Free DISA STIG and SRG Library | Vaulted

V-6259

Userdata persistence must be disallowed (Internet zone).

Finding ID
DTBI042
Rule ID
SV-40577r1_rule
Severity
Cat II
CCE
(None)
Group Title
DTBI042-Userdata persistence - Internet Zone
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Userdata persistence must have level of protection based upon the site being accessed. This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is not appropriately configured.

Fix Text

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Internet Zone -> “Userdata persistence” to “Enabled” and select “Disable” from the drop-down box.

Check Content

UserdataPersistence_InternetZone_LocalComputer_var

Responsibility

System Administrator

IA Controls

ECSC-1