE-10646-8The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Internet Zone.=GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Include local directory path when uploading files to a server Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\160AVRule 'IncludeLocalDirectoryPathWhenUploadingFilesToAServer_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31099' CCE-9781-6The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Restricted Sites Zone.EGPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Include local directory path when uploading files to a server Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\160A]Rule 'IncludeLocalDirectoryPathWhenUploadingFilesToAServer_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31104' CCE-10603-9cThe "Include updated Web site lists from Microsoft" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Include updated Web site lists from Microsoft (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\MSCompatibilityMode<Rule 'IncludeUpdatedWebsiteListsFromMicrosoft_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31094' CCE-10566-8\The "Java permissions" machine setting should be configured correctly for the Intranet Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1C00 CCE-10319-2aThe "Java permissions" machine setting should be configured correctly for the Local Machine Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1C00 CCE-10597-3hThe "Java permissions" machine setting should be configured correctly for the Locked-Down Internet Zone.-(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3\1C00 CCE-10342-4hThe "Java permissions" machine setting should be configured correctly for the Locked-Down Intranet Zone.-(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1\1C00 CCE-10535-3mThe "Java permissions" machine setting should be configured correctly for the Locked-Down Local Machine Zone.2(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0\1C00 CCE-10275-6pThe "Java permissions" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.5(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4\1C00 CCE-10654-2mThe "Java permissions" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.2(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2\1C00 CCE-10696-3aThe "Java permissions" machine setting should be configured correctly for the Trusted Sites Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Java permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1C00 CCE-10650-0oThe "Launching programs and unsafe files" mac< hine setting should be configured correctly for the Internet Zone.#GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Launching programs and unsafe files Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1806ARule 'LaunchingProgramsAndUnsafeFiles_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31100' CCE-10744-1wThe "Launching programs and unsafe files" machine setting should be configured correctly for the Restricted Sites Zone.+GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Launching programs and unsafe files Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1806HRule 'LaunchingProgramsAndUnsafeFiles_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31105' CCE-10672-4\The "Loose XAML files" machine setting should be configured correctly for the Internet Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Loose XAML files (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2402 CCE-10178-2dThe "Loose XAML files" machine setting should be configured correctly for the Restricted Sites Zone. (1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Loose XAML files (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2402 CCE-9870-7lThe "Make proxy settings per-machine (rather than per-user)" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Make proxy settings per-machine (rather than per-user) (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser CCE-10110-5jThe "Prevent Deleting Web sites that the User has Visited" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Web sites that the User has Visited (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy\CleanHistoryARule 'PreventDeletingWebsitesthattheUserhasVisited_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31096' CCE-10522-1zThe "Prevent participation in the Customer Experience Improvement Program" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent participation in the Customer Experience Improvement Program (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\SQM\DisableCustomerImprovementProgram CCE-10641-9iThe "Prevent performance of First Run Customize settings" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent performance of First Run Customize settings (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize CCE-10515-5The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Internet Zone.BGPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run .NET Framework-reliant components not signed with Authenticode Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2004[Rule 'RunNETFrameworkReliantComponentsNotSignedWithAuthenticode_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31035' CCE-10625-2The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Internet Zone.>GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run .NET Framework-reliant components signed with Authenticode Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2001XRule 'RunNETFrameworkReliantComponentsSignedWithAuthenticode_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31036' CCE-10425-7hThe "Software channel permissions" machine setting should be configured correctly for the Internet Zone.$High safety/low safety/medium safety$(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Software channel permissions (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1E05 CCE-10595-7The "Turn off changing the URL to be displayed for checking updates to Internet Explorer and Internet Tools" machine setting should be configured correctly.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Component Updates\Periodic check for updates to Internet Explorer and Internet Tools\Turn off changing the URL to be displayed for checking updates to Internet Explorer and Internet Tools (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\Update_Check_Page CCE-9776-6nThe "Turn off configuring the update check interval (in days)" machine setting should be configured correctly.k(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Component Updates\Periodic check for updates to Internet Explorer and Internet Tools\Turn off configuring the update check interval (in days) (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\Update_Check_Interval CCE-14910-4LThe "Update Check Interval" should be set to the appropriate number of days.number of days(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Component Updates\Periodic check for updates to Internet Explorer and Internet Tools\Turn off configuring the update check interval (in days) - Update check interval (in days) (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Main\Update_Check_Interval CCE-10434-9eThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Internet Zone.!(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn Off First-Run Opt-In (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 CCE-10420-8mThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Restricted Sites Zone.)(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn Off First-Run Opt-In (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4!1208 CCE-9885-5QThe "Turn off InPrivate Browsing" machine setting should be configured correctly.GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Turn off InPrivate Browsing Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy\EnableInPrivateBrowsing-Rule 'TurnOffInPrivateBrowsing_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31097' CCE-10540-3OThe "Turn off Managing Phishing Filter" setting should be configured correctly.< (1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing Phishing filter (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\Enabled CCE-9973-9ZThe "Turn off Managing SmartScreen Filter" machine setting should be configured correctly.(1) enabled/disabled (2) on/off(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing SmartScreen Filter (2) Registry Key: HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\EnabledV85Rule 'TurnoffManagingSmartScreenFilter_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31093' CCE-10276-4uThe "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Internet Zone.)GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Cross-Site Scripting (XSS) Filter Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1409@Rule 'TurnonCrossSiteScriptingFilter_InternetZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31102' CCE-10105-5}The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Restricted Sites Zone.1GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1409GRule 'TurnonCrossSiteScriptingFilter_RestrictedSitesZone_LocalComputer'.Definition 'oval:gov.nist.USGCB.ie8:def:31107' CCE-10676-5bThe "Turn on Protected Mode" machine setting should be configured correctly for the Internet Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Protected Mode (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500 CCE-9945-7jThe "Turn on Protected Mode" machine setting should be configured correctly for the Restricted Sites Zone.&(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on Protected Mode (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500 CCE-10200-4`The "Userdata persistence" machine setting should be configured correctly for the Internet Zone.(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Userdata persistence (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1606 CCE-9760-0hThe "Userdata persistence" machine setting should be configured correctly for the Restricted Sites Zone.$(1) GPO Settings: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Userdata persistence (2) Registry Key: HKLM\HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1606 CCE-10829-0iThe "Disable external branding of Internet Explorer" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable external branding of Internet Explorer CCE-10701-1TThe "Turn off page transitions" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced settings\Browsing\Turn off page transitions CCE-10816-7DEPRECATED. Previously: The "Turn on the Internet Connection Wizard Auto Detect" setting should be configured correctly. Note: According to Microsoft, does not apply to IE 8.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced settings\Internet Connection Wizard Settings\Turn on the Internet Connection Wizard Auto Detect CCE-10820-9lThe "Download signed ActiveX controls" machine setting should be configured correctly for the Intranet Zone.)(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Download signed ActiveX controls (2) Registry Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1001 CCE-16818-7VThe "Customize User Agent String" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Customize User Agent String HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent CCE-17008-4jThe "Do not allow users to enable or disable add-ons" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Do not allow users to enable or disable add-ons HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-17025-8SThe "Enforce Full Screen Mode" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Enforce Full Screen Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16073-9\The "Disable changing ratings settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing ratings settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16360-0SThe "Turn off Crash Detection" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Crash Detection HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-17043-1oThe "Prevent Internet Explorer Search box from displaying" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent Internet Explorer Search box from displaying HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-16917-7mThe "Disable changing Temporary Internet files settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Temporary Internet files settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-17082-9yThe "Turn off configuration of default behavior of new tab creation" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of default behavior of new tab creation HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-17007-6lThe "Disable Per-User Installation of ActiveX Controls" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Per-User Installation of ActiveX Controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Security\ActiveX CCE-16902-9SThe "Turn off tabbed browsing" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off tabbed browsing HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-16218-0hThe "Restrict changing the default search provider" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Restrict c< hanging the default search provider HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-17086-0ZThe "Disable changing color settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing color settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16950-8]The "Disable changing language settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing language settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-17053-0The "Prevent participation in the Customer Experience Improvement Program" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent participation in the Customer Experience Improvement Program HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SQM CCE-16511-8The "Only use the ActiveX Installer Service for installation of ActiveX Controls" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Only use the ActiveX Installer Service for installation of ActiveX Controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AxInstaller CCE-16893-0^The "Turn off page zooming functionality" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off page zooming functionality HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ZOOM CCE-16478-0aThe "Disable changing default browser check" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing default browser check HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16813-8^The "Disable changing Messaging settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Messaging settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16919-3bThe "Disable changing Advanced page settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Advanced page settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16831-0iThe "Turn off the activation of the quick pick menu" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the activation of the quick pick menu HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SearchScopes CCE-16236-2cThe "Turn off Automatic Crash Recovery Prompt" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Automatic Crash Recovery Prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Recovery CCE-16906-0iThe "Disable changing Calendar and Contact settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Calendar and Contact settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16752-8nThe "Turn off displaying the Internet Explorer Help Menu" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off displaying the Internet Explorer Help Menu HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16474-9ZThe "Disable changing proxy settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing proxy settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16113-3\The "Turn off Quick Tabs functionality" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Quick Tabs functionality HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-16626-4`The "Disable caching of Auto-Proxy scripts" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable caching of Auto-Proxy scripts HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16090-3YThe "Turn off ActiveX opt-in prompt" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off ActiveX opt-in prompt HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext CCE-16767-6oThe "Turn off the auto-complete feature for web addresses" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the auto-complete feature for web addresses HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete CCE-16756-9`The "Turn off Reopen Last Browsing Session" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Reopen Last Browsing Session HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Recovery CCE-16351-9`The "Turn off managing Pop-up filter level" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off managing Pop-up filter level HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16999-5^The "Disable changing home page settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing home page settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-17003-5VThe "Turn on menu bar by default" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on menu bar by default HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16356-8_The "Disable changing link color settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing link color settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16285-9aThe "Turn off configuration of window reuse" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of window reuse HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16977-1PThe "Turn off Tab Grouping" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Tab Grouping HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-17020-9QThe "Set tab process growth" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Set tab process growth HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16267-7]The "Disable Internet Connection wizard" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Internet Connection wizard HKEY_CURRENT_USER\Softw< are\Policies\Microsoft\Internet Explorer\Control Panel CCE-16364-2nThe "Prevent performance of First Run Customize settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent performance of First Run Customize settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16232-1^The "Turn off Managing Pop-up Allow list" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing Pop-up Allow list HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16093-7bThe "Configure new tab page default behavior" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Configure new tab page default behavior HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-17018-3UThe "Turn off pop-up management" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off pop-up management HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16088-7hThe "Disable changing secondary home page settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing secondary home page settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\SecondaryStartPages CCE-16915-1hThe "Prevent Bypassing SmartScreen Filter Warnings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent Bypassing SmartScreen Filter Warnings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\PhishingFilter CCE-16897-1_The "Prevent "Fix settings" functionality" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent "Fix settings" functionality HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Security CCE-16699-1tThe "Restrict search providers to a specific list of providers" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Restrict search providers to a specific list of providers HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-16263-6lThe "Disable changing Automatic Configuration settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing Automatic Configuration settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16079-6bThe "Disable changing accessibility settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing accessibility settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16620-7LThe "Pop-up allow list" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Pop-up allow list HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\New Windows CCE-16749-4tThe "Turn off configuration of tabbed browsing pop-up behavior" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of tabbed browsing pop-up behavior HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-16406-1qThe "Display error message on proxy script download failure" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Display error message on proxy script download failure HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-17035-7_The "Turn off Managing SmartScreen Filter" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\PhishingFilter CCE-16663-7RThe "Turn on Suggested Sites" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on Suggested Sites HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Suggested Sites CCE-17012-6YThe "Disable changing font settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing font settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16794-0QThe "Turn off Favorites bar" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Favorites bar HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\LinksBar CCE-16994-6pThe "Turn off suggestions for all user-installed providers" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off suggestions for all user-installed providers HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\SearchScopes CCE-16227-1gThe "Turn off the Security Settings Check feature" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the Security Settings Check feature HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Security CCE-17031-6jThe "Use Automatic Detection for dial-up connections" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Use Automatic Detection for dial-up connections HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16295-8_The "Disable changing connection settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable changing connection settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16091-1XThe "Turn on Compatibility Logging" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on Compatibility Logging HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_logging CCE-17030-8gThe "Moving the menu bar above the navigation bar" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Moving the menu bar above the navigation bar HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbar\WebBrowser CCE-16487-1The "Add a specific list of search providers to the user's search provider list" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Add a specific list of search providers to the user's search provider list HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-16840-1`The "Disable Import/Export Settings wizard" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Disable Import/Export Settings wizard HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer CCE-16033-3KThe "Turn off Accelerators" machine setting should be configured correctly.Computer Configuration\Admi< nistrative Templates\Windows Components\Internet Explorer\Accelerators\Turn off Accelerators HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Activities CCE-16395-6QThe "Deploy default Accelerators" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Deploy default Accelerators HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesDefaultInstall CCE-16527-4UThe "Deploy non-default Accelerators" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Deploy non-default Accelerators HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesInstall CCE-16276-8MThe "Use Policy Accelerators" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Use Policy Accelerators HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Activities\Restrictions CCE-16852-6ZThe "Deploy non-default Accelerators" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Deploy non-default Accelerators HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesInstall CCE-16874-0VThe "Deploy default Accelerators" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Deploy default Accelerators HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesDefaultInstall CCE-16848-4RThe "Use Policy Accelerators" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Use Policy Accelerators HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Activities\Restrictions CCE-16879-9PThe "Turn off Accelerators" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Accelerators\Turn off Accelerators HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Activities CCE-15702-4The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Restricted Sites Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16370-9|The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15641-4The "Allow active content over restricted protocols to access my computer" machine setting should be configured correctly for the Restricted Sites Zone.4Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow active content over restricted protocols to access my computer HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16299-0The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Restricted Sites Zone.-Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16363-4The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Restricted Sites Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15546-5pThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Restricted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16391-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Restricted Sites Zone.SComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16268-5mThe "XAML browser applications" machine setting should be configured correctly for the Restricted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16537-3aThe "XPS documents" machine setting should be configured correctly for the Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16294-1iThe "Display mixed content" machine setting should be configured correctly for the Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15647-1rThe "Submit non-encrypted form data" machine setting should be configured correctly for the Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15569-7The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Restricted Sites Zone.7Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15760-2jThe "Use SmartScreen Filter" machine setting should be configured correctly for the Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Use SmartScreen Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-15727-1mThe "Allow the printing of background colors and images" current user setting should be configured correctly.User Configuration\Administrative Temp< lates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Printing\Allow the printing of background colors and images HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16480-6\The "Restrict ActiveX Install: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16718-9]The "Restrict ActiveX Install: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL CCE-15480-7ZThe "Prevent Deleting Favorites Site Data" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Favorites Site Data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15022-7PThe "Prevent Deleting Passwords" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Passwords HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16001-0_The "Prevent Deleting InPrivate Filtering data" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting InPrivate Filtering data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15494-8_The "Configure Delete Browsing History on exit" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Configure Delete Browsing History on exit HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15242-1PThe "Prevent Deleting Form Data" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Form Data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16149-7sThe "Download unsigned ActiveX controls" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16173-7rThe "Allow binary and script behaviors" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16197-6oThe "Submit non-encrypted form data" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15201-7qThe "Download signed ActiveX controls" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16136-4The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Internet Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15986-3cThe "Use Pop-up Blocker" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15871-7The "Open files based on content, not file extension" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15686-9qThe "Run ActiveX controls and plugins" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16050-7~The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15438-5fThe "Display mixed content" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15280-1jThe "Scripting of Java applets" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15220-7sThe "Access data sources across domains" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15825-3The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16078-8jThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15515-0The "Allow active content over restricted protocols to acce< ss my computer" current user setting should be configured correctly for the Internet Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow active content over restricted protocols to access my computer HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16182-8gThe "Use SmartScreen Filter" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15968-1mThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15305-6The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16169-5^The "XPS documents" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15990-5eThe "Userdata persistence" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15922-8cThe "Allow META REFRESH" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15505-1aThe "Allow Scriptlets" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15347-8The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Internet Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16083-8^The "Logon options" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15652-1The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Internet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16028-3The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15809-7The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Internet Zone.-User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15202-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Internet Zone.FUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15667-9The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Internet Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16201-6The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Internet Zone.$User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15783-4tThe "Launching programs and unsafe files" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15931-9jThe "XAML browser applications" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15675-2zThe "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15404-7aThe "Loose XAML files" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15730-5< wThe "Automatic prompting for file downloads" current user setting should be configured correctly for the Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15356-9tThe "Allow installation of desktop items" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16017-6eThe "Allow font downloads" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16127-3eThe "Allow file downloads" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15211-6aThe "Java permissions" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16131-5yThe "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15510-1mThe "Software channel permissions" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15223-1The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Internet Zone."User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15199-3gThe "Allow active scripting" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15279-3gThe "Turn on Protected Mode" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15518-4tThe "Allow status bar updates via script" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16210-7The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Internet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15263-7The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15254-6|The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15598-6The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15881-6[The "Restrict File Download: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD CCE-16775-9ZThe "Restrict File Download: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15578-8uThe "Allow Scriptlets" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15649-7The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.CUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16338-6The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Locked-Down Intranet Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16602-5yThe "Disable .NET Framework Setup" current user setting should be configured correct< ly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16408-7~The "Software channel permissions" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15339-5The "Allow installation of desktop items" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15317-1~The "Scripting of Java applets" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15532-5rThe "Java permissions" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15724-8The "Allow binary and script behaviors" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15979-8The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.cUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15838-6zThe "Display mixed content" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15712-3qThe "Userdata persistence" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16168-7The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Locked-Down Internet Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15734-7qThe "Allow font downloads" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17028-2The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15999-6qThe "Allow font downloads" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15690-1The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Locked-Down Local Machine Zone.DUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16063-0The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16014-3sThe "Turn on Protected Mode" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15320-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Locked-Down Internet Zone.[User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16187-7The "Launching programs and unsafe files" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16844-3rThe "Loose XAML files" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security< Page\Locked-Down Trusted Sites Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16441-8The "Allow installation of desktop items" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15622-4The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Locked-Down Intranet Zone.BUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15512-7The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Locked-Down Local Machine Zone.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16204-0rThe "Allow Scriptlets" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16983-9tThe "Use Pop-up Blocker" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16177-8The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Locked-Down Internet Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16174-5The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Locked-Down Local Machine Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16015-0The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.9User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15102-7{The "Use SmartScreen Filter" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16429-3rThe "Display mixed content" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16067-1The "Automatic prompting for file downloads" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15067-2The "Submit non-encrypted form data" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16809-6oThe "Logon options" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16444-2{The "Scripting of Java applets" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16505-0sThe "Allow active scripting" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15963-2~The "Allow binary and script behaviors" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15976-4The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Locked-Down Internet Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16215-6The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16117-4jThe "Logon options" current user setting should be configured correctly for< the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15747-9The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Locked-Down Intranet Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16430-1The "Open files based on content, not file extension" current user setting should be configured correctly for the Locked-Down Local Machine Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15327-0The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16219-8The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Locked-Down Internet Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16561-3The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Locked-Down Intranet Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15323-9The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.JUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15882-4The "Disable .NET Framework Setup" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15636-4The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone."User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15873-3The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.BUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15351-0The "Launching programs and unsafe files" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16642-1rThe "Allow Scriptlets" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16457-4The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Local Machine Zone.>User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16898-9The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15773-5vThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15538-2~The "Disable .NET Framework Setup" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16036-6}The "Download signed ActiveX controls" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16522-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Locked-Down Intranet Zone.[User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Curren< tVersion\Internet Settings\Lockdown_Zones\1 CCE-16314-7The "Open files based on content, not file extension" current user setting should be configured correctly for the Locked-Down Internet Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16184-4rThe "Java permissions" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15500-2The "Access data sources across domains" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16129-9~The "Allow binary and script behaviors" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16407-9sThe "Turn on Protected Mode" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16270-1{The "Submit non-encrypted form data" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15692-7mThe "Java permissions" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15096-1uThe "Loose XAML files" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15091-2The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.BUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16335-2xThe "Allow active scripting" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16562-1The "Automatic prompting for file downloads" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15105-0The "Download signed ActiveX controls" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15599-4{The "Submit non-encrypted form data" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15066-4The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.-User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15200-9~The "XAML browser applications" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16459-0The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Locked-Down Local Machine Zone.@User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16181-0The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Locked-Down Internet Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15926-9The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Locked-Down Internet Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15601-8jThe "Logon options" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Logon opti< ons HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16040-8The "Launching programs and unsafe files" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15693-5The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Locked-Down Internet Zone.;User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16434-3The "Allow status bar updates via script" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16234-7The "Run ActiveX controls and plugins" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16281-8vThe "Scripting of Java applets" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16479-8The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16374-1The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16226-3The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.@User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16206-5mThe "Allow Scriptlets" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16466-5oThe "XPS documents" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-17227-0vThe "Allow font downloads" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16176-0The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Locked-Down Internet Zone.BUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16361-8The "Open files based on content, not file extension" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16816-1~The "Disable .NET Framework Setup" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15876-6oThe "Allow META REFRESH" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15832-9The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Locked-Down Local Machine Zone.;User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16296-6yThe "Software channel permissions" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16426-9The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Locked-Down Local Machine Zone..User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16449-1The "Allow websites to open windows without address or status bars" current user setting should be configured correctly< for the Locked-Down Local Machine Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15076-3The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16220-6vThe "Allow file downloads" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15044-1~The "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16211-5wThe "Display mixed content" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15862-6The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Locked-Down Intranet Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16180-2The "Allow status bar updates via script" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16359-2vThe "XAML browser applications" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15558-0The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Locked-Down Internet Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16452-5The "Automatic prompting for file downloads" current user setting should be configured correctly for the Locked-Down Local Machine Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15620-8yThe "Software channel permissions" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16381-6The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Locked-Down Intranet Zone.7User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16024-2wThe "Allow META REFRESH" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-17238-7The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16492-1The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Locked-Down Intranet Zone.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16344-4The "Allow binary and script behaviors" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16071-3The "Launching programs and unsafe files" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16476-4The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Locked-Down Local Machine Zone.`User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16280-0The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Loc< ked-Down Trusted Sites Zone.;User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16190-1The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Locked-Down Intranet Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16095-2The "Allow status bar updates via script" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17252-8vThe "Userdata persistence" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15212-4The "Software channel permissions" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16155-4mThe "Java permissions" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15204-1The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.=User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15567-1The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Locked-Down Internet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16325-3The "Allow installation of desktop items" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15966-5The "Access data sources across domains" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone."User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16291-7The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Locked-Down Internet Zone.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15975-6wThe "Use Pop-up Blocker" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15678-6yThe "Userdata persistence" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15243-9uThe "Java permissions" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16080-4qThe "Allow file downloads" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15935-0mThe "Loose XAML files" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15992-1The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.>User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16331-1}The "Run ActiveX controls and plugins" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16075-4The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Locked-Down Local Machine Zone.<User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings< \Lockdown_Zones\0 CCE-16311-3mThe "Allow Scriptlets" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17231-2The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15722-2The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.=User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15742-0The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Locked-Down Intranet Zone.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16448-3oThe "XPS documents" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15984-8The "Allow status bar updates via script" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16134-9qThe "Userdata persistence" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16926-8The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.>User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16272-7The "Allow binary and script behaviors" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16473-1The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Locked-Down Local Machine Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16450-9xThe "Allow active scripting" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-17062-1{The "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15812-1The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.+User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16265-1vThe "XAML browser applications" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16200-8The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone..User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15912-9The "Launching programs and unsafe files" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16065-5The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Locked-Down Intranet Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15816-2The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.(User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16346-9The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Locked-Down Intranet Z< one.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16062-2sThe "Allow active scripting" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17077-9The "Submit non-encrypted form data" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15638-0oThe "Allow META REFRESH" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17243-7The "Allow installation of desktop items" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16486-3The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Locked-Down Local Machine Zone.(User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16417-8The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Locked-Down Local Machine Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15463-3rThe "Logon options" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16035-8{The "Allow active scripting" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16055-6The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Locked-Down Intranet Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16732-0The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.(User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16501-9mThe "Loose XAML files" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16307-1xThe "Use SmartScreen Filter" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16580-3}The "Run ActiveX controls and plugins" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15703-2oThe "Use Pop-up Blocker" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16481-4{The "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-17247-8The "Download signed ActiveX controls" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16556-3The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Intranet Zone.9User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15036-7The "Allow installation of desktop items" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16482-2{The "XAML browser applications" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administ< rative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16442-6The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Locked-Down Intranet Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15981-4The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Locked-Down Internet Zone.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17146-2{The "Scripting of Java applets" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16949-0The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15525-9The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Locked-Down Internet Zone.7User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17021-7The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15755-2vThe "Scripting of Java applets" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17177-7The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.GUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15754-5The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Locked-Down Local Machine Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16213-1vThe "Allow font downloads" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16352-7{The "XAML browser applications" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15778-4The "Submit non-encrypted form data" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16970-6The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.<User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15324-7yThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15942-6rThe "XPS documents" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16217-2tThe "Use Pop-up Blocker" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15574-7The "Run ActiveX controls and plugins" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16333-7}The "Download signed ActiveX controls" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Downlo< ad signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15432-8The "Open files based on content, not file extension" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone./User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16446-7The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Locked-Down Intranet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16045-7The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17066-2The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.DUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15233-0The "Automatic prompting for file downloads" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16222-2The "Access data sources across domains" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15997-0yThe "Allow file downloads" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15941-8rThe "Loose XAML files" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15634-9qThe "Allow file downloads" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15228-0The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.GUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15301-5The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.4User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15679-4The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16221-4The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15939-2jThe "XPS documents" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16390-7vThe "Allow file downloads" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-17225-4The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16339-4The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Locked-Down Local Machine Zone.