DTOO297 – A form that is digitally signed must be displayed with a warning.

Details

This setting controls whether or not the user sees a dialog box when opening Microsoft InfoPath forms containing digitally signed content. By default, InfoPath shows the user a warning message when the form contains a digital signature. By being aware of a digitally signed form, the user will be able to check the validity of the signature. Otherwise, the forms may have been maliciously modified and will be invalidated.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security ‘Display a warning that a form is digitally signed’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_MS_InfoPath_2013_V1R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-5(3)
CAT|II
CCI|CCI-001749
Rule-ID|SV-53432r1_rule
STIG-ID|DTOO297
Vuln-ID|V-26621

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles