3.1 Configure 'Prevent deleting websites that the user has visited'

Information



This policy setting prevents the user from deleting the history of websites that he or she
has visited. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting, websites that the user has visited are preserved when he
or she clicks Delete. If you disable this policy setting, websites that the user has visited are
deleted when he or she clicks Delete. If you do not configure this policy setting, the user
can choose whether to delete or preserve visited websites when he or she clicks Delete.If the 'Prevent access to Delete Browsing History' policy setting is enabled, this policy
setting is enabled by default. Configure this setting in a manner that is consistent with
security and operational requirements of your organization.

*Rationale*

If users can delete websites they have visited it will be easier for them to hide evidence that
they have visited unauthorized sites.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to
Not Configured.

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Delete Browsing History\Prevent deleting websites that the user has visited

Impact-
If you enable this policy setting, websites that the user has visited are preserved when he
or she clicks Delete.
If you disable this policy setting, websites that the user has visited are deleted when he or
she clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or
preserve visited websites when he or she clicks Delete.
If the 'Prevent access to Delete Browsing History' policy setting is enabled, this policy
setting is enabled by default.

See Also

https://workbench.cisecurity.org/files/1518

Item Details

Audit Name: CIS IE 11 v1.0.0

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Windows

Control ID: e2d21383ac31614889dd92f2e42e65aa98e4883a1bc9a47b115d1d1147a25c31