8.8.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable'

Information

*Description*

This policy setting controls whether SmartScreen Filter scans pages in this zone for
malicious content. If you enable this policy setting, SmartScreen Filter will scan pages in
this zone for malicious content. If you disable this policy setting, SmartScreen Filter will not
scan pages in this zone for malicious content. If you do not configure this policy setting, the
user can configure this setting. Note- In Internet Explorer 7, this policy setting controls
whether the Phishing Filter scans pages in this zone for malicious content. The
recommended state for this setting is- Enabled-Enable.


*Rationale*

If the SmartScreen Filter is enabled globally, not enabling this setting would allow the user
to disable the use of the SmartScreen Filter in this zone.

Solution

To implement the recommended configuration state, set the following Group Policy setting
to Enabled.

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone\Use
SmartScreen Filter\Use SmartScreen Filter

Then set the Use SmartScreen Filter option to Enable.

Impact-The SmartScreen Filter will be used in this zone.

See Also

https://workbench.cisecurity.org/files/1516

Item Details

Audit Name: CIS IE 9 v1.0.0

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1.

Plugin: Windows

Control ID: 9a8af31159d45a50678ff5895a51990322fc391051d20dfc63c36f072662afb2