DISA STIG Microsoft Office 365 ProPlus v2r5

Audit Details

Name: DISA STIG Microsoft Office 365 ProPlus v2r5

Updated: 5/27/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.0

Estimated Item Count: 317

File Details

Filename: DISA_STIG_Microsoft_Office_365_ProPlus_v2r5.audit

Size: 640 kB

MD5: 9e820d6948abfddcd2ec6bf3fbb9dd4d
SHA256: 1bb78327120009131807f676bfe701610c7ecdf22dd3979aa1008d2cdcf5577f

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Office_365_ProPlus_v2r5.audit from DISA Microsoft Office 365 ProPlus v2r5 STIG
O365-AC-000001 - Macros must be blocked from running in Access files from the Internet.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-AC-000002 - Trust Bar Notifications for unsigned application add-ins in Access must be disabled and blocked.

CONFIGURATION MANAGEMENT

O365-AC-000003 - VBA Macros not digitally signed must be blocked in Access.

CONFIGURATION MANAGEMENT

O365-AC-000004 - Allowing Trusted Locations on the network must be disabled in Access.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000001 - The Macro Runtime Scan Scope must be enabled for all documents.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000003 - The Office client must be prevented from polling the SharePoint Server for published links.

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - access

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - excel

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - infopath

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - outlook

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - powerpoint

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - project

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - publisher

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - visio

CONFIGURATION MANAGEMENT

O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications - word

CONFIGURATION MANAGEMENT

O365-CO-000005 - ActiveX Controls must be initialized in Safe Mode.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000006 - Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000007 - Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked.

CONFIGURATION MANAGEMENT

O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000009 - Office applications must be configured to specify encryption type in password-protected Office Open XML files.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000010 - Users must be prevented from creating new trusted locations in the Trust Center.

ACCESS CONTROL

O365-CO-000012 - Office applications must not load XML expansion packs with Smart Documents.

CONFIGURATION MANAGEMENT

O365-CO-000013 - The load of controls in Forms3 must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - excel.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - exprwd.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - groove.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - msaccess.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - mse7.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - mspub.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - onenote.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - outlook.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - powerpnt.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - pptview.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - spdesign.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - visio.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - winproj.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs - winword.exe

SYSTEM AND COMMUNICATIONS PROTECTION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - excel.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - exprwd.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - groove.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - msaccess.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - mse7.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - mspub.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - onenote.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - outlook.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - powerpnt.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - pptview.exe

IDENTIFICATION AND AUTHENTICATION

O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs - spdesign.exe

IDENTIFICATION AND AUTHENTICATION