CIS Microsoft Office Outlook 2016 v1.1.0 Level 1

Audit Details

Name: CIS Microsoft Office Outlook 2016 v1.1.0 Level 1

Updated: 4/12/2023

Authority: CIS

Plugin: Windows

Revision: 1.17

Estimated Item Count: 76

File Details

Filename: CIS_MS_Office_Outlook_2016_Level_1_v1.1.0.audit

Size: 231 kB

MD5: 1a1d046e56b682ed0434000f6e5e1582
SHA256: f880528b0475fb6825c299f56c0d2ab89c02a5df1ae44abad5c3ce47a527c434

Audit Items

DescriptionCategories
1.1.2.3 Ensure 'Authentication with Exchange server.' is set to 'Enabled:Kerberos/NTLM Password Authentication'

IDENTIFICATION AND AUTHENTICATION

1.1.2.4 Ensure 'Automatically configure profile based on Active Directory Primary SMTP address' is set to Enabled

CONFIGURATION MANAGEMENT

1.1.2.5 Ensure 'Do not allow users to change permissions on folders' is set to Enabled

CONFIGURATION MANAGEMENT

1.1.2.6 Ensure 'Enable RPC encryption' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.1 Ensure 'Automatically download attachments' is set to Disabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to Enabled

CONFIGURATION MANAGEMENT

1.1.6.1 Ensure 'Download full text of articles as HTML attachments' is set to Disabled

CONFIGURATION MANAGEMENT

1.1.6.2 Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to Disabled

CONFIGURATION MANAGEMENT

1.1.6.3 Ensure 'Turn Off RSS Feature' is set to Enabled

CONFIGURATION MANAGEMENT

1.6.1 Ensure 'Check to disable users from adding entries to server list' is set to Enabled:Publish default, disallow others

CONFIGURATION MANAGEMENT

1.8.2.1 Ensure 'PST Null Data On Delete' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.4.2.2 Ensure 'Outlook Rich Text Options' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.4.2.3 Ensure 'Plain Text Options' is set to Disabled

CONFIGURATION MANAGEMENT

1.9.4.4 Ensure 'Do not allow signatures for e-mail messages' to 'Disabled'

CONFIGURATION MANAGEMENT

1.9.6.1.2 Ensure 'Do not allow folders in non-default stores to be set as folder home pages' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.6.1.3 Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.9.6.1.5 Ensure 'Use Unicode format when dragging e-mail message to file system' is set to Disabled

CONFIGURATION MANAGEMENT

1.9.6.3 Ensure 'Make Outlook the default program for E-mail, Contacts, and Calendar' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.8.1.2.1 Ensure 'Access to published calendars' is set to Enabled

ACCESS CONTROL

1.9.8.1.2.2 Ensure 'Prevent publishing to a DAV server' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.8.1.2.3 Ensure 'Prevent publishing to Office.com' is set to Enabled

ACCESS CONTROL

1.9.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to Enabled:Disables 'Full details' and 'Limited details'

CONFIGURATION MANAGEMENT

1.9.8.1.2.5 Ensure 'Restrict upload method' is set to Enabled

ACCESS CONTROL

1.9.8.3.3 Ensure 'Read e-mail as plain text' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.8.3.4 Ensure 'Read signed e-mail as plain text' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.8.4.1 Ensure 'Add e-mail recipients to users' Safe Senders Lists' is set to Disabled

CONFIGURATION MANAGEMENT

1.9.8.4.2 Ensure 'Hide Junk Mail UI' is set to Disabled

SYSTEM AND INFORMATION INTEGRITY

1.9.8.4.3 Ensure 'Junk E-mail protection level: Select level:' is set to Enabled:High

SYSTEM AND INFORMATION INTEGRITY

1.9.8.4.4 Ensure 'Trust e-mail from contacts' is set to Enabled

CONFIGURATION MANAGEMENT

1.9.11 Ensure 'Internet and Network Paths into Hyperlinks' is set to Disabled

CONFIGURATION MANAGEMENT

1.10.1 Ensure 'Do Not Download Photos from Active Directory' is set to Enabled

CONFIGURATION MANAGEMENT

1.10.2 Ensure 'Turn Off Outlook Social Connector' is set to Enabled

CONFIGURATION MANAGEMENT

1.13.1.1 Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to Disabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.1.2 Ensure 'Block Trusted Zones' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.1.3 Ensure 'Display pictures and external content in HTML e-mail' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.1.4 Ensure 'Do not permit download of content from safe zones' is set to Disabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to Disabled

CONFIGURATION MANAGEMENT

1.13.2.1.2 Ensure 'Missing CRLs' is set to Enabled:Error

IDENTIFICATION AND AUTHENTICATION

1.13.2.1.3 Ensure 'Missing Root Certificates' is set to Enabled:Warning

IDENTIFICATION AND AUTHENTICATION

1.13.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to Disabled

SYSTEM AND INFORMATION INTEGRITY

1.13.2.1.5 Ensure 'Retrieving CRLs (Certificate Revocation Lists)' is set to Enabled:When online always retrieve the CRL

IDENTIFICATION AND AUTHENTICATION

1.13.2.2 Ensure 'Do not display 'Publish to GAL' button' is set to Enabled

CONFIGURATION MANAGEMENT

1.13.2.3 Ensure 'Do not provide Continue option on Encryption warning dialog boxes' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.5 Ensure 'Minimum Encryption Settings:' is set to Enabled:168

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.6 Ensure 'S/MIME interoperability with external clients' is set to Enabled:Handle internally

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.7 Ensure 'S/MIME receipt requests behavior' is set to Enabled:Never send S/MIME receipts

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.8 Ensure 'Send all signed messages as clear signed messages' is set to Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

1.13.2.9 Ensure 'Signature Warning' is set to Enabled:Always warn about invalid signatures

SYSTEM AND COMMUNICATIONS PROTECTION