| |
| Answering questions regarding Browser Security Settings, ActiveX Security Settings. |
| |
| |
Introduction
Internet Explorer
(and other browsers) now have security zones that let you select the level of trust
/ security you feel can be justified for web-sites you visit. The zones include:
• Internet (...the one we will be working with!)
• Local Intranet
• Trusted Sites
• Restricted Sites
All four zones have standard security settings. Although these settings are a start
for "standard" usage, using you browser for the Upper Iowa University Online Program
may require changes to your "standard" settings.
We have developed a set of "Internet Security Settings" that address your concern for safe browsing,
yet allow you to use your browser for your UIU Online classes.
Below you will see settings that incude terms like "ActiveX", "Java applet" and "Scripting".
• Think of ActiveX as small programs that are being used by the browser to do some very specifc job.
• Think of Java applets and Scripting as code that is embedded in a page you receive from a server.
All three can be beneficial, but coded by an "unfriendly" person could do
harm (think privacy, credit cards, deleting of all file, etc).
Browser setting control "ActiveX", "Java applet" and "Scripting" |
Enhancing standard
Custom Level Settings to also allow access to UIU Online Classes
Reaching the INTERNET SECURITY SETTINGS
1 - Open the Internet Explorer browser,
2 - Click on the Tools menu,
3 - Click Internet Options
4 - Click on the Security Tab
5 - Click on Internet
6 - Click on Custom Level
You will now see a scrollable window showing Internet Security details. You may
have to double-click on an item to see the next level of details.
The Internet Security Details are:
• .NET Framework
• .NET Framework-reliant components
• ActiveX controls and plug-ins
• Downloads
• Microsoft VM
• Miscellaneous
• Scripting
• User Authentication
Note: You may not see all settings given below.
What you see depends on your operating system (i.e. Windows 2000, 2003, XP, Vista etc), your
Browser (IE 5.5, 6.x, 7.x) and what Framework software (i.e. 1.0, 1.1, 2.0, 3.x,
or none) you have installed. |
You choose a security setting by selecting the radio button next to a security item.
Recommended Browser settings are given in BOLDFACE.
.NET Framework
Loose XAML
• Disable
• Enable
• Prompt.
XAML browser application
• Disable
• Enable
• Prompt.
XPS documents
• Disable
• Enable
• Prompt
.NET Framework-reliant components
Run components not signed with Authenticode.
• Disable
• Enable
• Prompt
Run components signed with Authenticode
• Disable
• Enable
• Prompt
ActiveX Controls and Plug-Ins
Allow previously unused ActiveX Controls to run without promting.
• Disable
• Enable
Allow Scriplets
• Disable
• Enable
• Prompt
Automatic prompting for ActiveX Controls.
• Disable
• Enable
Binary & Script behaviors.
• Administrator approved
• Disable
• Enable
Display Video & Animation on webpage that does not use external Media Player.
• Disable
• Enable
Download Signed ActiveX Controls.
• Disable
• Enable
• Prompt
Download Unsigned ActiveX controls.
• Disable
• Enable
• Prompt
Initialize & Script ActiveX Controls not marked as safe for scripting.
• Disable
• Enable
• Prompt
Run ActiveX Controls and Plugins.
• Administrator approved
• Disable
• Enable
• Prompt
Script ActiveX Controls marked safe for Scripting.
• Disable
• Enable
• Prompt
Downloads
Automatic Prompting for File download
• Disable
• Enable
File download
• Disable
• Enable
Font download
• Disable
• Enable
• Prompt
Enable .NET Framework setup
• Disable
• Enable
• Prompt
Java VM
Java Permissions
• Custom
• Disable Java
• High Safety
• Low Safety
• Medium Safety
Miscellaneous Options
Access data sources across domains
• Disable
• Enable
• Prompt
Allow META REFRESH
• Disable
• Enable
Allow Scripting of Internet Web Browser Control
• Disable
• Enable
Allow Web Pages to use restricted protocols for Active Contents
• Disable
• Enable
Allow webpages to open windows without address or status bars
• Disable
• Enable
Display mixed content
• Disable
• Enable
• Prompt
Don't prompt for client certificate selection when no certificates or only one
certificate exists.
• Disable
• Enable
Drag and drop or copy and paste files.
• Disable
• Enable
• Prompt
Include local directory path when uploading files to server
• Disable
• Enable
Installation of desktop items
• Disable
• Enable
• Prompt
Launching programs and files in an IFRAME
• Disable
• Enable
• Prompt
Navigate sub-frames across different domains
• Disable
• Enable
• Prompt
Open Files based on Content, not file extension
• Disable
• Enable
Software channel permissions
• High safety
• Low safety
• Medium safety
Submit nonencrypted form data
• Disable
• Enable
• Prompt
Use Phishing filter
• Disable
• Enable
Use Pop-up blockers
• Disable (Pop-up blockers must be disabled for you to do UIU Class work)
• Enable
Userdata persistence
• Disable
• Enable
Websites in less priviledged web content zones can navigate into this zone
• Disable
• Enable
• Prompt
Scripting
Active Scripting
• Disable
• Enable
• Prompt
Allow programatic clipboard access
• Disable
• Enable
• Prompt
Allow Status Bar updates via script
• Disable
• Enable
Allow websites to prompt for Information using scripted Windows
• Disable
• Enable
Allow paste operations via script
• Disable
• Enable
• Prompt
Scripting of Java applets
• Disable
• Enable
• Prompt
User Authentication
Logon
• Anonymous logon
• Automatic logon only in Intranet zone
• Automatic logon with current username and password
• Prompt for user name and password
|
|
| |
|
Back to Top
|
|