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16305-5The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Locked-Down Internet Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\< CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16321-2The "Download signed ActiveX controls" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15551-5vThe "Userdata persistence" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16453-3The "Run ActiveX controls and plugins" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16258-6The "Allow status bar updates via script" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15322-1sThe "Use SmartScreen Filter" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16386-5xThe "Turn on Protected Mode" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16495-4The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Locked-Down Intranet Zone.;User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17118-1The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16415-2jThe "XPS documents" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17180-1The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.`User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16366-7The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Locked-Down Local Machine Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16223-0vThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15506-9The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15626-5The "Access data sources across domains" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16560-5The "Open files based on content, not file extension" current user setting should be configured correctly for the Locked-Down Intranet Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-17141-3tThe "Allow META REFRESH" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16399-8The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Locked-Down Local Machine Zone.?User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16326-1wThe "Display mixed content" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15100-1The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.8User Configuration\Administrative Templates\W< indows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15318-9The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Internet Zone.9User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-17032-4xThe "Turn on Protected Mode" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16198-4tThe "Allow META REFRESH" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15255-3The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.AUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-17078-7~The "Software channel permissions" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15513-5The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Locked-Down Local Machine Zone.GUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16455-8xThe "Use SmartScreen Filter" current user setting should be configured correctly for the Locked-Down Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15539-0The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Locked-Down Internet Zone.:User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15603-4{The "Turn on Protected Mode" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16576-1sThe "Use SmartScreen Filter" current user setting should be configured correctly for the Locked-Down Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15328-8rThe "Display mixed content" current user setting should be configured correctly for the Locked-Down Internet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16412-9The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Locked-Down Local Machine Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16420-2The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Locked-Down Intranet Zone.0User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16761-9The "Automatic prompting for file downloads" current user setting should be configured correctly for the Locked-Down Trusted Sites Zone.#User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16041-6The "Access data sources across domains" current user setting should be configured correctly for the Locked-Down Internet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15646-3oThe "Logon options" current user setting should be configured correctly for the Locked-Down Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16011-9The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15632-3oThe "Use Pop-up Blocker" current user setting should be configured correctly for the Locked-Down Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet< Settings\Lockdown_Zones\1 CCE-15589-5yThe "Allow font downloads" current user setting should be configured correctly for the Locked-Down Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16082-0The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Locked-Down Internet Zone.0User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16645-4pThe "Restrict ActiveX Install: Internet Explorer Processes" current user setting should be configured correctly. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL CCE-15869-1bThe "Restrict ActiveX Install: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL CCE-16491-3aThe "Restrict ActiveX Install: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16032-5The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Internet Explorer Processes" machine setting should be configured correctly.rComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt CCE-15508-5The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: All Processes" machine setting should be configured correctly.dComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt CCE-15781-8The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Process List" machine setting should be configured correctly.3Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15482-3]The "Object Caching Protection: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15483-1lThe "Object Caching Protection: Internet Explorer Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING CCE-15487-2^The "Object Caching Protection: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING CCE-16683-5pThe "Prevent setting of the code download path for each machine" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Corporate Settings\Code Download\Prevent setting of the code download path for each machine HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16121-6The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15177-9oThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16081-2~The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16085-3The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Local Machine Zone./User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15787-5rThe "Software channel permissions" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15961-6wThe "Allow binary and script behaviors" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15989-7The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Local Machine Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15215-7fThe "Allow Scriptlets" current user setting should be configured correctly for the Local < Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15446-8fThe "Java permissions" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15748-7vThe "Download signed ActiveX controls" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15479-9yThe "Allow installation of desktop items" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15162-1rThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15385-8hThe "Allow META REFRESH" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15171-2yThe "Launching programs and unsafe files" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16044-0The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Local Machine Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15988-9lThe "Turn on Protected Mode" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15858-4The "Open files based on content, not file extension" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15195-1jThe "Userdata persistence" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16122-4jThe "Allow file downloads" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15153-0vThe "Run ActiveX controls and plugins" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15157-1The "Allow active content over restricted protocols to access my computer" current user setting should be configured correctly for the Local Machine Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow active content over restricted protocols to access my computer HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16116-6The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15800-6The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16108-3The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15902-0The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Local Machine Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16025-9The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Local Machine Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15761-0The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15668-7jThe "Allow font down< loads" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16064-8cThe "XPS documents" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15196-9lThe "Allow active scripting" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16054-9The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Local Machine Zone.KUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15193-6The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Local Machine Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15757-8xThe "Access data sources across domains" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16144-8kThe "Display mixed content" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15241-3oThe "XAML browser applications" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16076-2lThe "Use SmartScreen Filter" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16003-6The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Local Machine Zone.+User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15602-6oThe "Scripting of Java applets" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16031-7cThe "Logon options" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16126-5yThe "Allow status bar updates via script" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16140-6The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Local Machine Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16100-0tThe "Submit non-encrypted form data" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15185-2The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16099-4fThe "Loose XAML files" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15880-8The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Local Machine Zone.2User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16059-8xThe "Download unsigned ActiveX controls" current user setting should be configured correctly for the Local Machine Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15565-5hThe "Use Pop-up Blocker" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15752-9< |The "Automatic prompting for file downloads" current user setting should be configured correctly for the Local Machine Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15237-1The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Local Machine Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15959-0The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Local Machine Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16692-6qThe "Network Protocol Lockdown: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN CCE-16696-7cThe "Network Protocol Lockdown: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN CCE-16670-2bThe "Network Protocol Lockdown: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16648-8]The "Consistent Mime Handling: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING CCE-16653-8\The "Consistent Mime Handling: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-17095-1The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17092-8wThe "Submit non-encrypted form data" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16988-8The "Automatic prompting for file downloads" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17014-2The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Restricted Sites Zone.(User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17054-8nThe "Display mixed content" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17076-1The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Restricted Sites Zone.(User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17023-3kThe "Use Pop-up Blocker" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17006-8The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Restricted Sites Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16611-6fThe "XPS documents" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16734-6mThe "Allow file downloads" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16196-8fThe "Logon options" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17107-4The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Restricted Sites Zone..User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16817-9The "Allow websites to prompt for information using scripted windows" current us< er setting should be configured correctly for the Restricted Sites Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16159-6iThe "Java permissions" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16494-7The "Open files based on content, not file extension" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16118-2zThe "Allow binary and script behaviors" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16905-2mThe "Userdata persistence" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17073-8{The "Access data sources across domains" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16974-8The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Restricted Sites Zone.2User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17063-9oThe "Use SmartScreen Filter" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16154-7The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17010-0oThe "Allow active scripting" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16878-1The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16156-2The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16496-2The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Restricted Sites Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16240-4yThe "Download signed ActiveX controls" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16209-9The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Restricted Sites Zone.-User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17079-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Restricted Sites Zone.NUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16135-6uThe "Software channel permissions" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16738-7The "Allow active content over restricted protocols to access my computer" current user setting should be configured correctly for the Restricted Sites Zone./User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow active content over restricted protocols to access my computer HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16855-9uThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16139-8iThe "Loose XAML files" current user setting should be configured co< rrectly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17124-9kThe "Allow META REFRESH" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17085-2The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16107-5|The "Allow installation of desktop items" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17088-6oThe "Turn on Protected Mode" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16109-1|The "Allow status bar updates via script" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16709-8The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Restricted Sites Zone.$User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16860-9|The "Launching programs and unsafe files" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16153-9The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Restricted Sites Zone.-User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16832-8mThe "Allow font downloads" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16130-7rThe "Scripting of Java applets" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17050-6{The "Download unsigned ActiveX controls" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16152-1yThe "Run ActiveX controls and plugins" current user setting should be configured correctly for the Restricted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17117-3The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Restricted Sites Zone.5User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17059-7rThe "XAML browser applications" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16503-5rThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16507-6iThe "Allow Scriptlets" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-17099-3The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Restricted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 CCE-16336-0oThe "Prevent configuration of search from the Address bar" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Searching\Prevent configuration of search from the Address bar HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15739-6mThe "Turn on the Internet Connection Wizard Auto Detect" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Internet Connection Wizard Settings\Turn on the Internet Connection Wizard Auto Detect HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Connection Wizard CCE-16925-0lThe "Turn off sending URLs as UTF-8 (requires restart)" < current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\URL Encoding\Turn off sending URLs as UTF-8 (requires restart) HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16089-5FThe "Add-on List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Add-on List HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext CCE-16711-4zThe "Deny all add-ons unless specifically allowed in the Add-on List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Deny all add-ons unless specifically allowed in the Add-on List HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Ext CCE-16847-6[The "Add-on Management: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT CCE-16341-0ZThe "Add-on Management: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16125-7eThe "Mime Sniffing Safety Feature: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16367-5tThe "Mime Sniffing Safety Feature: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING CCE-16239-6fThe "Mime Sniffing Safety Feature: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING CCE-15947-5~The "Allow binary and script behaviors" machine setting should be configured correctly for the Locked-Down Local Machine Zone.#Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16904-5The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Locked-Down Internet Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16659-5The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Locked-Down Internet Zone.>Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16251-1vThe "Turn on Protected Mode" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16026-7The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Locked-Down Internet Zone.GComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16864-1lThe "Userdata persistence" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16046-5qThe "Allow font downloads" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16826-0pThe "Loose XAML files" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15190-2qThe "Allow file downloads" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16243-8zThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16230-5The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16637-1hThe "Allow Scriptlets" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16347-7hThe "Loose XAML files" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Se< curity Page\Locked-Down Internet Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15719-8The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Locked-Down Local Machine Zone.3Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16565-4The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.9Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16719-7tThe "Software channel permissions" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16178-6The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Locked-Down Intranet Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16667-8The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.LComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16650-4jThe "Use Pop-up Blocker" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15807-1The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Locked-Down Local Machine Zone.CComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16425-1The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Locked-Down Intranet Zone.>Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16539-9The "Allow status bar updates via script" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16857-5The "Allow binary and script behaviors" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16807-0eThe "Logon options" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16233-9The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone..Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15949-1vThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-14981-5jThe "Logon options" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16160-4~The "Allow binary and script behaviors" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.#Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16039-0The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Locked-Down Internet Zone..Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15710-7qThe "Userdata persistence" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16668-6tThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16581-1The "Allow scripting of Internet Explorer web browser con< trol" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.=Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15682-8}The "Download signed ActiveX controls" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone."Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16614-0The "Allow installation of desktop items" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16543-1~The "Automatic prompting for file downloads" machine setting should be configured correctly for the Locked-Down Internet Zone.#Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16959-9The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Locked-Down Intranet Zone.<Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16086-1The "Open files based on content, not file extension" machine setting should be configured correctly for the Locked-Down Intranet Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15798-2}The "Download signed ActiveX controls" machine setting should be configured correctly for the Locked-Down Local Machine Zone."Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16601-7mThe "Loose XAML files" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16803-9tThe "Software channel permissions" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15811-3sThe "Turn on Protected Mode" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16468-1vThe "Submit non-encrypted form data" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16616-5yThe "Software channel permissions" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15897-2yThe "XAML browser applications" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16454-1The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16445-9The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Locked-Down Internet Zone.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16548-0The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15080-5rThe "Display mixed content" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15644-8The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Locked-Down Local Machine Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16029-1nThe "Allow active scripting" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow active scripting HKEY< _LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16733-8tThe "Allow font downloads" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15728-9yThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15304-9The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Locked-Down Local Machine Zone.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16535-7sThe "Allow active scripting" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16519-1The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15653-9The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.-Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15842-8The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Locked-Down Local Machine Zone.LComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16947-4The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Locked-Down Intranet Zone.`Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15906-1|The "Disable .NET Framework Setup" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.!Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16954-0eThe "Logon options" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16876-5eThe "XPS documents" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15970-7The "Launching programs and unsafe files" machine setting should be configured correctly for the Locked-Down Local Machine Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16793-2yThe "Allow binary and script behaviors" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16471-5yThe "Scripting of Java applets" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16499-6jThe "Allow META REFRESH" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15864-2The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Locked-Down Local Machine Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15847-7sThe "Allow active scripting" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16841-9tThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16077-0zThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Lock< ed-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15012-8The "Allow status bar updates via script" machine setting should be configured correctly for the Locked-Down Local Machine Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15666-1mThe "Allow Scriptlets" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16104-2The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Locked-Down Intranet Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15960-8The "Download unsigned ActiveX controls" machine setting should be configured correctly for the Locked-Down Local Machine Zone.$Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16009-3The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Locked-Down Intranet Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16895-5The "Open files based on content, not file extension" machine setting should be configured correctly for the Locked-Down Internet Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16225-5sThe "Turn on Protected Mode" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16205-7lThe "Allow file downloads" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16546-4The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Locked-Down Intranet Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16932-6vThe "Submit non-encrypted form data" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16891-4qThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16886-4The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Locked-Down Internet Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16179-4The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16246-1yThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16567-0qThe "Userdata persistence" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15813-9The "Launching programs and unsafe files" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15987-1The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Locked-Down Intranet Zone..Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16533-2The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Locked-Down Intranet Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16069-7tThe "Allow f< ile downloads" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15934-3The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Locked-Down Local Machine Zone.IComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15393-2The "Open files based on content, not file extension" machine setting should be configured correctly for the Locked-Down Local Machine Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16859-1The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Locked-Down Internet Zone.`Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16643-9The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.>Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15208-2vThe "XAML browser applications" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16737-9The "Download signed ActiveX controls" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15596-0The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Locked-Down Local Machine Zone.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15909-5The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.FComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16195-0mThe "XPS documents" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15362-7The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Locked-Down Local Machine Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15766-9vThe "XAML browser applications" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15983-0The "Allow installation of desktop items" machine setting should be configured correctly for the Locked-Down Local Machine Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16447-5{The "Allow installation of desktop items" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15694-3The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.IComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16617-3zThe "Access data sources across domains" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16730-4The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Locked-Down Internet Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15017-7mThe "Loose XAML files" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Po< licies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16229-7The "Allow installation of desktop items" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16784-1tThe "Userdata persistence" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16043-2The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Locked-Down Internet Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16729-6rThe "Allow META REFRESH" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16318-8The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Locked-Down Intranet Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15915-2The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.-Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16189-3mThe "Display mixed content" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15600-0The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Locked-Down Local Machine Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16373-3hThe "Allow Scriptlets" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15957-4oThe "Use Pop-up Blocker" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16854-2{The "Allow installation of desktop items" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15952-5The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Locked-Down Local Machine Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16553-0The "Open files based on content, not file extension" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16922-7{The "Allow status bar updates via script" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16577-9The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.2Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15639-8The "Download unsigned ActiveX controls" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.$Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15971-5The "Access data sources across domains" machine setting should be configured correctly for the Locked-Down Local Machine Zone.$Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-17009-2xThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16517-5mThe "Allow Scriptlets" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Wind< ows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16943-3xThe "Download signed ActiveX controls" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16224-8rThe "Display mixed content" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16004-4The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.LComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16724-7rThe "Use Pop-up Blocker" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16092-9mThe "Logon options" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16595-1lThe "Userdata persistence" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16274-3The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Locked-Down Internet Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16824-5The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Locked-Down Intranet Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16607-4lThe "Allow font downloads" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16571-2jThe "XPS documents" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16963-1The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Locked-Down Intranet Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16188-5The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Locked-Down Intranet Zone.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16105-9vThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15948-3vThe "Scripting of Java applets" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16985-4nThe "Allow active scripting" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16096-0{The "Allow status bar updates via script" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16830-2The "Allow status bar updates via script" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16110-9The "Launching programs and unsafe files" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16957-3mThe "Display mixed content" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configu< ration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15851-9The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Locked-Down Local Machine Zone.AComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16490-5The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.3Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16935-9qThe "XAML browser applications" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15642-2qThe "Allow file downloads" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15892-3vThe "Allow active scripting" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16320-4The "Download unsigned ActiveX controls" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.'Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16635-5The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15732-1The "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Locked-Down Local Machine Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16392-3uThe "Display mixed content" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15956-6yThe "Software channel permissions" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16972-2yThe "Allow binary and script behaviors" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15954-1oThe "Allow META REFRESH" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16631-4The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16228-9oThe "Use Pop-up Blocker" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15891-5jThe "XPS documents" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16782-5jThe "Allow META REFRESH" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16371-7vThe "Scripting of Java applets" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16828-6qThe "Scripting of Java applets" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15944-2}The "Run ActiveX controls and plugins" machine setting should be configured correctly for the Locked-Down Local Machine Zone."Computer Con< figuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16600-9The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Locked-Down Internet Zone.@Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15901-2The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.hComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16789-0The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.BComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16714-8The "Access data sources across domains" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.'Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16851-8lThe "Allow font downloads" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16547-2qThe "XAML browser applications" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16094-5The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.0Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16624-9{The "Launching programs and unsafe files" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15198-5The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Locked-Down Local Machine Zone.-Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15016-9The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Locked-Down Local Machine Zone.EComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16460-8The "Automatic prompting for file downloads" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16575-3The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16953-2The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Locked-Down Intranet Zone.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16465-7eThe "XPS documents" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15920-2~The "Submit non-encrypted form data" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.#Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16861-7The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.CComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16872-4The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.OComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown< _Zones\4 CCE-16362-6jThe "Use Pop-up Blocker" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16880-7The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Locked-Down Internet Zone.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15794-1oThe "Allow META REFRESH" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16552-2pThe "Allow Scriptlets" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16987-0nThe "Turn on Protected Mode" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15900-4The "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Locked-Down Local Machine Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-15594-5The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Locked-Down Local Machine Zone.eComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16549-8The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.AComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16020-0The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Locked-Down Internet Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15021-9The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Locked-Down Local Machine Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16375-8The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Locked-Down Internet Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16238-8|The "Software channel permissions" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.!Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16613-2The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Locked-Down Internet Zone.<Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15689-3The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.EComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16298-2~The "Automatic prompting for file downloads" machine setting should be configured correctly for the Locked-Down Intranet Zone.#Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15850-1qThe "Allow font downloads" machine setting should be configured correctly for the Locked-Down Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16382-4The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15904-6The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Locked-Down Local Machine Zone.@Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Run .NET Framework-reliant compo< nents signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16030-9The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Locked-Down Internet Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16839-3The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.BComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16242-0The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.GComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16976-3nThe "Turn on Protected Mode" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16212-3yThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-15697-6{The "Submit non-encrypted form data" machine setting should be configured correctly for the Locked-Down Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-14982-3The "Automatic prompting for file downloads" machine setting should be configured correctly for the Locked-Down Local Machine Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 CCE-16867-4The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Locked-Down Internet Zone.:Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16965-6The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Locked-Down Intranet Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16193-5qThe "Scripting of Java applets" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16416-0{The "Submit non-encrypted form data" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-15980-6The "Run ActiveX controls and plugins" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16013-5{The "Launching programs and unsafe files" machine setting should be configured correctly for the Locked-Down Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-15681-0The "Access data sources across domains" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.$Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16498-8The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.CComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16811-2The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Locked-Down Internet Zone.5Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16387-3The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16622-3jThe "Logon options" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Z< ones\2 CCE-16605-8The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.DComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-17036-5zThe "Access data sources across domains" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16948-2The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Locked-Down Intranet Zone.@Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16798-1The "Open files based on content, not file extension" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.4Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16951-6lThe "Allow file downloads" machine setting should be configured correctly for the Locked-Down Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 CCE-16540-7The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Locked-Down Intranet Zone.?Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15674-5}The "Run ActiveX controls and plugins" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone."Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16504-3The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.@Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16885-6The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Locked-Down Restricted Sites Zone.HComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 CCE-16627-2The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16380-8The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.eComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16288-3qThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16342-8The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Locked-Down Intranet Zone.5Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-15985-5xThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Locked-Down Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16513-4The "Automatic prompting for file downloads" machine setting should be configured correctly for the Locked-Down Trusted Sites Zone.(Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 CCE-16183-6hThe "Loose XAML files" machine setting should be configured correctly for the Locked-Down Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16010-1The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Locked-Down Intranet Zone.GComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 CCE-16524-1bThe "File size limits for Local Machine zone" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Persistence Behavior\File size limits for Local Machine zone HKEY_CURRENT_USER\Software\Policies\< Microsoft\Internet Explorer\Persistence\0 CCE-15903-8]The "File size limits for Intranet zone" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Persistence Behavior\File size limits for Intranet zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Persistence\1 CCE-16555-5]The "File size limits for Internet zone" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Persistence Behavior\File size limits for Internet zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Persistence\3 CCE-16317-0eThe "File size limits for Restricted Sites zone" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Persistence Behavior\File size limits for Restricted Sites zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Persistence\4 CCE-15776-8bThe "File size limits for Trusted Sites zone" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Persistence Behavior\File size limits for Trusted Sites zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Persistence\2 CCE-15841-0The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Intranet Zone.'Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15360-1lThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15705-7eThe "XAML browser applications" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15619-0bThe "Use SmartScreen Filter" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Use SmartScreen Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15295-9The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Intranet Zone.)Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14928-6The "Allow active content over restricted protocols to access my computer" machine setting should be configured correctly for the Intranet Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow active content over restricted protocols to access my computer HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15818-8uThe "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15802-2mThe "Allow binary and script behaviors" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15762-8eThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15168-8nThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14930-2The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Intranet Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15775-0The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Intranet Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15082-1bThe "Turn on Protected Mode" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15534-1The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15771-9eThe "Scripting of Java applets" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15714-9yThe "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15219-9nThe "Access data sources across domains" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Secu< rity Page\Intranet Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15866-7aThe "Display mixed content" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15908-7bThe "Allow active scripting" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15846-9The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Intranet Zone.KComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15300-7hThe "Software channel permissions" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15580-4^The "Allow META REFRESH" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15899-8\The "Allow Scriptlets" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15753-7}The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15489-8`The "Allow font downloads" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15234-8jThe "Submit non-encrypted form data" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14934-4The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Intranet Zone.2Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14926-0rThe "Automatic prompting for file downloads" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15057-3`The "Userdata persistence" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14959-1The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Intranet Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15894-9`The "Allow file downloads" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15621-6oThe "Allow installation of desktop items" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15286-8wThe "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15840-2\The "Loose XAML files" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15476-5The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Intranet Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15612-5The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Intranet Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15758-6The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Intranet Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Only allow approved domains to use ActiveX co< ntrols without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15780-0oThe "Launching programs and unsafe files" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15084-7YThe "Logon options" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15784-2The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Intranet Zone.!Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15767-7^The "Use Pop-up Blocker" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15736-2{The "Open files based on content, not file extension" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15814-7The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-14943-5hThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15824-6The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Intranet Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15793-3YThe "XPS documents" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15930-1oThe "Allow status bar updates via script" machine setting should be configured correctly for the Intranet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15819-6tThe "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Intranet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16551-4UThe "Add-on Management: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16269-3AThe "Add-on List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Add-on List HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext CCE-15982-2uThe "Deny all add-ons unless specifically allowed in the Add-on List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\Deny all add-ons unless specifically allowed in the Add-on List HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Ext CCE-16921-9VThe "Add-on Management: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT CCE-15886-5nThe "Scripted Window Security Restrictions: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16462-4}The "Scripted Window Security Restrictions: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS CCE-16467-3oThe "Scripted Window Security Restrictions: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS CCE-15804-8bThe "Use Policy List of Internet Explorer 7 sites" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Use Policy List of Internet Explorer 7 sites HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\PolicyList CCE-15822-0XThe "Turn off Compatibility View button" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn off Compatibility View button HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-14932-8`The "Turn on Internet Explorer 7 Standards Mode" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn on Internet Explorer 7 Standards Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-15575-4qThe "Turn on Internet Explorer Standards Mode for Local Intranet" machine setting should be configured correct< ly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn on Internet Explorer Standards Mode for Local Intranet HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-15707-3QThe "Turn off Compatibility View" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn off Compatibility View HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-16656-1XThe "Turn off Data Execution Prevention" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Turn off Data Execution Prevention HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16661-1OThe "Turn off Data URI Support" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Turn off Data URI Support HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DATAURI CCE-15896-4ZThe "Turn off Windows Search AutoComplete" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\AutoComplete\Turn off Windows Search AutoComplete HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\WindowsSearch CCE-15859-2tThe "Launching programs and unsafe files" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16385-7sThe "Download unsigned ActiveX controls" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16053-1The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Intranet Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15450-0wThe "Automatic prompting for file downloads" current user setting should be configured correctly for the Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16437-6The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Intranet Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15735-4qThe "Run ActiveX controls and plugins" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16433-5gThe "Use SmartScreen Filter" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16424-4mThe "Software channel permissions" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16428-5qThe "Download signed ActiveX controls" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15460-9The "Allow active content over restricted protocols to access my computer" current user setting should be configured correctly for the Intranet Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow active content over restricted protocols to access my computer HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16057-2aThe "Loose XAML files" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16398-0cThe "Allow META REFRESH" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16328-7The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15673-7The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16435-0aThe "Java permissions" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16397-2yThe "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15913-7zThe "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Intranet Zone. User Configuration\Administrative Tem< plates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15696-8The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Intranet Zone.-User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16248-7|The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16114-1cThe "Use Pop-up Blocker" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16115-8fThe "Display mixed content" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16202-4aThe "Allow Scriptlets" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15421-1The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16330-3~The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16411-1jThe "Scripting of Java applets" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15854-3tThe "Allow status bar updates via script" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15464-1gThe "Turn on Protected Mode" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16358-4eThe "Userdata persistence" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15443-5The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16216-4The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Intranet Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16103-4The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Intranet Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15640-6The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Intranet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15827-9The "Open files based on content, not file extension" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16119-0eThe "Allow font downloads" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15456-7eThe "Allow file downloads" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15868-3oThe "Submit non-encrypted form data" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15823-8^The "XPS documents" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\XPS documents HKEY_CURRENT_USER\So< ftware\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15995-4rThe "Allow binary and script behaviors" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16102-6The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Intranet Zone."User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16422-8gThe "Allow active scripting" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16431-9sThe "Access data sources across domains" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15447-6The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Intranet Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16261-0jThe "XAML browser applications" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16066-3jThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15974-9tThe "Allow installation of desktop items" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16357-6The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Intranet Zone.FUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16379-0^The "Logon options" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16132-3The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16264-4mThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Intranet Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-15591-1The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Intranet Zone.$User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 CCE-16440-0gThe "Protection From Zone Elevation: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16541-5hThe "Protection From Zone Elevation: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION CCE-16568-8vThe "Protection From Zone Elevation: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION CCE-15434-4jThe "Prevent users from configuring background color" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\General Colors\Prevent users from configuring background color HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings CCE-15685-1\The "Prevent the use of Windows colors" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\General Colors\Prevent the use of Windows colors HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15417-9dThe "Prevent users from configuring text color" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\General Colors\Prevent users from configuring text color HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings CCE-16931-8bThe "Local Machine Zone Restricted Protocols" current user setting should be configured correctly.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Local Machine Zone Restricted Protocols HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-17080-3]The "Intranet Zone Restricted Protocols" current user setting should be configured correctly.< 1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Intranet Zone Restricted Protocols HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-16944-1]The "Internet Zone Restricted Protocols" current user setting should be configured correctly.1User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Internet Zone Restricted Protocols HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-16662-9eThe "Restricted Sites Zone Restricted Protocols" current user setting should be configured correctly.9User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Restricted Sites Zone Restricted Protocols HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-16097-8bThe "Trusted Sites Zone Restricted Protocols" current user setting should be configured correctly.6User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Trusted Sites Zone Restricted Protocols HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-16327-9`The "Mime Sniffing Safety Feature: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16322-0aThe "Mime Sniffing Safety Feature: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING CCE-15785-9SThe "Turn on script debugging" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing\Turn on script debugging HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15996-2`The "Turn off friendly http error messages" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing\Turn off friendly http error messages HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16754-4yThe "Turn on the display of a notification about every script error" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing\Turn on the display of a notification about every script error HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16758-5_The "Turn off configuring underline links" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing\Turn off configuring underline links HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15779-2TThe "Turn off smooth scrolling" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing\Turn off smooth scrolling HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16302-2TThe "Information Bar: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND CCE-16324-6bThe "Information Bar: Internet Explorer Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND CCE-16421-0SThe "Information Bar: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15507-7The "Allow active content over restricted protocols to access my computer" machine setting should be configured correctly for the Internet Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow active content over restricted protocols to access my computer HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15751-1The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Internet Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16145-5The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Internet Zone.'Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15520-0bThe "Use SmartScreen Filter" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Use SmartScreen Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15314-8hThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16151-3^The "Allow META REFRESH" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16138-0eThe "XAML browser applications" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16150-5eThe "Scripting of Java applets" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Scripting of Java applets HKEY< _LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16006-9The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Internet Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15277-7The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Internet Zone.KComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15292-6lThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16141-4`The "Allow file downloads" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15309-8mThe "Allow binary and script behaviors" machine setting should be configured correctly for the Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15311-4}The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15268-6aThe "Display mixed content" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15643-0The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Internet Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15993-9bThe "Allow active scripting" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16143-0jThe "Submit non-encrypted form data" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16123-2tThe "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-15629-9YThe "XPS documents" machine setting should be configured correctly for the Internet Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 CCE-16260-2TThe "Turn off Data URI Support" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Turn off Data URI Support HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DATAURI CCE-16785-8vThe "Turn on Internet Explorer Standards Mode for Local Intranet" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn on Internet Explorer Standards Mode for Local Intranet HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-16666-0VThe "Turn off Compatibility View" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn off Compatibility View HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-16652-0gThe "Use Policy List of Internet Explorer 7 sites" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Use Policy List of Internet Explorer 7 sites HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\PolicyList CCE-16679-3]The "Turn off Compatibility View button" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn off Compatibility View button HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16674-4eThe "Turn on Internet Explorer 7 Standards Mode" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Turn on Internet Explorer 7 Standards Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-16022-6hThe "Include updated Web site lists from Microsoft" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Compatibility View\Include updated Web site lists from Microsoft HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation CCE-15946-7UThe "Use UTF-8 for mailto links" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Use UTF-8 for mailto links HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols\Mailto CCE-16690-0TThe "Disable the Advanced page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Advanced page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-15805-5^The "Send internationalized domain names" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\In< ternet Explorer\Internet Control Panel\Send internationalized domain names HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-15803-0^The "Prevent ignoring certificate errors" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Prevent ignoring certificate errors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16703-1SThe "Disable the Content page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Content page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16604-1SThe "Disable the General page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the General page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16554-8SThe "Disable the Privacy page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Privacy page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16694-2WThe "Disable the Connections page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Connections page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16599-3TThe "Disable the Programs page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Programs page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16461-6TThe "Disable the Security page" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Security page HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16034-1The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Local Machine Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16147-1|The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15857-6The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15733-9mThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15729-7The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Local Machine Zone.4Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16597-7^The "XPS documents" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16681-9The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Local Machine Zone.0Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16016-8jThe "XAML browser applications" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16629-8The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Local Machine Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16707-2The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Local Machine Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16702-3qThe "Download signed ActiveX controls" machine setting should be configured correctly for the Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16508-4tThe "Allow installation of desktop items" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow installation of desktop items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16583-7mThe "Software channel permissions" machine setting should be configured correctly for the Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16423-6cThe "Allow META REFRESH" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\P< olicies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15893-1tThe "Allow status bar updates via script" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16559-7sThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16658-7~The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15770-1eThe "Userdata persistence" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15709-9eThe "Allow file downloads" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15699-2The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Local Machine Zone.PComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15713-1aThe "Loose XAML files" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16319-6gThe "Turn on Protected Mode" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15953-3jThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15706-5oThe "Submit non-encrypted form data" machine setting should be configured correctly for the Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16544-9rThe "Allow binary and script behaviors" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16165-3eThe "Allow font downloads" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15967-3The "Allow active content over restricted protocols to access my computer" machine setting should be configured correctly for the Local Machine Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow active content over restricted protocols to access my computer HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16640-5wThe "Automatic prompting for file downloads" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15708-1The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Local Machine Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15716-4cThe "Use Pop-up Blocker" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16633-0fThe "Display mixed content" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15721-4aThe "Allow Scriptlets" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16628-0The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Local Machine Zone.7Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16262-8The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Local Machine Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run .NET Framework-reliant components sig< ned with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16012-7gThe "Allow active scripting" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16451-7yThe "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16257-8jThe "Scripting of Java applets" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16579-5The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Local Machine Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16163-8zThe "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16514-2tThe "Launching programs and unsafe files" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16578-7The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Local Machine Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16266-9^The "Logon options" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16680-1The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Local Machine Zone..Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16623-1The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Local Machine Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16526-6The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Local Machine Zone.!Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16403-8sThe "Access data sources across domains" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16619-9The "Open files based on content, not file extension" machine setting should be configured correctly for the Local Machine Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-16404-6qThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Local Machine Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 CCE-15795-8nThe "Binary Behavior Security Restriction: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS CCE-15914-5mThe "Binary Behavior Security Restriction: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16443-4SThe "Admin-approved behaviors" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Admin-approved behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16192-7|The "Binary Behavior Security Restriction: Internet Explorer Processes" current user setting should be configured correctly. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS CCE-16256-0jThe "Turn Off First-Run Opt-In" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn Off First-Run Opt-In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15428-6tThe "Allow installation of desktop items" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow installation of desktop < items HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15688-5jThe "XAML browser applications" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\XAML browser applications HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16058-0The "Run .NET Framework-reliant components not signed with Authenticode" machine setting should be configured correctly for the Trusted Sites Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16023-4eThe "Allow font downloads" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow font downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16231-3The "Allow script-initiated windows without size or position constraints" machine setting should be configured correctly for the Trusted Sites Zone.0Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15962-4The "Script ActiveX controls marked safe for scripting" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16137-2The "Initialize and script ActiveX controls not marked as safe" machine setting should be configured correctly for the Trusted Sites Zone.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15943-4The "Only allow approved domains to use ActiveX controls without prompt" machine setting should be configured correctly for the Trusted Sites Zone./Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16185-1The "Navigate windows and frames across different domains" machine setting should be configured correctly for the Trusted Sites Zone.!Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Navigate windows and frames across different domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16235-4^The "XPS documents" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\XPS documents HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15344-5zThe "Turn on Cross-Site Scripting (XSS) Filter" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15372-6|The "Allow drag and drop or copy and paste files" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow drag and drop or copy and paste files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15958-2wThe "Automatic prompting for file downloads" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Automatic prompting for file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15371-8The "Web sites in less privileged Web content zones can navigate into this zone" machine setting should be configured correctly for the Trusted Sites Zone.7Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16002-8aThe "Loose XAML files" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Loose XAML files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16186-9eThe "Userdata persistence" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Userdata persistence HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15573-9The "Allow active content over restricted protocols to access my computer" machine setting should be configured correctly for the Trusted Sites Zone.1Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow active content over restricted protocols to access my computer HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15661-2gThe "Allow active scripting" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow active scripting HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16282-6The "Allow video and animation on a Web page that uses a legacy media player" machine setting should be configured correctly for the Trusted Sites Zone.4Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16133-1sThe "Download unsigned ActiveX controls" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Download unsigned ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16194-3< The "Include local directory path when uploading files to a server" machine setting should be configured correctly for the Trusted Sites Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Include local directory path when uploading files to a server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15369-2mThe "Disable .NET Framework Setup" machine setting should be configured correctly for the Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Disable .NET Framework Setup HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16354-3The "Allow websites to prompt for information using scripted windows" machine setting should be configured correctly for the Trusted Sites Zone.,Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16007-7The "Allow websites to open windows without address or status bars" machine setting should be configured correctly for the Trusted Sites Zone.*Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow websites to open windows without address or status bars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15370-0sThe "Access data sources across domains" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Access data sources across domains HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15921-0cThe "Use Pop-up Blocker" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Use Pop-up Blocker HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15628-1^The "Logon options" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Logon options HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15564-8yThe "Automatic prompting for ActiveX controls" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Automatic prompting for ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15998-8oThe "Submit non-encrypted form data" machine setting should be configured correctly for the Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Submit non-encrypted form data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16300-6mThe "Software channel permissions" machine setting should be configured correctly for the Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Software channel permissions HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15542-4cThe "Allow META REFRESH" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow META REFRESH HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16146-3rThe "Allow binary and script behaviors" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow binary and script behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16365-9qThe "Run ActiveX controls and plugins" machine setting should be configured correctly for the Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run ActiveX controls and plugins HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16345-1aThe "Allow Scriptlets" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow Scriptlets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15820-4gThe "Turn on Protected Mode" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn on Protected Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15635-6fThe "Display mixed content" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Display mixed content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15348-6gThe "Use SmartScreen Filter" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Use SmartScreen Filter HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16278-4eThe "Allow file downloads" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow file downloads HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16098-6~The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Launching applications and files in an IFRAME HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16348-5tThe "Allow status bar updates via script" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow status bar updates via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16304-8qThe "Download signed ActiveX controls" machine setting should be configured correctly for the Trusted Sites Zone. Computer Configuration\Administrative Templates\Windows Component< s\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Download signed ActiveX controls HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16199-2The "Run .NET Framework-reliant components signed with Authenticode" machine setting should be configured correctly for the Trusted Sites Zone.+Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15648-9jThe "Scripting of Java applets" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Scripting of Java applets HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16018-4tThe "Launching programs and unsafe files" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Launching programs and unsafe files HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16208-1The "Open files based on content, not file extension" machine setting should be configured correctly for the Trusted Sites Zone.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Open files based on content, not file extension HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15441-9The "Do not prompt for client certificate selection when no certificates or only one certificate exists." machine setting should be configured correctly for the Trusted Sites Zone.PComputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15994-7The "Allow scripting of Internet Explorer web browser control" machine setting should be configured correctly for the Trusted Sites Zone.%Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16245-3The "Allow cut, copy or paste operations from the clipboard via script" machine setting should be configured correctly for the Trusted Sites Zone..Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16072-1BThe "Use HTTP 1.1" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Use HTTP 1.1 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16254-5YThe "Do not save encrypted pages to disk" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Do not save encrypted pages to disk HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16142-2gThe "Do not allow resetting Internet Explorer settings" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Do not allow resetting Internet Explorer settings HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-15878-2rThe "Empty Temporary Internet Files folder when browser is closed" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Empty Temporary Internet Files folder when browser is closed HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache CCE-16827-8HThe "Turn off ClearType" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn off ClearType HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-15872-5RThe "Play animations in web pages" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Play animations in web pages HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-15877-4\The "Use HTTP 1.1 through proxy connections" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Use HTTP 1.1 through proxy connections HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16241-2TThe "Turn on Caret Browsing support" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn on Caret Browsing support HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing CCE-15863-4NThe "Play sounds in web pages" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Play sounds in web pages HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16027-5LThe "Intranet Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Settings\Template Policies CCE-16805-4QThe "Local Machine Zone Template" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Settings\Template Policies CCE-15885-7XThe "Locked-Down Internet Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Lockdown Settings\Template Policies CCE-15828-7aThe "Turn on automatic detection of the intranet" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on automatic detection of the intranet HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-16439-2QThe "Trusted Sites Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted< Sites Settings\Template Policies CCE-16644-7XThe "Locked-Down Intranet Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Lockdown Settings\Template Policies CCE-16657-9TThe "Restricted Sites Zone Template" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Settings\Template Policies CCE-16800-5`The "Locked-Down Restricted Sites Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Lockdown Settings\Template Policies CCE-16255-2]The "Locked-Down Local Machine Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Lockdown Settings\Template Policies CCE-16458-2]The "Locked-Down Trusted Sites Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Lockdown Settings\Template Policies CCE-16630-6tThe "Intranet Sites: Include all sites that bypass the proxy server" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all sites that bypass the proxy server HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-15815-4RThe "Site to Zone Assignment List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16158-8The "Intranet Sites: Include all local (intranet) sites not listed in other zones" machine setting should be configured correctly.&Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all local (intranet) sites not listed in other zones HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-15829-5oThe "Turn on Information bar notification for intranet content" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on Information bar notification for intranet content HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16780-9eThe "Turn on Warn about Certificate Address Mismatch" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on Warn about Certificate Address Mismatch HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16384-0LThe "Internet Zone Template" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone Template HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Template Policies CCE-15660-4GThe "Pop-up allow list" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Pop-up allow list HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\New Windows CCE-16166-1oThe "Turn off configuration of tabbed browsing pop-up behavior" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of tabbed browsing pop-up behavior HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-15789-1]The "Configure new tab page default behavior" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Configure new tab page default behavior HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16005-1jThe "Turn off the auto-complete feature for web addresses" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the auto-complete feature for web addresses HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete CCE-16106-7NThe "Turn off tabbed browsing" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off tabbed browsing HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-16349-3SThe "Turn on Compatibility Logging" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on Compatibility Logging HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_logging CCE-15563-0tThe "Turn off configuration of default behavior of new tab creation" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of default behavior of new tab creation HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-15749-5LThe "Set tab process growth" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Set tab process growth HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16353-5iThe "Turn off displaying the Internet Explorer Help Menu" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off displaying the Internet Explorer Help Menu HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16388-1cThe "Restrict changing the default search provider" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Restrict changing the default search provider HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-15397-3QThe "Turn on menu bar by default" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn on menu bar by default HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16290-9kThe "Turn off suggestions for all user-installed providers" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off suggestions for all user-installed providers HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\SearchScopes CCE-15704-0LThe "Turn off Favorites bar" machine setting should be config< ured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Favorites bar HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\LinksBar CCE-15545-7dThe "Turn off the activation of the quick pick menu" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off the activation of the quick pick menu HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\SearchScopes CCE-15414-6^The "Turn off Automatic Crash Recovery Prompt" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Automatic Crash Recovery Prompt HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Recovery CCE-16191-9\The "Turn off configuration of window reuse" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off configuration of window reuse HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-15419-5WThe "Turn off Quick Tabs functionality" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Quick Tabs functionality HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing CCE-16271-9YThe "Turn off Managing Pop-up Allow list" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Managing Pop-up Allow list HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15655-4The "Add a specific list of search providers to the user's search provider list" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Add a specific list of search providers to the user's search provider list HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-15917-8oThe "Restrict search providers to a specific list of providers" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Restrict search providers to a specific list of providers HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-16393-1YThe "Turn off page zooming functionality" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off page zooming functionality HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\ZOOM CCE-16249-5NThe "Enforce Full Screen Mode" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Enforce Full Screen Mode HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-15403-9QThe "Customize User Agent String" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Customize User Agent String HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent CCE-15613-3jThe "Prevent Internet Explorer Search box from displaying" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Prevent Internet Explorer Search box from displaying HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-16378-2[The "Turn off managing Pop-up filter level" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off managing Pop-up filter level HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16060-6[The "Turn off Reopen Last Browsing Session" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off Reopen Last Browsing Session HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Recovery CCE-16148-9PThe "Turn off pop-up management" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Turn off pop-up management HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16309-7SThe "Turn off picture display" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia\Turn off picture display HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16573-8\The "Turn off automatic image resizing" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia\Turn off automatic image resizing HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16569-6kThe "Allow the display of image download placeholders" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia\Allow the display of image download placeholders HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16688-4YThe "Turn off smart image dithering" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia\Turn off smart image dithering HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer CCE-14923-7VThe "Turn off InPrivate Browsing" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Turn off InPrivate Browsing HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15465-8XThe "InPrivate Filtering Threshold" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\InPrivate Filtering Threshold HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-15725-5bThe "Do not collect InPrivate Filtering data" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Do not collect InPrivate Filtering data HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-15855-0yThe "Disable toolbars and extensions when InPrivate Browsing starts" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Disable toolbars and extensions when InPrivate Browsing starts HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-15337-9WThe "Turn off InPrivate Filtering" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Turn off InPrivate Filtering HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-16928-4RThe "Turn off InPrivate Filtering" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Turn off InPrivate Filtering HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-16810-4tThe "Disable toolbars and extensions when InPrivate Browsing starts" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Disable toolbars and extensions when< InPrivate Browsing starts HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-16171-1]The "Do not collect InPrivate Filtering data" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\Do not collect InPrivate Filtering data HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-16164-6SThe "InPrivate Filtering Threshold" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\InPrivate\InPrivate Filtering Threshold HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE CCE-15910-3hThe "Prevent users from choosing default text size" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\Prevent users from choosing default text size HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16286-7xThe "Download unsigned ActiveX controls" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Download unsigned ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16693-4fThe "Allow Scriptlets" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow Scriptlets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16802-1The "Allow websites to prompt for information using scripted windows" current user setting should be configured correctly for the Trusted Sites Zone.'User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow websites to prompt for information using scripted windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16701-5wThe "Allow binary and script behaviors" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow binary and script behaviors HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16493-9lThe "Turn on Protected Mode" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn on Protected Mode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16815-3cThe "Logon options" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Logon options HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16723-9rThe "Disable .NET Framework Setup" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Disable .NET Framework Setup HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16520-9hThe "Use Pop-up Blocker" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Use Pop-up Blocker HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16313-9The "Do not prompt for client certificate selection when no certificates or only one certificate exists." current user setting should be configured correctly for the Trusted Sites Zone.KUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Do not prompt for client certificate selection when no certificates or only one certificate exists. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16621-5|The "Automatic prompting for file downloads" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Automatic prompting for file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16586-0The "Allow drag and drop or copy and paste files" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow drag and drop or copy and paste files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16308-9yThe "Allow installation of desktop items" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow installation of desktop items HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16731-2cThe "XPS documents" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\XPS documents HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16157-0vThe "Download signed ActiveX controls" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Download signed ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16506-8The "Allow websites to open windows without address or status bars" current user setting should be configured correctly for the Trusted Sites Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow websites to open windows without address or status bars HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15852-7fThe "Loose XAML files" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Loose XAML files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16647-0The "Turn on Cross-Site Scripting (XSS) Filter" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn on Cross-Site Scripting (XSS) Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16368-3hThe "Allow META REFRESH" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Temp< lates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow META REFRESH HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16048-1tThe "Submit non-encrypted form data" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Submit non-encrypted form data HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15833-7vThe "Run ActiveX controls and plugins" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run ActiveX controls and plugins HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16207-3The "Run .NET Framework-reliant components signed with Authenticode" current user setting should be configured correctly for the Trusted Sites Zone.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run .NET Framework-reliant components signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16634-8jThe "Userdata persistence" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Userdata persistence HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16509-2oThe "XAML browser applications" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\XAML browser applications HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16747-8~The "Automatic prompting for ActiveX controls" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Automatic prompting for ActiveX controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15845-1The "Web sites in less privileged Web content zones can navigate into this zone" current user setting should be configured correctly for the Trusted Sites Zone.2User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Web sites in less privileged Web content zones can navigate into this zone HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15837-8jThe "Allow font downloads" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow font downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16289-1jThe "Allow file downloads" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow file downloads HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16008-5xThe "Access data sources across domains" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Access data sources across domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16639-7The "Allow script-initiated windows without size or position constraints" current user setting should be configured correctly for the Trusted Sites Zone.+User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow script-initiated windows without size or position constraints HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16355-0oThe "Turn Off First-Run Opt-In" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Turn Off First-Run Opt-In HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16766-8The "Initialize and script ActiveX controls not marked as safe" current user setting should be configured correctly for the Trusted Sites Zone.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Initialize and script ActiveX controls not marked as safe HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16564-7rThe "Software channel permissions" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Software channel permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16791-6The "Allow video and animation on a Web page that uses a legacy media player" current user setting should be configured correctly for the Trusted Sites Zone./User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow video and animation on a Web page that uses a legacy media player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16771-8The "Navigate windows and frames across different domains" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Navigate windows and frames across different domains HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16084-6The "Allow cut, copy or paste operations from the clipboard via script" current user setting should be configured correctly for the Trusted Sites Zone.)User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow cut, copy or paste operations from the clipboard via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15835-2oThe "Scripting of Java applets" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Scripting of Java applets HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16686-8The "Only allow approved domains to use ActiveX controls without prompt" current user setting should be configured correctly for the Trusted Sites Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Only allow approved domains to use ActiveX controls without prompt HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Cur< rentVersion\Internet Settings\Zones\2 CCE-16021-8The "Open files based on content, not file extension" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Open files based on content, not file extension HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16806-2yThe "Allow status bar updates via script" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow status bar updates via script HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16170-3The "Launching applications and files in an IFRAME" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Launching applications and files in an IFRAME HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16612-4lThe "Use SmartScreen Filter" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Use SmartScreen Filter HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16038-2The "Run .NET Framework-reliant components not signed with Authenticode" current user setting should be configured correctly for the Trusted Sites Zone.*User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Run .NET Framework-reliant components not signed with Authenticode HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15848-5The "Allow active content over restricted protocols to access my computer" current user setting should be configured correctly for the Trusted Sites Zone.,User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow active content over restricted protocols to access my computer HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16277-6The "Allow scripting of Internet Explorer web browser control" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow scripting of Internet Explorer web browser control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16377-4lThe "Allow active scripting" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Allow active scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16625-6kThe "Display mixed content" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Display mixed content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16409-5The "Include local directory path when uploading files to a server" current user setting should be configured correctly for the Trusted Sites Zone.