DISA STIG Microsoft InfoPath 2013 v1r5

Audit Details

Name: DISA STIG Microsoft InfoPath 2013 v1r5

Updated: 4/25/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.8

Estimated Item Count: 24

File Details

Filename: DISA_STIG_Microsoft_InfoPath_2013_v1r5.audit

Size: 42 kB

MD5: d8fd8afaf9998d16d1678fcacf02138f
SHA256: d1432968bc57501f45820dc0651876905dc1f2bed67f384d8c70b4914ccd540a

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_InfoPath_2013_v1r5.audit from DISA STIG Microsoft InfoPath 2013 v1r5
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.

CONFIGURATION MANAGEMENT

DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked.

CONFIGURATION MANAGEMENT

DTOO133 - All automatic loading from Trusted Locations must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO156 - Offline Mode capability to cache queries for offline mode must be configured.

CONFIGURATION MANAGEMENT

DTOO157 - Redirection behavior for upgraded web sites by SharePoint must be blocked.

SYSTEM AND INFORMATION INTEGRITY

DTOO158 - Disabling the opening of solutions from the Internet Security Zone must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO159 - Disabling of Fully Trusted Solutions access to computers must be configured.

CONFIGURATION MANAGEMENT

DTOO160 - Unsafe file types must be prevented from being attached to InfoPath forms.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO164 - Beaconing UI shown for opened forms must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO165 - Beaconing of UI forms with ActiveX controls must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO167 - Opening behavior for Email forms containing code or scripts must be controlled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO168 - Disabling sending form templates with the email forms must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO169 - Disable dynamic caching of the form template in InfoPath eMail forms.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO170 - InfoPath 2003 forms as email forms in InfoPath 2013 must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO171 - Disabling email forms running in Restricted Security Level must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO172 - Disabling email forms from the Internet Security Zone must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO173 - Disabling of email forms from the Full Trust Security Zone must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO176 - Email with InfoPath forms must be configured to show UI to recipients.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO294 - InfoPath must be enforced to not use email forms from the Intranet security zone.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO295 - InfoPath email forms in Outlook must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO296 - Disabling opening forms with managed code from the Internet security zone must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO297 - A form that is digitally signed must be displayed with a warning.

CONFIGURATION MANAGEMENT

DTOO309 - The InfoPath APTCA Assembly Allowable List must be enforced.

CONFIGURATION MANAGEMENT