320    Chapter 5 • Communication Security: Web Based Services

                 The Content tab, shown in Figure 5.16, gives access to the certificates that are
             trusted and accepted by IE. If a certificate has been accepted that the administrator
             no longer trusts, they can peruse this storehouse and remove it.

             Figure 5.16 You Can Configure Certificate Options in IE Using the Content
             Tab in Internet Options


































                 The Content tab also gives access to IE’s AutoComplete capability.This fea-
             ture is useful in many circumstances, but when it is used to remember usernames
             and passwords to Internet sites, it becomes a security risk.The most secure configu-
             ration requires that AutoComplete be turned off for usernames and passwords, that
             prompting to save passwords is disabled, and that the current password cache is
             cleared.
                 On the Advanced tab shown in Figure 5.17, several security-specific controls
             are included at the bottom of a lengthy list of functional controls.These security
             controls include the following (and more):

                  ■   Check for certificate revocation

                  ■   Do not save encrypted pages to disk
                  ■   Empty Temporary Internet Files folder when browser is closed



          www.syngress.com