%User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Include local directory path when uploading files to a server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15965-7The "Script ActiveX controls marked safe for scripting" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Script ActiveX controls marked safe for scripting HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16250-3fThe "Java permissions" current user setting should be configured correctly for the Trusted Sites Zone.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Java permissions HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-16167-9yThe "Launching programs and unsafe files" current user setting should be configured correctly for the Trusted Sites Zone. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Launching programs and unsafe files HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 CCE-15849-3zThe "Prevent the configuration of cipher strength update information URLs" machine setting should be configured correctly.'Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Component Updates\Help Menu > About Internet Explorer\Prevent the configuration of cipher strength update information URLs HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion CCE-15964-0The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Internet Explorer Processes" current user setting should be configured correctly.mUser Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt CCE-15991-3The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: Process List" current user setting should be configured correctly..User Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15969-9The "Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt: All Processes" current user setting should be configured correctly._User Configuration\Administrative Templates\Windows Components\Internet Explorer\Application Compatibility\Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt CCE-16956-5OThe "Hide the Command Bar" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Hide the Command Bar HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16722-1fThe "Disable customizing browser toolbar buttons" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Disable customizing browser toolbar buttons HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer CCE-16952-4QThe "Auto-hide the Toolbars"< current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Auto-hide the Toolbars HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16051-5SThe "Customize Command Labels" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Customize Command Labels HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16930-0cThe "Set location of Stop and Refresh buttons" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Set location of Stop and Refresh buttons HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16700-7SThe "Turn off Developer Tools" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Turn off Developer Tools HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\IEDevTools CCE-16863-3XThe "Turn off toolbar upgrade tool" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Turn off toolbar upgrade tool HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions CCE-16727-0LThe "Lock all Toolbars" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Lock all Toolbars HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Toolbar CCE-16969-8^The "Use large Icons for Command Buttons" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Use large Icons for Command Buttons HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-16590-2_The "Disable customizing browser toolbars" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Disable customizing browser toolbars HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer CCE-16868-2NThe "Hide the Status Bar" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Hide the Status Bar HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15060-7^The "Network Protocol Lockdown: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN CCE-15791-7lThe "Network Protocol Lockdown: Internet Explorer Processes" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN CCE-15817-0]The "Network Protocol Lockdown: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15296-7XThe "Intranet Zone Restricted Protocols" machine setting should be configured correctly.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Intranet Zone Restricted Protocols HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-15529-1]The "Trusted Sites Zone Restricted Protocols" machine setting should be configured correctly.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Trusted Sites Zone Restricted Protocols HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-15040-9`The "Restricted Sites Zone Restricted Protocols" machine setting should be configured correctly.>Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Restricted Sites Zone Restricted Protocols HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-15890-7]The "Local Machine Zone Restricted Protocols" machine setting should be configured correctly.;Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Local Machine Zone Restricted Protocols HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-15895-6XThe "Internet Zone Restricted Protocols" machine setting should be configured correctly.6Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protocols Per Security Zone\Internet Zone Restricted Protocols HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols CCE-16175-2hThe "Local Machine Zone Lockdown Security: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16669-4wThe "Local Machine Zone Lockdown Security: Internet Explorer Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN CCE-16162-0iThe "Local Machine Zone Lockdown Security: All Processes" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN CCE-16061-4iThe "MK Protocol Security Restriction: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16982-1jThe "MK Protocol Security Restriction: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL CCE-16938-3xThe "MK Protocol Security Restriction: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL CCE-16128-1gThe "Info< rmation Bar: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND CCE-15726-3YThe "Information Bar: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND CCE-15264-5XThe "Information Bar: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Information Bar\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-17109-0nThe "Maximum number of connections per server (HTTP 1.0)" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Maximum number of connections per server (HTTP 1.0) HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER CCE-16161-2\The "Turn off Cross Document Messaging" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Turn off Cross Document Messaging HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOCUMENT_MESSAGING CCE-16743-7nThe "Maximum number of connections per server (HTTP 1.1)" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Maximum number of connections per server (HTTP 1.1) HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER CCE-17122-3]The "Turn off the XDomainRequest Object" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Turn off the XDomainRequest Object HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST CCE-17113-2_The "Enable Native XMLHttpRequest Support" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Enable Native XMLHttpRequest Support HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15717-2LThe "Auto-hide the Toolbars" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Auto-hide the Toolbars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-15950-9NThe "Turn off Developer Tools" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Turn off Developer Tools HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\IEDevTools CCE-15972-3GThe "Lock all Toolbars" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Lock all Toolbars HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbar CCE-15474-0YThe "Use large Icons for Command Buttons" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Use large Icons for Command Buttons HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-15945-9^The "Set location of Stop and Refresh buttons" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Set location of Stop and Refresh buttons HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-15472-4SThe "Turn off toolbar upgrade tool" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Turn off toolbar upgrade tool HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions CCE-15874-1JThe "Hide the Command Bar" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Hide the Command Bar HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-15471-6NThe "Customize Command Labels" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Customize Command Labels HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\CommandBar CCE-15860-0IThe "Hide the Status Bar" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Toolbars\Hide the Status Bar HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16394-9XThe "Turn off the XDomainRequest Object" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Turn off the XDomainRequest Object HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST CCE-16244-6iThe "Maximum number of connections per server (HTTP 1.1)" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Maximum number of connections per server (HTTP 1.1) HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER CCE-16275-0iThe "Maximum number of connections per server (HTTP 1.0)" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Maximum number of connections per server (HTTP 1.0) HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER CCE-16372-5WThe "Turn off Cross Document Messaging" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Turn off Cross Document Messaging HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOCUMENT_MESSAGING CCE-15496-3ZThe "Enable Native XMLHttpRequest Support" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\AJAX\Enable Native XMLHttpRequest Support HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main CCE-16472-3_The "Turn off Windows Search AutoComplete" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\AutoComplete\Turn off Windows Search AutoComplete HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\WindowsSearch CCE-16704-9hThe "Turn on inline AutoComplete for Web addresses" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\AutoComplete\Turn on inline AutoComplete for Web addresses HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete CCE-15484-9bThe "Consistent Mime Handling: All Processes" current user setting should be configured correctly.User Configuration< \Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING CCE-15836-0pThe "Consistent Mime Handling: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING CCE-16087-9aThe "Consistent Mime Handling: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Consistent Mime Handling\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16405-3dThe "Prevent Deleting Temporary Internet Files" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Temporary Internet Files HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-16414-5_The "Prevent Deleting Favorites Site Data" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Favorites Site Data HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15670-3kThe "Turn off "Delete Browsing History" functionality" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Turn off "Delete Browsing History" functionality HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16427-7UThe "Prevent Deleting Form Data" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Form Data HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-15683-6UThe "Prevent Deleting Passwords" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Passwords HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16432-7XThe "Disable "Configuring History"" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Disable "Configuring History" HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-15533-3oThe "Prevent Deleting Web sites that the User has Visited" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Web sites that the User has Visited HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15466-6SThe "Prevent Deleting Cookies" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting Cookies HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-15925-1dThe "Prevent Deleting InPrivate Filtering data" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Delete Browsing History\Prevent Deleting InPrivate Filtering data HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Privacy CCE-16332-9`The "Restrict File Download: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD CCE-16337-8nThe "Restrict File Download: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD CCE-16323-8_The "Restrict File Download: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Restrict File Download\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16293-3mThe "Local Machine Zone Lockdown Security: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16672-8|The "Local Machine Zone Lockdown Security: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN CCE-15799-0nThe "Local Machine Zone Lockdown Security: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN CCE-16518-3bThe "Protection From Zone Elevation: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16641-3cThe "Protection From Zone Elevation: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION CCE-16862-5OThe "Disable the Programs page" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Programs page HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16858-3NThe "Disable the Content page" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Content page HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16981-3PThe "Use UTF-8 for mailto links" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Use UTF-8 for mailto links HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols\Mailto CCE-16488-9NThe "Disable the General page" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the General page HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16990-4YThe "Send internationali< zed domain names" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Send internationalized domain names HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16598-5RThe "Disable the Connections page" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Connections page HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16068-9NThe "Disable the Privacy page" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Disable the Privacy page HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16112-5iThe "Binary Behavior Security Restriction: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS CCE-16389-9NThe "Admin-approved behaviors" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Admin-approved behaviors HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-15631-5hThe "Binary Behavior Security Restriction: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16376-6wThe "Binary Behavior Security Restriction: Internet Explorer Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction\Internet Explorer Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS CCE-15410-4SThe "Turn on Automatic Signup" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Advanced settings\Signup Settings\Turn on Automatic Signup HKEY_CURRENT_USER\Software\Policies\Microsoft\IEAK CCE-15951-7IThe "Microsoft Chat" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Microsoft Chat HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-16101-8JThe "Microsoft Agent" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Microsoft Agent HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15867-5JThe "Shockwave Flash" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Shockwave Flash HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15937-6CThe "Carpoint" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Carpoint HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15616-6MThe "Audio/Video Player" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Audio/Video Player HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15224-9@The "MSNBC" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\MSNBC HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15140-7CThe "Investor" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Investor HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-16000-2SThe "Microsoft Survey Control" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Microsoft Survey Control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-16074-7XThe "Microsoft Scriptlet Component" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Microsoft Scriptlet Component HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-16070-5XThe "NetShow File Transfer Control" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\NetShow File Transfer Control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15378-3MThe "DHTML Edit Control" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\DHTML Edit Control HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-15978-0HThe "Menu Controls" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Administrator Approved Controls\Menu Controls HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls CCE-16037-4aThe "Disable Open in New Window menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Disable Open in New Window menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15786-7OThe "Disable Context menu" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Disable Context menu HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15933-5]The "File menu: Disable New menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\File menu: Disable New menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15131-6_The "Help menu: Remove 'Tour' menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Help menu: Remove 'Tour' menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15929-3hThe "Help menu: Remove 'Send Feedback' menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Help menu: Remove 'Send Feedback' menu option HKEY_CURRENT_USER\Software\Po< licies\Microsoft\Internet Explorer\Restrictions CCE-15905-3gThe "File menu: Disable Save As Web Page Complete" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\File menu: Disable Save As Web Page Complete HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions CCE-15955-8^The "File menu: Disable Open menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\File menu: Disable Open menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15808-9`The "View menu: Disable Source menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\View menu: Disable Source menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15125-8NThe "Turn off Print Menu" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Turn off Print Menu HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16042-4vThe "File menu: Disable closing the browser and Explorer windows" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\File menu: Disable closing the browser and Explorer windows HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15302-3dThe "File menu: Disable Save As... menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\File menu: Disable Save As... menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15918-6eThe "View menu: Disable Full Screen menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\View menu: Disable Full Screen menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15927-7nThe "Tools menu: Disable Internet Options... menu option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Tools menu: Disable Internet Options... menu option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-16052-3NThe "Hide Favorites menu" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus\Hide Favorites menu HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions CCE-15923-6iThe "Scripted Window Security Restrictions: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15928-5jThe "Scripted Window Security Restrictions: All Processes" machine setting should be configured correctly. Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS CCE-17005-0dThe "MK Protocol Security Restriction: Process List" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Process List HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-16763-5eThe "MK Protocol Security Restriction: All Processes" machine setting should be configured correctly.Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\All Processes HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL CCE-15341-1qThe "Object Caching Protection: Internet Explorer Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\Internet Explorer Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING CCE-16214-9cThe "Object Caching Protection: All Processes" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\All Processes HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING CCE-15844-4bThe "Object Caching Protection: Process List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Object Caching Protection\Process List HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl CCE-15637-2YThe "Restricted Sites Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Settings\Template Policies CCE-15316-3jThe "Turn on Warn about Certificate Address Mismatch" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on Warn about Certificate Address Mismatch HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16301-4yThe "Intranet Sites: Include all sites that bypass the proxy server" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all sites that bypass the proxy server HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-16172-9]The "Locked-Down Internet Zone Template" current user setting should be configured correctly. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Lockdown Settings\Template Policies CCE-15887-3VThe "Trusted Sites Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Settings\Template Policies CCE-16111-7QThe "Intranet Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Settings\Template Policies CCE-16297-4bThe "Locked-Down Local Machine Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Lockdown < Settings\Template Policies CCE-15865-9QThe "Internet Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Template Policies CCE-16259-4WThe "Site to Zone Assignment List" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Site to Zone Assignment List HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16273-5tThe "Turn on Information bar notification for intranet content" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on Information bar notification for intranet content HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16306-3]The "Locked-Down Intranet Zone Template" current user setting should be configured correctly. User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Lockdown Settings\Template Policies CCE-16124-0VThe "Local Machine Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Settings\Template Policies CCE-16284-2fThe "Turn on automatic detection of the intranet" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Turn on automatic detection of the intranet HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-16287-5eThe "Locked-Down Restricted Sites Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Lockdown Settings\Template Policies CCE-16310-5bThe "Locked-Down Trusted Sites Zone Template" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone Template HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Lockdown Settings\Template Policies CCE-16120-8The "Intranet Sites: Include all local (intranet) sites not listed in other zones" current user setting should be configured correctly.!User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all local (intranet) sites not listed in other zones HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-16049-9kThe "Intranet Sites: Include all network paths (UNCs)" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Sites: Include all network paths (UNCs) HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap CCE-16801-3SThe "Play sounds in web pages" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Play sounds in web pages HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-15924-4pThe "Allow active content from CDs to run on user machines" current user setting should be configured correctly.&User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow active content from CDs to run on user machines HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings CCE-16056-4fThe "Check for signatures on downloaded programs" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Check for signatures on downloaded programs HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Download CCE-15932-7|The "Allow software to run or install even if the signature is invalid" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow software to run or install even if the signature is invalid HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Download CCE-15938-4VThe "Turn off Encryption Support" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn off Encryption Support HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-15940-0wThe "Empty Temporary Internet Files folder when browser is closed" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Empty Temporary Internet Files folder when browser is closed HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache CCE-16908-6lThe "Do not allow resetting Internet Explorer settings" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Do not allow resetting Internet Explorer settings HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel CCE-16899-7lThe "Automatically check for Internet Explorer updates" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Automatically check for Internet Explorer updates HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16592-8bThe "Check for server certificate revocation" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Check for server certificate revocation HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16920-1WThe "Play animations in web pages" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Play animations in web pages HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16725-4MThe "Turn off ClearType" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn off ClearType HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16742-9YThe "Turn on Caret Browsing support" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Turn on Caret Browsing support HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing CCE-16606-6aThe "Use HTTP 1.1 through proxy connection<N s" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Use HTTP 1.1 through proxy connections HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-15973-1^The "Do not save encrypted pages to disk" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Do not save encrypted pages to disk HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16720-5_The "Allow third-party browser extensions" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Allow third-party browser extensions HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main CCE-16916-9GThe "Use HTTP 1.1" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page\Use HTTP 1.1 HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings CCE-16383-2YThe "Turn on the hover color option" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\Link Colors\Turn on the hover color option HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings CCE-16515-9The "Prevent users from configuring the color of links that have already been clicked" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\Link Colors\Prevent users from configuring the color of links that have already been clicked HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings CCE-16770-0iThe "Prevent users from configuring the hover color" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\Link Colors\Prevent users from configuring the hover color HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings CCE-15911-1The "Prevent users from configuring the color of links that have not yet been clicked" current user setting should be configured correctly.