Chapter 7: Navigating the Web with Internet Explorer 7
Restricting Permissions Using Security Zones
Security levels and zones are important parts of Internet Explorer’s security features.
You can display security options for Internet Explorer by clicking Tools
Options, and then clicking the Security tab in the Internet Options dialog box, as
shown in Figure 7-20. The standard levels of security that you can use are:
Appropriate for sites that might contain harmful content. With this security
level, Internet Explorer runs with maximum safeguards and with less-secure fea-
Appropriate for most public Internet sites. With this security level, Internet
Explorer prompts you prior to downloading all potentially unsafe types of con-
tent and disables downloading of unsigned ActiveX controls.
Appropriate only for trusted sites. With this security level, Internet Explorer
prompts you prior to downloading most potentially unsafe contents and dis-
ables downloading of unsigned ActiveX controls.
Appropriate only for sites on your internal network. With this security level,
Internet Explorer disables downloading of unsigned ActiveX controls but down-
loads and runs most types of content without prompting.
Appropriate only for sites you know are trustworthy, such as secure internal
sites. With this security level, Internet Explorer uses minimal safeguards, and
downloads and runs most types of content without prompts.
Internet Explorer 7 uses security zones to help you restrict permissions according to
where web sites are located and what you know about them. Each security zone is
assigned a default security level. From most trusted to least trusted, the security
This zone is used to configure security settings for sites on your local network.
The default security level is Medium-low.
Unlike earlier releases of Windows, Windows Vista can automatically
detect when web sites are on your local network. Windows Vista does
this by checking the network address of the web site and comparing it
to the network address of your computer. Windows Vista also consid-
ers sites bypassed by the proxy server and network paths, such as Uni-
versal Naming Convention (UNC) paths, as being on the local