STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 4 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SC-18 (3) — Mobile Code

CCI-001169

Definition

Prevent the download of organization-defined unacceptable mobile code.

Parent Control

SC-18 (3)Mobile CodeSystem and Communications Protection

Linked STIG Checks (34)

V-213168CAT IIAdobe Reader DC must enable Enhanced Security in a Standalone Application.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213169CAT IIAdobe Reader DC must enable Enhanced Security in a Browser.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213170CAT IIAdobe Reader DC must enable Protected Mode.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213171CAT IIAdobe Reader DC must enable Protected View.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213172CAT IIAdobe Reader DC must Block Websites.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213173CAT IIAdobe Reader DC must block access to Unknown Websites.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213174CAT IIAdobe Reader DC must prevent opening files other than PDF or FDF.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-213175CAT IIAdobe Reader DC must block Flash Content.Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide V-204977CAT IIThe ALG providing content filtering must prevent the download of prohibited mobile code.Application Layer Gateway Security Requirements Guide V-237383CAT IIThe CA API Gateway providing content filtering must prevent the download of prohibited mobile code.CA API Gateway ALG Security Technical Implementation Guide V-278393CAT IINGINX must identify prohibited mobile code.F5 NGINX Security Technical Implementation Guide V-205515CAT IIThe Mainframe Product must prevent the download of prohibited mobile code.Mainframe Product Security Requirements Guide V-238018CAT IIFile Downloads must be configured for proper restrictions.Microsoft Access 2016 Security Technical Implementation Guide V-213439CAT IIMicrosoft Defender AV must be configured to not allow override of scanning for downloaded files and attachments.Microsoft Defender Antivirus Security Technical Implementation Guide V-213444CAT IIMicrosoft Defender AV must be configured to scan all downloaded files and attachments.Microsoft Defender Antivirus Security Technical Implementation Guide V-238179CAT IIFile Downloads must be configured for proper restrictions.Microsoft Excel 2016 Security Technical Implementation Guide V-223017CAT IIThe Download signed ActiveX controls property must be disallowed (Internet zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223018CAT IIThe Download unsigned ActiveX controls property must be disallowed (Internet zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223040CAT IIPrevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the internet must be enabled.Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223051CAT IIThe Download signed ActiveX controls property must be disallowed (Restricted Sites zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223053CAT IIVBScript must not be allowed to run in Internet Explorer (Internet zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223054CAT IIThe Download unsigned ActiveX controls property must be disallowed (Restricted Sites zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-223055CAT IIVBScript must not be allowed to run in Internet Explorer (Restricted Sites zone).Microsoft Internet Explorer 11 Security Technical Implementation Guide V-215536CAT IIFile Downloads must be configured for proper restrictions.Microsoft OneDrive Security Technical Implementation Guide V-238051CAT IIFile Downloads must be configured for proper restrictions.Microsoft OneNote 2016 Security Technical Implementation Guide V-228426CAT IIFile Downloads must be configured for proper restrictions.Microsoft Outlook 2016 Security Technical Implementation Guide V-228469CAT IIAutomatic download of Internet Calendar appointment attachments must be disallowed.Microsoft Outlook 2016 Security Technical Implementation Guide V-238066CAT IIFile Downloads must be configured for proper restrictions in PowerPoint.Microsoft PowerPoint 2016 Security Technical Implementation Guide V-238086CAT IIFile Downloads must be configured for proper restrictions in PowerPoint Viewer.Microsoft PowerPoint 2016 Security Technical Implementation Guide V-70721CAT IIFile Downloads must be configured for proper restrictions.Microsoft Project 2016 Security Technical Implementation Guide V-238491CAT IIFile Downloads must be configured for proper restrictions.Microsoft Publisher 2016 Security Technical Implementation Guide V-238117CAT IIFile Downloads must be configured for proper restrictions.Microsoft Visio 2016 Security Technical Implementation Guide V-238133CAT IIFile Downloads must be configured for proper restrictions.Microsoft Word 2016 Security Technical Implementation Guide V-228853CAT IIThe Palo Alto Networks security platform must prevent the download of prohibited mobile code.Palo Alto Networks ALG Security Technical Implementation Guide