diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-5-enterprise-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-5-enterprise-security.md index e3e8a6598b..5b7819551f 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/level-5-enterprise-security.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/level-5-enterprise-security.md @@ -193,7 +193,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi | Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on Cross-Site Scripting Filter | Enabled: Enable | Controls whether the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone. | | Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on Protected Mode | Enabled: Enable | Allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system. | | Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on SmartScreen Filter scan | Enabled: Enable | Controls whether SmartScreen Filter scans pages in this zone for malicious content. | -| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Trusted Sites Zone | Java permissions | Enabled: Enable | | +| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Trusted Sites Zone | Java permissions | Enabled: Enable | Allows you to configure policy settings according to the default for the selected security level, such Low, Medium, or High. | | Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Use Pop-up Blocker | Enabled: Enable | Allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. | | Windows Components / Internet Explorer / Internet Control Panel / Security Page / Trusted Sites Zone | Don't run antimalware programs against ActiveX controls | Enabled: Disable | Determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they're safe to load on pages. | | Windows Components / Internet Explorer / Security Features | Allow fallback to SSL 3.0 (Internet Explorer) | Enabled: No sites | Allows you to block an insecure fallback to SSL 3.0. When this policy is enabled, Internet Explorer will attempt to connect to sites using SSL 3.0 or below when TLS 1.0 or greater fails. | diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md index 0b921824e1..2160e044a3 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md @@ -29,7 +29,7 @@ While appropriate for organizations with very high security needs such as those They can’t justify the investment in that very high level of security with an ROI. As such, Microsoft is introducing a new taxonomy for security configurations for Windows 10. -The security configuration framework organizes devices into one of 5 distinct security configurations. +This new security configuration framework, which we call the SECCON framework (remember "WarGames"?), organizes devices into one of 5 distinct security configurations. ![SECCON Framework](./../images/seccon-framework.png)