Enforce IE Settings Through GPO
You work as the IT security administrator for a small corporate network. You need to increase Internet Explorer 10 browser security on your computers by enforcing critical security features.
In this lab, your task is to configure the following Internet Explorer policy settings in the WorkstationGPO:
Policy Setting
Security Zones: Do not allow users to add/delete sites Enabled
Security Zones: Do not allow users to change policies Enabled
Turn on ActiveX Filtering Enabled
Internet Control Panel > Prevent Ignoring Certificate Errors Enabled
Internet Control Panel > Security Page > Internet Zone > Java permissions Enabled: Disable Java
Internet Control Panel > Security Page > Internet Zone > Turn on Protected Mode Enabled: Enable
Internet Control Panel > Security Page > Restricted Sites Zone > Allow File Downloads Enabled: Disable
Internet Control Panel > Security Page > Restricted Sites Zone > Java permissions Enabled: Disable Java
Internet Control Panel > Security Page > Restricted Sites Zone > Turn on Protected Mode Enabled: Enable
Security Features > Object Caching Protection > Internet Explorer Processes Enabled
Security Features > Protection From Zone Elevation > Internet Explorer Processes Enabled
Security Features > Restrict ActiveX Install > Internet Explorer Processes Enabled
Security Features > Restrict File Download > Internet Explorer Processes Enabled
The Security Zone and ActiveX Filtering policies can be found at the root of the Internet Explorer folder. There are many other security features that can be enforced for Internet Explorer. Always test any proposed security restrictions before implementing them in your environment.