Category: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

This template policy setting allows you to configure policy settings in this zone consistent with a selected security level for example Low Medium Low Medium or High. If you enable this template policy setting and select a security level all values for individual settings in the zone will be overwritten by the standard template defaults. If you disable this template policy setting no security level is configured. If you do not configure this template policy setting no security level is configured. Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate by comparing the settings in the active URL’s zone against those in the Locked-Down equivalent zone. If you select a security level for any zone (including selecting no security) the same change should be made to the Locked-Down equivalent. Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example precedence inheritance or enforce) to apply individual settings to specific targets.

This policy setting allows you to manage whether . NET Framework components that are signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link. If you enable this policy setting Internet Explorer will execute signed managed components. If you select Prompt in the drop-down box Internet Explorer will prompt the user to determine whether to execute signed managed components. If you disable this policy setting Internet Explorer will not execute signed managed components. If you do not configure this policy setting Internet Explorer will not execute signed managed components.

This policy setting allows you to manage whether data on HTML forms on pages in the zone may be submitted. Forms sent with SSL (Secure Sockets Layer) encryption are always allowed; this setting only affects non-SSL form data submission. If you enable this policy setting information using HTML forms on pages in this zone can be submitted automatically. If you select Prompt in the drop-down box users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted. If you disable this policy setting information using HTML forms on pages in this zone is prevented from being submitted. If you do not configure this policy setting users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted.

This policy setting allows you to manage whether . NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link. If you enable this policy setting Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box Internet Explorer will prompt the user to determine whether to execute unsigned managed components. If you disable this policy setting Internet Explorer will not execute unsigned managed components. If you do not configure this policy setting Internet Explorer will not execute unsigned managed components.

This policy setting allows you to manage the preservation of information in the browser’s history in favorites in an XML store or directly within a Web page saved to disk. When a user returns to a persisted page the state of the page can be restored if this policy setting is appropriately configured. If you enable this policy setting users can preserve information in the browser’s history in favorites in an XML store or directly within a Web page saved to disk. If you disable this policy setting users cannot preserve information in the browser’s history in favorites in an XML store or directly within a Web page saved to disk. If you do not configure this policy setting users cannot preserve information in the browser’s history in favorites in an XML store or directly within a Web page saved to disk.

This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars. If you enable this policy setting Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature. If you disable this policy setting the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process. If you do not configure this policy setting the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.