Detections
Analytics

CSCv7|7.1

Title

Ensure Use of Only Fully Supported Browsers and Email Clients

Description

Ensure that only fully supported web browsers and email clients are allowed to execute in the organization, ideally only using the latest version of the browsers and email clients provided by the vendor.

Reference Item Details

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.43 Ensure 'Allow unconfigured sites to be reloaded in Internet Explorer mode' is set to 'Disabled'WindowsCIS Microsoft Edge L2 v1.1.0
1.107 Ensure 'Show the Reload in Internet Explorer mode button in the toolbar' is set to 'Disabled'WindowsCIS Microsoft Edge L1 v1.1.0
4.10 Ensure notifications for internal users sending malware is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v1.5.0
6.2.1 Ensure Protect Mail Activity in Mail Is EnabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
6.3.1 Ensure Automatic Opening of Safe Files in Safari Is DisabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.2 Audit History and Remove History ItemsUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
6.3.3 Ensure Warn When Visiting A Fraudulent Website in Safari Is EnabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.4 Ensure Prevent Cross-site Tracking in Safari Is Enabled - BlockStoragePolicyUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.4 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitPreferences.storageBlockingPolicyUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.4 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitStorageBlockingPolicyUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.5 Audit Hide IP Address in Safari SettingUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
6.3.6 Ensure Advertising Privacy Protection in Safari Is EnabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
6.3.7 Ensure Show Full Website Address in Safari Is EnabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
7.1.1 Ensure Protect Mail Activity in Mail Is EnabledUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
7.1.1 Ensure Protect Mail Activity in Mail Is EnabledUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
7.1.1 Ensure Protect Mail Activity in Mail Is EnabledUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
7.2.1 Ensure Automatic Opening of Safe Files in Safari Is DisabledUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
7.2.1 Ensure Automatic Opening of Safe Files in Safari Is DisabledUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
7.2.1 Ensure Automatic Opening of Safe Files in Safari Is DisabledUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
7.2.2 Audit History and Remove History ItemsUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
7.2.2 Audit History and Remove History ItemsUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
7.2.2 Audit History and Remove History ItemsUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is EnabledUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is EnabledUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is EnabledUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - BlockStoragePolicyUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - BlockStoragePolicyUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - BlockStoragePolicyUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitPreferences.storageBlockingPolicyUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitPreferences.storageBlockingPolicyUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitPreferences.storageBlockingPolicyUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitStorageBlockingPolicyUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitStorageBlockingPolicyUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
7.2.5 Ensure Prevent Cross-site Tracking in Safari Is Enabled - WebKitStorageBlockingPolicyUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
7.2.6 Audit Hide IP Address in Safari SettingUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
7.2.6 Audit Hide IP Address in Safari SettingUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
7.2.6 Audit Hide IP Address in Safari SettingUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
7.12 Ensure mobile device management policies are required for email profilesmicrosoft_azureCIS Microsoft 365 Foundations E3 L2 v1.5.0
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Stand-alone v2.0.0 L1
18.10.35.1 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'WindowsCIS Microsoft Windows 10 Enterprise v2.0.0 L1
19.7.4.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
19.7.4.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0
19.7.4.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0
19.7.4.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1