DISA STIG Office 2010 Excel v1r11

Audit Details

Name: DISA STIG Office 2010 Excel v1r11

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.2

Estimated Item Count: 47

File Details

Filename: DISA_STIG_Microsoft_Excel_2010_v1r11.audit

Size: 86.8 kB

MD5: cb1c2a228a02c9fdb381baa46deeab4c
SHA256: d44775a5954097befafedba3d831a91fce146d3dce32d617f9c6a96370e211bc

Audit Items

DescriptionCategories
DTOO104 - Excel - Disabling of user name and password syntax from being used in URLs must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO105 - Excel - Open/Save actions for Excel 4 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO106 - Excel - Open/Save actions for Excel 4 workbooks must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO107 - Excel - Open/Save actions for Excel 4 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO108 - Excel - Actions for Excel 95 workbooks must be configured to edit in protected view.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO109 - Excel - Actions for Excel 95-97 workbooks and templates must be configured to edit in protected view.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO110 - Excel - Blocking as default file block opening behavior must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO111 - Excel - Enabling IE Bind to Object functionality must be present.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO112 - Excel - Open/Save actions for Dif and Sylk files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO113 - Excel - Open/Save actions for Excel 2 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO114 - Excel - Open/Save actions for Excel 2 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO115 - Excel - Open/Save actions for Excel 3 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO116 - Excel - Open/Save actions for Excel 3 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO117 - Excel - Saved from URL mark to assure Internet zone processing must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO118 - Excel - Corrupt workbook options must be disallowed.

CONFIGURATION MANAGEMENT

DTOO119 - Excel - Configuration for file validation must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO120 - Excel - Open/Save actions for Web pages and Excel 2003 XML spreadsheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO121 - Excel - Files from the Internet zone must be opened in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO122 - Excel - Open/Save actions for dBase III / IV files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO123 - Excel - Navigation to URL's embedded in Office products must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO124 - Excel - Scripted Window Security must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO126 - Excel - Add-on Management functionality must be allowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO127 - Excel - Application add-ins must be signed by Trusted Publisher.

CONFIGURATION MANAGEMENT

DTOO128 - Excel - Data Execution Prevention must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO129 - Excel - Links that invoke instances of IE from within an Office product must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO131 - Excel - Trust Bar Notifications for unsigned application add-ins must be blocked.

CONFIGURATION MANAGEMENT

DTOO132 - Excel - File Downloads must be configured for proper restrictions.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO133 - Excel - All automatic loading from Trusted Locations must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO134 - Excel - Disallowance of Trusted Locations on the network must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO138 - Excel - Internet links and Network UNCs created as embedded hyperlinks must be prevented.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO139 - Excel - Save files default format must be configured.

CONFIGURATION MANAGEMENT

DTOO140 - Excel - Automatic republish to web pages must be disallowed.

CONFIGURATION MANAGEMENT

DTOO141 - Excel - AutoRepublish Warning Alert must be provided.

CONFIGURATION MANAGEMENT

DTOO142 - Excel - Force encrypted macros to be scanned in open XML documents must be determined and configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO143 - Excel - File types must be configured to provide mismatch warnings.

SYSTEM AND INFORMATION INTEGRITY

DTOO145 - Excel - Macro storage must be in Personal macro workbooks.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO146 - Excel - Trust access for VBA must be disallowed.

CONFIGURATION MANAGEMENT

DTOO150 - Excel - Update of automatic links must be configured to prompt.

SYSTEM AND INFORMATION INTEGRITY

DTOO152 - Excel - Load pictures from Web pages must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Excel - Protection from zone elevation must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO210 - Excel - Pre-release versions of file formats new to Office Products must be blocked.

CONFIGURATION MANAGEMENT

DTOO211 - Excel - ActiveX Installs must be configured for proper restriction.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO288 - Excel - Files in unsafe locations must be opened in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Excel - Document behavior if file validation fails must be set - DisableEditFromPV

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Excel - Document behavior if file validation fails must be set - OpenInProtectedView

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO293 - Excel - Attachments opened from Outlook must be in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO304 - Excel - Warning Bar settings for VBA macros must be configured.

CONFIGURATION MANAGEMENT