CIS MS Office Outlook 2010 v1.0.0

Audit Details

Name: CIS MS Office Outlook 2010 v1.0.0

Updated: 4/25/2022

Authority: CIS

Plugin: Windows

Revision: 1.17

Estimated Item Count: 102

File Details

Filename: CIS_MS_Outlook_2010_v1.0.0.audit

Size: 315 kB

Audit Items

DescriptionCategories
1.1 Set 'Restrict level of calendar details users can publish' to 'Enabled:Disables 'Full details' and 'Limited details''

CONFIGURATION MANAGEMENT

1.2 Set 'Allow Active X One Off Forms' to 'Enabled:Load only Outlook Controls'

SYSTEM AND COMMUNICATIONS PROTECTION

1.3 Set 'Access to published calendars' to 'Enabled'

ACCESS CONTROL

1.4 Set 'Allow hyperlinks in suspected phishing e- mail messages' to 'Disabled'

SYSTEM AND INFORMATION INTEGRITY

1.5 Set 'Allow scripts in one- off Outlook forms' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Set 'Apply macro security settings to macros, add- ins and additional actions' to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.7 Set 'Automatically download attachments' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 Set 'Automatically download content for e- mail from people in Safe Senders and Safe Recipients Lists' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 Set 'Automatically wrap text at <x> characters.' to 'Disabled'

CONFIGURATION MANAGEMENT

1.10 Set 'Block Trusted Zones' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.11 Set 'Check to disable users from adding entries to server list' to 'Enabled:Publish default, disallow others'

CONFIGURATION MANAGEMENT

1.12 Set 'Disable the Office client from polling the SharePoint Server for published links' to 'Enabled'

CONFIGURATION MANAGEMENT

1.13 Set 'Display pictures and external content in HTML e- mail' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.14 Set 'Do not allow folders in non- default stores to be set as folder home pages' to 'Enabled'

CONFIGURATION MANAGEMENT

1.15 Set 'Do not allow Outlook object model scripts to run for public folders' to 'Enabled'

CONFIGURATION MANAGEMENT

1.16 Set 'Do not allow Outlook object model scripts to run for shared folders' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.17 Set 'Do not include Internet Calendar integration in Outlook' to 'Enabled'

CONFIGURATION MANAGEMENT

1.18 Set 'Do not permit download of content from safe zones' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.19 Set 'Download full text of articles as HTML attachments' to 'Disabled'

CONFIGURATION MANAGEMENT

1.20 Set 'Encode attachments in UUENCODE format' to 'Disabled'

CONFIGURATION MANAGEMENT

1.21 Set 'Prevent publishing to a DAV server' to 'Enabled'

CONFIGURATION MANAGEMENT

1.22 Set 'Prevent publishing to Office.com' to 'Enabled'

ACCESS CONTROL

1.23 Set 'Prevent users from customizing attachment security settings' to 'Enabled'

SYSTEM AND INFORMATION INTEGRITY

1.24 Set 'Read e- mail as plain text' to 'Enabled'

CONFIGURATION MANAGEMENT

1.25 Set 'Read signed e- mail as plain text' to 'Enabled'

CONFIGURATION MANAGEMENT

1.26 Set 'Remove file extensions blocked as Level 1' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.27 Set 'Remove file extensions blocked as Level 2' to 'Disabled'

SYSTEM AND COMMUNICATIONS PROTECTION

1.28 Set 'Restrict upload method' to 'Enabled'

ACCESS CONTROL

1.29 Set 'Security Level' to 'Enabled:Never warn, disable all'

SYSTEM AND COMMUNICATIONS PROTECTION

1.30 Set 'Synchronize Outlook RSS Feeds with Common Feed List' to 'Disabled'

CONFIGURATION MANAGEMENT

1.31 Set 'Turn off Data Execution Prevention' to 'Disabled'

CONFIGURATION MANAGEMENT

1.32 Set 'Use the following format for e- mail messages:' to 'Enabled:Plain Text'

CONFIGURATION MANAGEMENT

1.33 Set 'Use this format:' to 'Enabled:Convert to Plain Text format'

CONFIGURATION MANAGEMENT

1.34 Set 'Use Unicode format when dragging e- mail message to file system' to 'Disabled'

CONFIGURATION MANAGEMENT

1.35 Set 'When executing a custom action:' to 'Enabled:Automatically Deny'

CONFIGURATION MANAGEMENT

2.1 Set 'Retrieving CRLs (Certificate Revocation Lists):' to 'Enabled:When online always retrieve the CRL'

IDENTIFICATION AND AUTHENTICATION

2.2 Set 'Behavior for handling S/MIME messages:' to 'Enabled:Handle internally'

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Set 'Do not allow signatures for e- mail messages' to 'Disabled'

CONFIGURATION MANAGEMENT

2.4 Set 'Do not automatically sign replies' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Set 'Do not check e- mail address against address of certificates being used' to 'Disabled'

IDENTIFICATION AND AUTHENTICATION

2.6 Set 'Do not display 'Publish to GAL' button' to 'Enabled'

CONFIGURATION MANAGEMENT

2.7 Set 'Do not provide Continue option on Encryption warning dialog boxes' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Set 'Enable RPC encryption' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Set 'Enter the Secure Folder path' to 'Disabled'

CONFIGURATION MANAGEMENT

2.10 Set 'Handle messages with S/MIME receipt requests in the following manner:' to 'Enabled:Never send S/MIME receipts'

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Set 'Indicate a missing CRL as a(n):' to 'Enabled:Error'

IDENTIFICATION AND AUTHENTICATION

2.12 Set 'Indicate a missing root certificate as a(n):' to 'Enabled:Warning'

IDENTIFICATION AND AUTHENTICATION

2.13 Set 'Minimum key size (in bits):' to 'Enabled:168'

SYSTEM AND COMMUNICATIONS PROTECTION

2.14 Set 'Promote Level 2 errors as errors, not warnings' to 'Disabled'

SYSTEM AND INFORMATION INTEGRITY

2.15 Set 'Send all signed messages as clear signed messages' to 'Enabled'

SYSTEM AND COMMUNICATIONS PROTECTION