Have you disabled any feature which allows automatic file execution of downloaded or imported files without user authorisation?
What this question is really asking
Confirm that your devices are configured to prevent automatic execution of files downloaded from the internet or imported from removable media. This prevents drive-by downloads and USB-borne malware from running without user interaction. Danzell significantly broadened the scope of this requirement to cover additional file types and execution paths beyond those covered in Willow.
What satisfies this requirement
Yes or NoPrompt-user option is acceptable.
What to prepare before your assessor visit
This is an area where many organisations thought they'd passed under the Willow requirements but may have gaps under Danzell, which extended the scope to additional file types and execution contexts beyond just executables. Review your current configuration specifically against the Danzell requirements document — even if you passed this control in a previous assessment under an earlier version of the standard.
How this question sits across CE versions
Related policy templates
Getting certified means having documentation to back it up. These policy templates cover the controls this question tests.
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.