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Settings\Display settings\Link Colors\Prevent users from configuring the color of links that have not yet been clicked HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings$ I cZ"1@P| `oS dQsA41 B +<,;IXgz[( B~D8*@["Uj~*{ν  %:O d1y'ɍ I )MIq@*<v>Oad+yuy6\tu b4 H L]Lrv % 6^ Y| *<QMo`=sG jݫ/=[;= ; + ? R f z  q Oi  5` l  e1  T 0) oQ= lO !`  r  ϑ ~  ~ - y  = \ ccB f2 O. @ R 1d s 3 { á S + s  K+ : I #Y kh w C Ӵ  c ;   / [> M \ 3l {{ Ê S + s  dMbP?_*+%,&ffffff?'ffffff?(?)?M\\MBPS1\1S412-OC.  od XXʀ0CourierArial 0X o   COPIES@PJL JOB NAME="!JOBNAME" @PJL SET GUISTARTJOB=1 @PJL EOJ Сpxxxxb Ц Oce im2830 Series PS3MckinleyU  X !                                                    q q 18050,E211111111111111111111111C,1003,E211,2124,E1,q q q Pq q q @q q q 0q q аq q pq q q `q q q Pq q q @q q q 0q q "dXX333333?333333?&<3U} 9} 9} 9} 29} ;}  9} (<} #<}  %=} %9} $ 9  ,  ,  @                                : : > > > > ; > ? ? @  @ A B B BC B D D EE A B B BC B D D EE A B B BC B D D EE A B B BC B D! D EE A" B# B B$C B% D& D EE A' B( B B)C B D* D EE A+ B, B B- C B. D/ D EE A0 B1 B B2 C B3 D4 D EE A5 B6 B B7 C B8 D9 D EE A: B; B B< C B= D> D EE A? B@ B BA C BB DC D EE AD BE B BFC BG DH D EE AI BJ B BKC B DL D EE AM BN B BOC B DP D FF AQ BR BS BTC BU DV D FF AW BX B BYC B DZ D FF A[ B\ B B]C B^ D_ D FF A` Ba B BbC Bc Dd D FF Ae Bf B BgC Bh Di D FF Aj Bk B BlC Bm Dn D FF Ao Bp B BqC Br Ds D FF At Bu B BvC Bw Dx D FF Ay Bz B B{C B| D} D FF A~ B B BC B D D FF A B B BC B D D FF A B B BC B D D FF A B B BC B D D FF A B B BC B D D FF A B B BC B D D FF Dlzzzzzzzzzzzzzzzzzzzzzzzzzzzz ! " # $ % & ' ( ) * +  , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ?  A B B B C B D D FF !A !B !B !B!C !B !D !D !FF "A "B "B "B"C "B "D "D "FF #A #B #B #B#C #B #D #D #FF $A $B $B $B$C $B $D $D $FF %A %B %B %B%C %B %D %D %FF &A &B &B &B&C &B &D &D &FF 'A 'B 'B 'B'C 'B 'D 'D 'FF (A (B (B (B(C (B (D (D (FF )A )B )B )B)C )B )D )D )FF *A *B *B *B*C *B *D *D *FF +A +B +B +B+C +B +D +D +FF ,A ,B ,B ,B,C ,B ,D ,D ,FF -A -B -B -B-C -B -D -D -FF .A .B .B .B.C .B .D .D .FF /A /B /B /B/C /B /D /D /FF 0A 0B 0B 0B0C 0B 0D 0D 0FF 1A 1B 1B 1B1C 1B 1D 1D 1FF 2A 2B 2B 2B2C 2B 2D 2D 2FF 3A 3B 3B 3B3C 3B 3D 3D 3FF 4A 4B 4B 4B4C 4B 4D 4D 4FF 5A 5B 5B 5B 5C 5B  5D  5D 5FF 6A  6B  6B 6B6C 6B 6D 6D 6FF 7A 7B 7B 7B7C 7B 7D 7D 7FF 8A 8B 8B 8B8C 8B 8D 8D 8FF 9A 9B 9B 9B9C 9B 9D 9D 9FF :A  :B! :B :B":C :B# :D$ :D :FF ;A% ;B& ;B ;B';C ;B( ;D) ;D ;FF <A* <B+ <B <B,<C <B- <D. <D <FF =A/ =B0 =BS =B1=C =B2 =D3 =D =FF >A4 >B5 >B >B6>C >B7 >D8 >D >FF ?A9 ?B: ?B ?B;?C ?B< ?D= ?D ?FF Dlzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz@ A B  C D E F G H I J  K L M N O P Q R S T U V W X Y Z [ \ ] ^ _  @A> @B? @B @B@@C @BA @DB @D @FF AAC ABD AB ABEAC ABF ADG AD AFF BAH BBI BB BBJBC BBK BDL BD BFF CAM CBN CB CBOCC CBP CDQ CD CFF DAR DBS DB DBTDC DB DDU DD DFF EAV EBW EB EBXEC EB EDY ED EFF FAZ FB[ FB FB\FC FB FD] FD FFF GA^ GB_ GB GB`GC GB GDa GD GFF HAb HBc HB HBdHC HB HDe HD HFF IAf IBg IB IBhIC IB IDi ID IFF JAj JBk JB JBlJC JB JDm JD JFF KAn KBo KB KBpKC KB KDq KD KFF LAr LBs LB LBtLC LBu LDv LD LFF MAw MBx MB MByMC MBz MD{ MD MFF NA| NB} NB~ NBNC NB ND ND NFF OA OB OB OBOC OB OD OD OFF PA PB PB PBPC PB PD PD PEE QA QB QB QBQC QB QD QD QEE RA RB RB RBRC RB RD RD REE SA SB SB SBSC SB SD SD SEE TA TB TB TBTC TB TD TD TG T G UA UB UB UBUC UB UD UD UEE VA VB VB VBVC VB VD VD VEE WA WB WB WBWC WB WD WD WG W G XA XB XB XBXC XB XD XD XEE YA YB YB YBYC YB YD YD YEE ZA ZB ZB~ ZBZC ZB ZD ZHEE [A [B [B [B[C [B [D [D [EE \A \B \B \B\C \B \D \D \EE ]A ]B ]B ]B]C ]B ]D ]D ]EE ^A ^B ^B ^B^C ^B ^D ^D ^EE _A _B _B _B_C _B _D _D _EE Dlzzzzzzzzzzzzzzzzzzzzzzzznzzzz` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~   `A `B `B `B`C `B `D `D `EE aA aB aB aB aCFH aD aEE bA bB bB bB bCFH bD bG b G cA cB cB cB cCFH cD cG c G dA dB dB dB dCFH dD dEE eA eB eB eB eCFH eD eG e G fA fB fB fB fCFH fD fEE gA gB gB gB gCFH gD gG g G hA hB hB hBhCFHHEE iA iB iB iBiCFHHEE jA jB jB jBjCFHHEE kA kB kB kB kCFH kD kEE lA lB lB lB lCFH lD lEE mA mB  mB mB  mCFH mD mG  m G  nA  nB nB nB nCFH nD nG n G oA oB oB oB oCFH oD oG o G pA pB pBS pB pCFH pD pEE qA qB qBS qB qCFH qD qEE rA rB rBS rB rCFH rD rEE sA  sB! sBS sB" sCFH sD sEE tA# tB$ tBS tB% tCFH tD tEE uA& uB' uBS uB( uCFH uD uEE vA) vB* vBS vB+ vCFH vD vEE wA, wB- wBS wB. wCFH wD wEE xA/ xB0 xB xB1 xCFH xD xG2 x G3 yA4 yB5 yB yB6 yCFH yD yG7 y G8 zA9 zB: zB zB; zCFH zD zEE {A< {B= {B {B> {CFH {D {EE |A? |B@ |B |BA |CFH |D |EE }AB }BC }B }BD }CFH }D }GE } GF ~AG ~BH ~B ~BI ~CFH ~D ~EE AJ BK B BL CFH D EE D`lzdrrdrdrNNNddrrrddddddddrrdddrd                                     AM BN B BO CFH D GP GQ AR BS B BT CFH D GU GV AW BX BY BZ CFH D EE A[ B\ B B] CFH D EE A^ B_ B B` CFH D EE Aa Bb Bc BdCFHHEE Ae Bf B Bg CFH D EE Ah Bi B Bj CFH D EE Ak Bl B Bm CFH D Gn Go Ap Bq B BrCFHHEE As Bt Bu Bv CFH D Gw Gx Ay Bz B B{ CFH D G| G} A~ B B B CFH D G G A B B B CFH D EE A B B B CFH D EE A B B B CFH D EE A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B BCFHHFF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF DlrrdddNddrNrrrddddddNddddddddddd                                 A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A  B  B B  CFH D FF A  B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B  B B! CFH D FF A" B# B B$ CFH D FF A% B& B B' CFH D FF A( B) B B* CFH D FF A+ B, B B- CFH D FF A. B/ B B0 CFH D FF A1 B2 B B3 CFH D FF A4 B5 B B6 CFH D FF A7 B8 B B9 CFH D FF A: B; B B< CFH D FF A= B> B B? CFH D FF A@ BA B BB CFH D FF AC BD B BE CFH D FF AF BG B BH CFH D FF AI BJ B BK CFH D FF AL BM B BN CFH D FF AO BP B BQ CFH D FF AR BS B BT CFH D FF AU BV B BW CFH D FF AX BY B BZ CFH D FF A[ B\ B B] CFH D FF A^ B_ B B` CFH D FF Aa Bb B Bc CFH D FF Ad Be B Bf CFH D FF Ag Bh B Bi CFH D FF Aj Bk B Bl CFH D FF Am Bn B Bo CFH D FF Ap Bq B Br CFH D FF As Bt B Bu CFH D FF Av Bw B Bx CFH D FF Ay Bz B B{ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A| B} B B~ CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                      A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A  B  B B  CFH D FF A  B  B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A! B" B B# CFH D FF A$ B% B B& CFH D FF A' B( B B) CFH D FF A* B+ B B, CFH D FF A- B. B B/ CFH D FF A0 B1 B B2 CFH D FF A3 B4 B B5 CFH D FF A6 B7 B B8 CFH D FF A9 B: B B; CFH D FF Dlddddddddddddddddddddddddddddddd  ! " # $ % & ' ( ) * + ,  - . / 0 1 2 3 4 5 6  7 8 9 : ; < = > ?  A< B= B B> CFH D FF !A? !B@ !B !BA !CFH !D !FF "AB "BC "B "BD "CFH "D "FF #AE #BF #B #BG #CFH #D #FF $AH $BI $B $BJ $CFH $D $FF %AK %BL %B %BM %CFH %D %FF &AN &BO &B &BP &CFH &D &FF 'AQ 'BR 'B 'BS 'CFH 'D 'FF (AT (BU (B (BV (CFH (D (FF )AW )BX )B )BY )CFH )D )FF *AZ *B[ *B *B\ *CFH *D *FF +A] +B^ +B +B_ +CFH +D +FF ,A` ,Ba ,B ,Bb ,CFH ,D ,FF -Ac -Bd -B -Be -CFH -D -FF .Af .Bg .B .Bh .CFH .D .FF /Ai /Bj /B /Bk /CFH /D /FF 0Al 0Bm 0B 0Bn 0CFH 0D 0FF 1Ao 1Bp 1B 1Bq 1CFH 1D 1FF 2Ar 2Bs 2B 2Bt 2CFH 2D 2FF 3Au 3Bv 3B 3Bw 3CFH 3D 3FF 4Ax 4By 4B 4Bz 4CFH 4D 4FF 5A{ 5B| 5B 5B} 5CFH 5D 5FF 6A~ 6B 6B 6B 6CFH 6D 6FF 7A 7B 7B 7B 7CFH 7D 7FF 8A 8B 8B 8B 8CFH 8D 8FF 9A 9B 9B 9B 9CFH 9D 9FF :A :B :B :B :CFH :D :FF ;A ;B ;B ;B ;CFH ;D ;FF <A <B <B <B <CFH <D <FF =A =B =B =B =CFH =D =FF >A >B >B >B >CFH >D >FF ?A ?B ?B ?B ?CFH ?D ?FF Dlddddddddddddddddddddddddddddddd@ A B C D E F G H I J K L M N O P Q R S T  U V W X Y Z [ \  ] ^ _  @A @B @B @B @CFH @D @FF AA AB AB AB ACFH AD AFF BA BB BB BB BCFH BD BFF CA CB CB CB CCFH CD CFF DA DB DB DB DCFH DD DFF EA EB EB EB ECFH ED EFF FA FB FB FB FCFH FD FFF GA GB GB GB GCFH GD GFF HA HB HB HB HCFH HD HFF IA IB IB IB ICFH ID IFF JA JB JB JB JCFH JD JFF KA KB KB KB KCFH KD KFF LA LB LB LB LCFH LD LFF MA MB MB MB MCFH MD MFF NA NB NB NB NCFH ND NFF OA OB OB OB OCFH OD OFF PA PB PB PB PCFH PD PFF QA QB QB QB QCFH QD QFF RA RB RB RB RCFH RD RFF SA SB SB SB SCFH SD SFF TA TB TB TB TCFH TD TFF UA UB UB UB UCFH UD UFF VA VB VB VB VCFH VD VFF WA WB WB WB WCFH WD WFF XA XB XB XB XCFH XD XFF YA YB YB YB YCFH YD YFF ZA ZB ZB ZB ZCFH ZD ZFF [A [B [B [B [CFH [D [FF \A \B \B \B \CFH \D \FF ]A ]B ]B ]B ]CFH ]D ]FF ^A ^B ^B ^B ^CFH ^D ^FF _A _B _B _B _CFH _D _FF Dlddddddddddddddddddddddddddddddd` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~   `A `B `B `B `CFH `D `FF aA aB aB aB aCFH aD aFF bA bB bB bB bCFH bD bFF cA cB cB cB cCFH cD cFF dA dB  dB dB  dCFH dD dFF eA  eB  eB eB  eCFH eD eFF fA fB fB fB fCFH fD fFF gA gB gB gB gCFH gD gFF hA hB hB hB hCFH hD hFF iA iB iB iB iCFH iD iFF jA jB jB jB jCFH jD jFF kA kB kB kB kCFH kD kFF lA  lB! lB lB" lCFH lD lFF mA# mB$ mB mB% mCFH mD mFF nA& nB' nB nB( nCFH nD nFF oA) oB* oB oB+ oCFH oD oFF pA, pB- pB pB. pCFH pD pFF qA/ qB0 qB qB1 qCFH qD qFF rA2 rB3 rB rB4 rCFH rD rFF sA5 sB6 sB sB7 sCFH sD sFF tA8 tB9 tB tB: tCFH tD tFF uA; uB< uB uB= uCFH uD uFF vA> vB? vB vB@ vCFH vD vFF wAA wBB wB wBC wCFH wD wFF xAD xBE xB xBF xCFH xD xFF yAG yBH yB yBI yCFH yD yFF zAJ zBK zB zBL zCFH zD zFF {AM {BN {B {BO {CFH {D {FF |AP |BQ |B |BR |CFH |D |FF }AS }BT }B }BU }CFH }D }FF ~AV ~BW ~B ~BX ~CFH ~D ~FF AY BZ B B[ CFH D FF Dlddddddddddddddddddddddddddddddd                                  A\ B] B B^ CFH D FF A_ B` B Ba CFH D FF Ab Bc B Bd CFH D FF Ae Bf B Bg CFH D FF Ah Bi B Bj CFH D FF Ak Bl B Bm CFH D FF An Bo B Bp CFH D FF Aq Br B Bs CFH D FF At Bu B Bv CFH D FF Aw Bx B By CFH D FF Az B{ B B| CFH D FF A} B~ B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A  B  B B  CFH D FF A  B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B  B B! CFH D FF A" B# B B$ CFH D FF A% B& B B' CFH D FF A( B) B B* CFH D FF A+ B, B B- CFH D FF A. B/ B B0 CFH D FF A1 B2 B B3 CFH D FF A4 B5 B B6 CFH D FF A7 B8 B B9 CFH D FF A: B; B B< CFH D FF A= B> B B? CFH D FF A@ BA B BB CFH D FF AC BD B BE CFH D FF AF BG B BH CFH D FF AI BJ B BK CFH D FF AL BM B BN CFH D FF AO BP B BQ CFH D FF AR BS B BT CFH D FF AU BV B BW CFH D FF AX BY B BZ CFH D FF A[ B\ B B] CFH D FF A^ B_ B B` CFH D FF Aa Bb B Bc CFH D FF Ad Be B Bf CFH D FF Ag Bh B Bi CFH D FF Aj Bk B Bl CFH D FF Am Bn B Bo CFH D FF Ap Bq B Br CFH D FF As Bt B Bu CFH D FF Av Bw B Bx CFH D FF Ay Bz B B{ CFH D FF Dlddddddddddddddddddddddddddddddd                                  A| B} B B~ CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                         A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A  B  B B  CFH D FF A  B  B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A! B" B B# CFH D FF A$ B% B B& CFH D FF A' B( B B) CFH D FF A* B+ B B, CFH D FF A- B. B B/ CFH D FF A0 B1 B B2 CFH D FF A3 B4 B B5 CFH D FF A6 B7 B B8 CFH D FF A9 B: B B; CFH D FF Dlddddddddddddddddddddddddddddddd  ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ?  A< B= B B> CFH D FF !A? !B@ !B !BA !CFH !D !FF "AB "BC "B "BD "CFH "D "FF #AE #BF #B #BG #CFH #D #FF $AH $BI $B $BJ $CFH $D $FF %AK %BL %B %BM %CFH %D %FF &AN &BO &B &BP &CFH &D &FF 'AQ 'BR 'B 'BS 'CFH 'D 'FF (AT (BU (B (BV (CFH (D (FF )AW )BX )B )BY )CFH )D )FF *AZ *B[ *B *B\ *CFH *D *FF +A] +B^ +B +B_ +CFH +D +FF ,A` ,Ba ,B ,Bb ,CFH ,D ,FF -Ac -Bd -B -Be -CFH -D -FF .Af .Bg .B .Bh .CFH .D .FF /Ai /Bj /B /Bk /CFH /D /FF 0Al 0Bm 0B 0Bn 0CFH 0D 0FF 1Ao 1Bp 1B 1Bq 1CFH 1D 1FF 2Ar 2Bs 2B 2Bt 2CFH 2D 2FF 3Au 3Bv 3B 3Bw 3CFH 3D 3FF 4Ax 4By 4B 4Bz 4CFH 4D 4FF 5A{ 5B| 5B 5B} 5CFH 5D 5FF 6A~ 6B 6B 6B 6CFH 6D 6FF 7A 7B 7B 7B 7CFH 7D 7FF 8A 8B 8B 8B 8CFH 8D 8FF 9A 9B 9B 9B 9CFH 9D 9FF :A :B :B :B :CFH :D :FF ;A ;B ;B ;B ;CFH ;D ;FF <A <B <B <B <CFH <D <FF =A =B =B =B =CFH =D =FF >A >B >B >B >CFH >D >FF ?A ?B ?B ?B ?CFH ?D ?FF Dlddddddddddddddddddddddddddddddd@ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _  @A @B @B @B @CFH @D @FF AA AB AB AB ACFH AD AFF BA BB BB BB BCFH BD BFF CA CB CB CB CCFH CD CFF DA DB DB DB DCFH DD DFF EA EB EB EB ECFH ED EFF FA FB FB FB FCFH FD FFF GA GB GB GB GCFH GD GFF HA HB HB HB HCFH HD HFF IA IB IB IB ICFH ID IFF JA JB JB JB JCFH JD JFF KA KB KB KB KCFH KD KFF LA LB LB LB LCFH LD LFF MA MB MB MB MCFH MD MFF NA NB NB NB NCFH ND NFF OA OB OB OB OCFH OD OFF PA PB PB PB PCFH PD PFF QA QB QB QB QCFH QD QFF RA RB RB RB RCFH RD RFF SA SB SB SB SCFH SD SFF TA TB TB TB TCFH TD TFF UA UB UB UB UCFH UD UFF VA VB VB VB VCFH VD VFF WA WB WB WB WCFH WD WFF XA XB XB XB XCFH XD XFF YA YB YB YB YCFH YD YFF ZA ZB ZB ZB ZCFH ZD ZFF [A [B [B [B [CFH [D [FF \A \B \B \B \CFH \D \FF ]A ]B ]B ]B ]CFH ]D ]FF ^A ^B ^B ^B ^CFH ^D ^FF _A _B _B _B _CFH _D _FF Dlddddddddddddddddddddddddddddddd` a b c d e f g h i j k l m n o p q r s t  u v w x y z { | } ~   `A `B `B `B `CFH `D `FF aA aB aB aB aCFH aD aFF bA bB bB bB bCFH bD bFF cA cB cB cB cCFH cD cFF dA dB  dB dB  dCFH dD dFF eA  eB  eB eB  eCFH eD eFF fA fB fB fB fCFH fD fFF gA gB gB gB gCFH gD gFF hA hB hB hB hCFH hD hFF iA iB iB iB iCFH iD iFF jA jB jB jB jCFH jD jFF kA kB kB kB kCFH kD kFF lA  lB! lB lB" lCFH lD lFF mA# mB$ mB mB% mCFH mD mFF nA& nB' nB nB( nCFH nD nFF oA) oB* oB oB+ oCFH oD oFF pA, pB- pB pB. pCFH pD pFF qA/ qB0 qB qB1 qCFH qD qFF rA2 rB3 rB rB4 rCFH rD rFF sA5 sB6 sB sB7 sCFH sD sFF tA8 tB9 tB tB: tCFH tD tFF uA; uB< uB uB= uCFH uD uFF vA> vB? vB vB@ vCFH vD vFF wAA wBB wB wBC wCFH wD wFF xAD xBE xB xBF xCFH xD xFF yAG yBH yB yBI yCFH yD yFF zAJ zBK zB zBL zCFH zD zFF {AM {BN {B {BO {CFH {D {FF |AP |BQ |B |BR |CFH |D |FF }AS }BT }B }BU }CFH }D }FF ~AV ~BW ~B ~BX ~CFH ~D ~FF AY BZ B B[ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A\ B] B B^ CFH D FF A_ B` B Ba CFH D FF Ab Bc B Bd CFH D FF Ae Bf B Bg CFH D FF Ah Bi B Bj CFH D FF Ak Bl B Bm CFH D FF An Bo B Bp CFH D FF Aq Br B Bs CFH D FF At Bu B Bv CFH D FF Aw Bx B By CFH D FF Az B{ B B| CFH D FF A} B~ B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                  A B B B CFH D FF A B B B! CFH D FF A" B# B B$ CFH D FF A% B& B B' CFH D FF A( B) B B* CFH D FF A+ B, B B- CFH D FF A. B/ B B0 CFH D FF A1 B2 B B3 CFH D FF A4 B5 B B6 CFH D FF A7 B8 B B9 CFH D FF A: B; B B< CFH D FF A= B> B B? CFH D FF A@ BA B BB CFH D FF AC BD B BE CFH D FF AF BG B BH CFH D FF AI BJ B BK CFH D FF AL BM B BN CFH D FF AO BP B BQ CFH D FF AR BS B BT CFH D FF AU BV B BW CFH D FF AX BY B BZ CFH D FF A[ B\ B B] CFH D FF A^ B_ B B` CFH D FF Aa Bb B Bc CFH D FF Ad Be B Bf CFH D FF Ag Bh B Bi CFH D FF Aj Bk B Bl CFH D FF Am Bn B Bo CFH D FF Ap Bq B Br CFH D FF As Bt B Bu CFH D FF Av Bw B Bx CFH D FF Ay Bz B B{ CFH D FF Dlddddddddddddddddddddddddddddddd                                  A| B} B B~ CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                      A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A! B" B B# CFH D FF A$ B% B B& CFH D FF A' B( B B) CFH D FF A* B+ B B, CFH D FF A- B. B B/ CFH D FF A0 B1 B B2 CFH D FF A3 B4 B B5 CFH D FF A6 B7 B B8 CFH D FF A9 B: B B; CFH D FF Dlddddddddddddddddddddddddddddddd  ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7  8 9 : ; < = > ?  A< B= B B> CFH D FF !A? !B@ !B !BA !CFH !D !FF "AB "BC "B "BD "CFH "D "FF #AE #BF #B #BG #CFH #D #FF $AH $BI $B $BJ $CFH $D $FF %AK %BL %B %BM %CFH %D %FF &AN &BO &B &BP &CFH &D &FF 'AQ 'BR 'B 'BS 'CFH 'D 'FF (AT (BU (B (BV (CFH (D (FF )AW )BX )B )BY )CFH )D )FF *AZ *B[ *B *B\ *CFH *D *FF +A] +B^ +B +B_ +CFH +D +FF ,A` ,Ba ,B ,Bb ,CFH ,D ,FF -Ac -Bd -B -Be -CFH -D -FF .Af .Bg .B .Bh .CFH .D .FF /Ai /Bj /B /Bk /CFH /D /FF 0Al 0Bm 0B 0Bn 0CFH 0D 0FF 1Ao 1Bp 1B 1Bq 1CFH 1D 1FF 2Ar 2Bs 2B 2Bt 2CFH 2D 2FF 3Au 3Bv 3B 3Bw 3CFH 3D 3FF 4Ax 4By 4B 4Bz 4CFH 4D 4FF 5A{ 5B| 5B 5B} 5CFH 5D 5FF 6A~ 6B 6B 6B 6CFH 6D 6FF 7A 7B 7B 7B 7CFH 7D 7FF 8A 8B 8B 8B 8CFH 8D 8FF 9A 9B 9B 9B 9CFH 9D 9FF :A :B :B :B :CFH :D :FF ;A ;B ;B ;B ;CFH ;D ;FF <A <B <B <B <CFH <D <FF =A =B =B =B =CFH =D =FF >A >B >B >B >CFH >D >FF ?A ?B ?B ?B ?CFH ?D ?FF Dlddddddddddddddddddddddddddddddd@ A B C D E F G H I J K L M  N O P Q R S T U V W X Y Z [ \ ] ^ _  @A @B @B @B @CFH @D @FF AA AB AB AB ACFH AD AFF BA BB BB BB BCFH BD BFF CA CB CB CB CCFH CD CFF DA DB DB DB DCFH DD DFF EA EB EB EB ECFH ED EFF FA FB FB FB FCFH FD FFF GA GB GB GB GCFH GD GFF HA HB HB HB HCFH HD HFF IA IB IB IB ICFH ID IFF JA JB JB JB JCFH JD JFF KA KB KB KB KCFH KD KFF LA LB LB LB LCFH LD LFF MA MB MB MB MCFH MD MFF NA NB NB NB NCFH ND NFF OA OB OB OB OCFH OD OFF PA PB PB PB PCFH PD PFF QA QB QB QB QCFH QD QFF RA RB RB RB RCFH RD RFF SA SB SB SB SCFH SD SFF TA TB TB TB TCFH TD TFF UA UB UB UB UCFH UD UFF VA VB VB VB VCFH VD VFF WA WB WB WB WCFH WD WFF XA XB XB XB XCFH XD XFF YA YB YB YB YCFH YD YFF ZA ZB ZB ZB ZCFH ZD ZFF [A [B [B [B [CFH [D [FF \A \B \B \B \CFH \D \FF ]A ]B ]B ]B ]CFH ]D ]FF ^A ^B ^B ^B ^CFH ^D ^FF _A _B _B _B _CFH _D _FF Dlddddddddddddddddddddddddddddddd` a b c d e f g h i j k l m n o p q r s t u  v w x y z { | } ~   `A `B `B `B `CFH `D `FF aA aB aB aB aCFH aD aFF bA bB bB bB bCFH bD bFF cA cB cB cB cCFH cD cFF dA dB dB dB dCFH dD dFF eA eB eB eB eCFH eD eFF fA fB fB fB fCFH fD fFF gA gB gB gB gCFH gD gFF hA hB hB hB hCFH hD hFF iA iB iB iB iCFH iD iFF jA jB jB jB jCFH jD jFF kA kB kB kB kCFH kD kFF lA lB! lB lB" lCFH lD lFF mA# mB$ mB mB% mCFH mD mFF nA& nB' nB nB( nCFH nD nFF oA) oB* oB oB+ oCFH oD oFF pA, pB- pB pB. pCFH pD pFF qA/ qB0 qB qB1 qCFH qD qFF rA2 rB3 rB rB4 rCFH rD rFF sA5 sB6 sB sB7 sCFH sD sFF tA8 tB9 tB tB: tCFH tD tFF uA; uB< uB uB= uCFH uD uFF vA> vB? vB vB@ vCFH vD vFF wAA wBB wB wBC wCFH wD wFF xAD xBE xB xBF xCFH xD xFF yAG yBH yB yBI yCFH yD yFF zAJ zBK zB zBL zCFH zD zFF {AM {BN {B {BO {CFH {D {FF |AP |BQ |B |BR |CFH |D |FF }AS }BT }B }BU }CFH }D }FF ~AV ~BW ~B ~BX ~CFH ~D ~FF AY BZ B B[ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A\ B] B B^ CFH D FF A_ B` B Ba CFH D FF Ab Bc B Bd CFH D FF Ae Bf B Bg CFH D FF Ah Bi B Bj CFH D FF Ak Bl B Bm CFH D FF An Bo B Bp CFH D FF Aq Br B Bs CFH D FF At Bu B Bv CFH D FF Aw Bx B By CFH D FF Az B{ B B| CFH D FF A} B~ B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B B B! CFH D FF A" B# B B$ CFH D FF A% B& B B' CFH D FF A( B) B B* CFH D FF A+ B, B B- CFH D FF A. B/ B B0 CFH D FF A1 B2 B B3 CFH D FF A4 B5 B B6 CFH D FF A7 B8 B B9 CFH D FF A: B; B B< CFH D FF A= B> B B? CFH D FF A@ BA B BB CFH D FF AC BD B BE CFH D FF AF BG B BH CFH D FF AI BJ B BK CFH D FF AL BM B BN CFH D FF AO BP B BQ CFH D FF AR BS B BT CFH D FF AU BV B BW CFH D FF AX BY B BZ CFH D FF A[ B\ B B] CFH D FF A^ B_ B B` CFH D FF Aa Bb B Bc CFH D FF Ad Be B Bf CFH D FF Ag Bh B Bi CFH D FF Aj Bk B Bl CFH D FF Am Bn B Bo CFH D FF Ap Bq B Br CFH D FF As Bt B Bu CFH D FF Av Bw B Bx CFH D FF Ay Bz B B{ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A| B} B B~ CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                      A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A! B" B B# CFH D FF A$ B% B B& CFH D FF A' B( B B) CFH D FF A* B+ B B, CFH D FF A- B. B B/ CFH D FF A0 B1 B B2 CFH D FF A3 B4 B B5 CFH D FF A6 B7 B B8 CFH D FF A9 B: B B; CFH D FF Dlddddddddddddddddddddddddddddddd  ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ?  A< B= B B> CFH D FF !A? !B@ !B !BA !CFH !D !FF "AB "BC "B "BD "CFH "D "FF #AE #BF #B #BG #CFH #D #FF $AH $BI $B $BJ $CFH $D $FF %AK %BL %B %BM %CFH %D %FF &AN &BO &B &BP &CFH &D &FF 'AQ 'BR 'B 'BS 'CFH 'D 'FF (AT (BU (B (BV (CFH (D (FF )AW )BX )B )BY )CFH )D )FF *AZ *B[ *B *B\ *CFH *D *FF +A] +B^ +B +B_ +CFH +D +FF ,A` ,Ba ,B ,Bb ,CFH ,D ,FF -Ac -Bd -B -Be -CFH -D -FF .Af .Bg .B .Bh .CFH .D .FF /Ai /Bj /B /Bk /CFH /D /FF 0Al 0Bm 0B 0Bn 0CFH 0D 0FF 1Ao 1Bp 1B 1Bq 1CFH 1D 1FF 2Ar 2Bs 2B 2Bt 2CFH 2D 2FF 3Au 3Bv 3B 3Bw 3CFH 3D 3FF 4Ax 4By 4B 4Bz 4CFH 4D 4FF 5A{ 5B| 5B 5B} 5CFH 5D 5FF 6A~ 6B 6B 6B 6CFH 6D 6FF 7A 7B 7B 7B 7CFH 7D 7FF 8A 8B 8B 8B 8CFH 8D 8FF 9A 9B 9B 9B 9CFH 9D 9FF :A :B :B :B :CFH :D :FF ;A ;B ;B ;B ;CFH ;D ;FF <A <B <B <B <CFH <D <FF =A =B =B =B =CFH =D =FF >A >B >B >B >CFH >D >FF ?A ?B ?B ?B ?CFH ?D ?FF Dlddddddddddddddddddddddddddddddd@ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _  @A @B @B @B @CFH @D @FF AA AB AB AB ACFH AD AFF BA BB BB BB BCFH BD BFF CA CB CB CB CCFH CD CFF DA DB DB DB DCFH DD DFF EA EB EB EB ECFH ED EFF FA FB FB FB FCFH FD FFF GA GB GB GB GCFH GD GFF HA HB HB HB HCFH HD HFF IA IB IB IB ICFH ID IFF JA JB JB JB JCFH JD JFF KA KB KB KB KCFH KD KFF LA LB LB LB LCFH LD LFF MA MB MB MB MCFH MD MFF NA NB NB NB NCFH ND NFF OA OB OB OB OCFH OD OFF PA PB PB PB PCFH PD PFF QA QB QB QB QCFH QD QFF RA RB RB RB RCFH RD RFF SA SB SB SB SCFH SD SFF TA TB TB TB TCFH TD TFF UA UB UB UB UCFH UD UFF VA VB VB VB VCFH VD VFF WA WB WB WB WCFH WD WFF XA XB XB XB XCFH XD XFF YA YB YB YB YCFH YD YFF ZA ZB ZB ZB ZCFH ZD ZFF [A [B [B [B [CFH [D [FF \A \B \B \B \CFH \D \FF ]A ]B ]B ]B ]CFH ]D ]FF ^A ^B ^B ^B ^CFH ^D ^FF _A _B _B _B _CFH _D _FF Dlddddddddddddddddddddddddddddddd` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~   `A `B `B `B `CFH `D `FF aA aB aB aB aCFH aD aFF bA bB bB bB bCFH bD bFF cA cB cB cB cCFH cD cFF dA dB  dB dB  dCFH dD dFF eA  eB  eB eB  eCFH eD eFF fA fB fB fB fCFH fD fFF gA gB gB gB gCFH gD gFF hA hB hB hB hCFH hD hFF iA iB iB iB iCFH iD iFF jA jB jB jB jCFH jD jFF kA kB kB kB kCFH kD kFF lA  lB! lB lB" lCFH lD lFF mA# mB$ mB mB% mCFH mD mFF nA& nB' nB nB( nCFH nD nFF oA) oB* oB oB+ oCFH oD oFF pA, pB- pB pB. pCFH pD pFF qA/ qB0 qB qB1 qCFH qD qFF rA2 rB3 rB rB4 rCFH rD rFF sA5 sB6 sB sB7 sCFH sD sFF tA8 tB9 tB tB: tCFH tD tFF uA; uB< uB uB= uCFH uD uFF vA> vB? vB vB@ vCFH vD vFF wAA wBB wB wBC wCFH wD wFF xAD xBE xB xBF xCFH xD xFF yAG yBH yB yBI yCFH yD yFF zAJ zBK zB zBL zCFH zD zFF {AM {BN {B {BO {CFH {D {FF |AP |BQ |B |BR |CFH |D |FF }AS }BT }B }BU }CFH }D }FF ~AV ~BW ~B ~BX ~CFH ~D ~FF AY BZ B B[ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A\ B] B B^ CFH D FF A_ B` B Ba CFH D FF Ab Bc B Bd CFH D FF Ae Bf B Bg CFH D FF Ah Bi B Bj CFH D FF Ak Bl B Bm CFH D FF An Bo B Bp CFH D FF Aq Br B Bs CFH D FF At Bu B Bv CFH D FF Aw Bx B By CFH D FF Az B{ B B| CFH D FF A} B~ B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A  B  B B  CFH D FF A  B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                 A B B B CFH D FF A B  B B! CFH D FF A" B# B B$ CFH D FF A% B& B B' CFH D FF A( B) B B* CFH D FF A+ B, B B- CFH D FF A. B/ B B0 CFH D FF A1 B2 B B3 CFH D FF A4 B5 B B6 CFH D FF A7 B8 B B9 CFH D FF A: B; B B< CFH D FF A= B> B B? CFH D FF A@ BA B BB CFH D FF AC BD B BE CFH D FF AF BG B BH CFH D FF AI BJ B BK CFH D FF AL BM B BN CFH D FF AO BP B BQ CFH D FF AR BS B BT CFH D FF AU BV B BW CFH D FF AX BY B BZ CFH D FF A[ B\ B B] CFH D FF A^ B_ B B` CFH D FF Aa Bb B Bc CFH D FF Ad Be B Bf CFH D FF Ag Bh B Bi CFH D FF Aj Bk B Bl CFH D FF Am Bn B Bo CFH D FF Ap Bq B Br CFH D FF As Bt B Bu CFH D FF Av Bw B Bx CFH D FF Ay Bz B B{ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A| B} B B~ CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd                                        A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A  B  B B  CFH D FF A  B  B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B  CFH D FF A! B" B B# CFH D FF A$ B% B B& CFH D FF A' B( B B) CFH D FF A* B+ B B, CFH D FF A- B. B B/ CFH D FF A0 B1 B B2 CFH D FF A3 B4 B B5 CFH D FF A6 B7 B B8 CFH D FF A9 B: B B; CFH D FF Dlddddddddddddddddddddddddddddddd  ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ?  A< B= B B> CFH D FF !A? !B@ !B !BA !CFH !D !FF "AB "BC "B "BD "CFH "D "FF #AE #BF #B #BG #CFH #D #FF $AH $BI $B $BJ $CFH $D $FF %AK %BL %B %BM %CFH %D %FF &AN &BO &B &BP &CFH &D &FF 'AQ 'BR 'B 'BS 'CFH 'D 'FF (AT (BU (B (BV (CFH (D (FF )AW )BX )B )BY )CFH )D )FF *AZ *B[ *B *B\ *CFH *D *FF +A] +B^ +B +B_ +CFH +D +FF ,A` ,Ba ,B ,Bb ,CFH ,D ,FF -Ac -Bd -B -Be -CFH -D -FF .Af .Bg .B .Bh .CFH .D .FF /Ai /Bj /B /Bk /CFH /D /FF 0Al 0Bm 0B 0Bn 0CFH 0D 0FF 1Ao 1Bp 1B 1Bq 1CFH 1D 1FF 2Ar 2Bs 2B 2Bt 2CFH 2D 2FF 3Au 3Bv 3B 3Bw 3CFH 3D 3FF 4Ax 4By 4B 4Bz 4CFH 4D 4FF 5A{ 5B| 5B 5B} 5CFH 5D 5FF 6A~ 6B 6B 6B 6CFH 6D 6FF 7A 7B 7B 7B 7CFH 7D 7FF 8A 8B 8B 8B 8CFH 8D 8FF 9A 9B 9B 9B 9CFH 9D 9FF :A :B :B :B :CFH :D :FF ;A ;B ;B ;B ;CFH ;D ;FF <A <B <B <B <CFH <D <FF =A =B =B =B =CFH =D =FF >A >B >B >B >CFH >D >FF ?A ?B ?B ?B ?CFH ?D ?FF Dlddddddddddddddddddddddddddddddd@ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _  @A @B @B @B @CFH @D @FF AA AB AB AB ACFH AD AFF BA BB BB BB BCFH BD BFF CA CB CB CB CCFH CD CFF DA DB DB DB DCFH DD DFF EA EB EB EB ECFH ED EFF FA FB FB FB FCFH FD FFF GA GB GB GB GCFH GD GFF HA HB HB HB HCFH HD HFF IA IB IB IB ICFH ID IFF JA JB JB JB JCFH JD JFF KA KB KB KB KCFH KD KFF LA LB LB LB LCFH LD LFF MA MB MB MB MCFH MD MFF NA NB NB NB NCFH ND NFF OA OB OB OB OCFH OD OFF PA PB PB PB PCFH PD PFF QA QB QB QB QCFH QD QFF RA RB RB RB RCFH RD RFF SA SB SB SB SCFH SD SFF TA TB TB TB TCFH TD TFF UA UB UB UB UCFH UD UFF VA VB VB VB VCFH VD VFF WA WB WB WB WCFH WD WFF XA XB XB XB XCFH XD XFF YA YB YB YB YCFH YD YFF ZA ZB ZB ZB ZCFH ZD ZFF [A [B [B [B [CFH [D [FF \A \B \B \B \CFH \D \FF ]A ]B ]B ]B ]CFH ]D ]FF ^A ^B ^B ^B ^CFH ^D ^FF _A _B _B _B _CFH _D _FF Dlddddddddddddddddddddddddddddddd` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~   `A `B `B `B `CFH `D `FF aA aB aB aB aCFH aD aFF bA bB bB bB bCFH bD bFF cA cB cB cB cCFH cD cFF dA dB  dB dB  dCFH dD dFF eA  eB  eB eB  eCFH eD eFF fA fB fB fB fCFH fD fFF gA gB gB gB gCFH gD gFF hA hB hB hB hCFH hD hFF iA iB iB iB iCFH iD iFF jA jB jB jB jCFH jD jFF kA kB kB kB kCFH kD kFF lA  lB! lB lB" lCFH lD lFF mA# mB$ mB mB% mCFH mD mFF nA& nB' nB nB( nCFH nD nFF oA) oB* oB oB+ oCFH oD oFF pA, pB- pB pB. pCFH pD pFF qA/ qB0 qB qB1 qCFH qD qFF rA2 rB3 rB rB4 rCFH rD rFF sA5 sB6 sB sB7 sCFH sD sFF tA8 tB9 tB tB: tCFH tD tFF uA; uB< uB uB= uCFH uD uFF vA> vB? vB vB@ vCFH vD vFF wAA wBB wB wBC wCFH wD wFF xAD xBE xB xBF xCFH xD xFF yAG yBH yB yBI yCFH yD yFF zAJ zBK zB zBL zCFH zD zFF {AM {BN {B {BO {CFH {D {FF |AP |BQ |B |BR |CFH |D |FF }AS }BT }B }BU }CFH }D }FF ~AV ~BW ~B ~BX ~CFH ~D ~FF AY BZ B B[ CFH D FF Dlddddddddddddddddddddddddddddddd                                 A\ B] B B^ CFH D FF A_ B` B Ba CFH D FF Ab Bc B Bd CFH D FF Ae Bf B Bg CFH D FF Ah Bi B Bj CFH D FF Ak Bl B Bm CFH D FF An Bo B Bp CFH D FF Aq Br B Bs CFH D FF At Bu B Bv CFH D FF Aw Bx B By CFH D FF Az B{ B B| CFH D FF A} B~ B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF A B B B CFH D FF Dlddddddddddddddddddddddddddddddd>@FBA ggD Oh+'0@H\p  Sain, Joe Sain, JoeMicrosoft Excel@u@ +u՜.+,0 PXx  The MITRE Corporation ie8  Worksheets  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root Entry FWorkbook^ SummaryInformation(DocumentSummaryInformation8