Configuring Internet Security Zones
With Windows Internet Explorer, you can set different levels of security for different types of Web sites. For example, you might feel perfectly comfortable running programs that originate from your organization's intranet site or from specific Web sites that you trust (such as your own), but not want to allow certain types of programs to run on your computer from the Internet.
Internet Explorer divides the types of Web sites you visit into these four security zones:
Internet. All external Web sites that are not in the trusted or restricted site lists. Local intranet. All Web sites that are part of your organization's local network. Trusted. Specific Web sites that you have designated as trustworthy; you believe that content from these sites will not damage your computer or data. Restricted. Specific Web sites that you have designated as untrustworthy; you believe that content from these sites might damage your computer or data.
You must specifically designate Web sites as part of the Trusted Sites and Restricted Sites zones; otherwise these zones are empty.
You can set the security level for each zone at one of five predefined levels, or you can customize the security level for your own or your organization's needs. The predefined security levels are:
High. This level is appropriate for any Web sites you don't trust, or if you want to have full control over the content that is downloaded to and run on your computer. This is the default security level for the Restricted Sites zone. Internet Explorer prevents potentially harmful content from running on your computer, which might mean that the functionality or display of some Web sites is impaired. Medium-high. This level is appropriate for most Internet sites, and it is the default security level for the Internet zone. Internet Explorer prompts you before downloading any potentially unsafe content, and it does not download unsigned ActiveX controls. Medium. This is the default security level for the Trusted Sites zone. Internet Explorer does not download unsigned ActiveX controls, and prompts you for permission before downloading potentially unsafe content. Specific settings vary from the Medium-high security level. Medium-low. This is the default security level for the Local Intranet zone. Internet Explorer does not download unsigned ActiveX controls, but most other content runs without prompts. Low. This level is appropriate only for sites that you absolutely trust. Internet Explorer provides only minimal safeguards and warnings, and it downloads and runs most content without prompting you for permission.
Most people will find that the default settings are adequate for their needs, but from time to time you might want or need to customize a setting. Even if you never do, it's good to know what your options are so that you are confident that your Web browsing is done in a secure and sensible manner.
In this exercise, you will examine your current Internet Explorer security zone settings, experiment with changing your security options, and add and remove a Web site from the restricted sites list. There are no practice files for this exercise.
Important
If you have personalized your Internet security settings for a specific purpose and do not want them to be reset to the default settings, do not complete this exercise.
BE SURE TO display Control Panel before beginning this exercise.
1. | In Control Panel, click Security, and then under Internet Options, click the Change security settings task.
The Internet Properties dialog box opens, displaying the Security tab.
Tip
You can also display this tab by starting Internet Explorer and then double-clicking the zone name on the status bar.
Depending on your current security settings, the Security level for this zone area displays either a slide control like the one shown here or a custom setting.
| 2. | If your screen shows a custom setting, click Default level to return the Internet zone to the default Medium-high security level.
Next you'll try customizing the security options.
| 3. | Click Custom level to display the Security Settings dialog box for the currently selected Internet zone.
The default security level is shown in the Reset Custom Settings area.
| 4. | Scroll through the options and change a few to see how changing security levels works. (Don't worry; you can undo the changes.) When you're finished making changes, click OK.
| 5. | In the Warning message box prompting you to confirm your changes, click Yes.
In the Internet Options dialog box, the security level for the Internet zone is now set to Custom.
| 6. | In the Select a zone area, click Restricted sites.
The security level for the Restricted Sites zone is set to High, and cannot be changed.
| 7. | Click Sites.
The Restricted Sites dialog box opens.
Depending on your previous Internet Explorer use, the Websites list might already contain one or more site addresses.
| 8. | In the Add this website to the zone box, type www.microsoft.com, and then click Add.
Important
If you do not want to temporarily implement any changes to your Internet zone security settings, skip to Step 12.
| 9. | In the Restricted Sites dialog box, click Close. Then in the Internet Properties dialog box, click OK.
| 10. | Click the Start button, and with the insertion point in the Start Search box, type http://www.microsoft.com. Then press  .
Internet Explorer starts, and displays the Microsoft Corporation Web site.
The status bar at the bottom of the Internet Explorer window indicates that this is a restricted site.
Any scripts (small programs) or active content on this site will not run on your computer.
| 11. | In the Recent Tasks list at the bottom of the left pane of the Security window, click Change security settings. In the Internet Properties dialog box, click Restricted sites, and then click Sites.
| 12. | In the Websites list, click www.microsoft.com. Click Remove, and then click Close.
| 13. | In the Select a zone area, click Internet, and then click Default level to return the Internet zone to the default security settings.
| 14. | To implement this security level, click OK; otherwise, click Cancel to close the Internet Properties dialog box without implementing any of the changes.
|
CLOSE the Security window.
|
Some Web sites are set up to collect information about users who visit them and use that data for fraudulent purposes. These "phishing sites" (so named because they "fish" for information) aren't Web sites that you would visit on purpose; links to them are distributed in e-mail messages, usually purporting to be from a bank or other financial institution. The phishing site link in the message is usually disguised as a valid link, but has code behind it that sends you to a site that is not the one you think you are visiting.
Many phishing messages are immediately obvious due to the poor spelling and grammar they contain. Others claim to come from companies you don't actually have a financial relationship with. Even if you do business with the company, don't click the link! Instead, call the company to verify the validity of the request. Most reputable companies would never communicate with you about your personal or financial information in this way.
Internet Explorer 7 comes with a Phishing Filter that helps protect you by blocking known phishing sites. The filter is updated several times per hour using the latest security information from Microsoft and several industry partners. You can also use the filter to report suspicious sites or scams.
In addition to turning off automatic checking of visited sites against the list of known phishing sites, you can disable the Phishing Filter entirely. We would advise you to do this only if you feel confident that you will not be fooled by any phishing messages you receive.
|
|
