Content Zones Typically when you are surfing the Internet, there are certain sites that you

visit often and there are other sites which you visit for the first time. Typically, you tend to trust those sites that you visit often and you are less trusting of new sites, especially sites that are not popular. To help manage Internet Explorer security when visiting sites, Internet Explorer divides the network connection into four content types, which are as follows:

. Internet Zone: Anything that is not assigned to any other zone and anything that is not on your computer, or your organization’s network (intranet). The default security level of the Internet zone is Medium.

. Local Intranet Zone: Computers that are part of the organization’s network (intranet) that do not require a proxy server, as defined by the system administrator. These include sites specified on the Connections tab, network paths such as \\computername\foldername, and local intranet sites such as http://internal. You can add sites to this zone. The default security level for the Local internet zone is Medium=Low, which means Internet Explorer allows all cookies from websites in this zone to

be saved on your computer and be read by the website that created them. Lastly, if the website requires NTLM or integrated authentica- tion, it automatically uses your username and password.

. Trusted Sites Zone: Contains trusted sites that from which you believe you can download or run files without damaging your computer or data or that you consider are not security risks. You can assign sites to this zone. The default security level for the Trusted sites zone is Low, which means Internet Explorer allows all cookies from websites in this zone to

be saved on your computer and be read by the website that created them.

. Restricted Sites Zone: Contains sites that you do not trust from which downloading or running files might damage your computer or data or that are considered a security risk. You can assign sites to this zone. The default security level for the Restricted sites zone is High, which means Internet Explorer blocks all cookies from websites in this zone.

For each of the web content zones, there is a default security level. The secu- rity levels available in Internet Explorer are

. High: Excludes any content that can damage your computer. . Medium: Warns you before running potentially damaging content. . Low: Does not warn you before running potentially damaging content.

Features of Internet Explorer 8.0

. Custom: A security setting of your own design. Use this level to cus- tomize the behavior of Active Data Objects (AD) and Remote Data Services (RDS) objects in a specific zone.

Whenever you access a website, Internet Explorer checks the security settings for the zone of the website. To tell which zones the current webpage falls into, you look at the right side of the Internet Explorer status bar. Besides adjusting the zones or assigning the zones or assigning a website to a zone, you can also customize settings for a zone by importing a privacy settings file from a cer- tificate authority.

To modify the security level for a web content zone, do the following:

1. Click the Tools button and then click Internet Options.

2. In the Internet Options dialog box, on the Security tab, click the zone on which you want to set the security level.

3. Drag the slider to set the security level to High, Medium, or Low. Internet Explorer describes each option to help you decide which level

to choose, as shown in Figure 13.4. You are prompted to confirm any reduction in security level. You can also choose the Custom level but- ton for more detailed control.

4. Click OK to close the Internet Options dialog box.

FIGURE 13.4 Security options within Internet Explorer.

CHAPTER 13: Working with Internet Explorer 8.0

Software publisher certificates (third-party digital certificates) are used to vali- date software code such as Java or ActiveX controls or plug-ins. Depending on the security settings for a zone, when software code is accessed from a website you automatically download the software code, disable the software code, or prompt to download the software code via a security warning. If you open the Tools menu and select Internet Options, select the Security tab, and click the Custom Level button, you can select enable, disable, or prompt to download ActiveX controls (signed and unsigned) and scripting of Java applets.

To view the certificates for Internet Explorer, open the Internet Options dia- log box, click the Content tab and click on the Certificates button. To see list of certificates, click the appropriate certificates. From here, you can also import and export individual certificates.