DISA STIG Microsoft Office System 2016 v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft Office System 2016 v2r1

Updated: 5/27/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.2

Estimated Item Count: 21

File Details

Filename: DISA_STIG_Microsoft_Office_System_2016_v2r1.audit

Size: 51.3 kB

MD5: a86ae3ad6ab2d2d32b94219ba02b9e84

SHA256: ee0a4c6769c4d9e260d1cc5be59a2ccefbb6adce0a0a9e532d1b9f462f161dfd

Audit Items

Description	Categories
DISA_STIG_Microsoft_Office_System_2016_v2r1.audit from DISA Microsoft Office System 2016 v2r1 STIG
DTOO182 - The Help Improve Proofing Tools feature for Office must be configured.	CONFIGURATION MANAGEMENT
DTOO186 - Trust Bar notifications for Security messages must be enforced.	SYSTEM AND INFORMATION INTEGRITY
DTOO187 - Rights managed Office Open XML files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO188 - Document metadata for password protected files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO189 - The encryption type for password protected Open XML files must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO191 - ActiveX control initialization must be disabled.	CONFIGURATION MANAGEMENT
DTOO192 - Load controls in forms3 must be disabled from loading.	CONFIGURATION MANAGEMENT
DTOO193 - Automation Security to enforce macro level security in Office documents must be configured.	CONFIGURATION MANAGEMENT
DTOO196 - A mix of policy and user locations for Office Products must be disallowed.	CONFIGURATION MANAGEMENT
DTOO197 - Smart Documents use of Manifests in Office must be disallowed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO201 - Connection verification of permissions must be enforced.	CONFIGURATION MANAGEMENT
DTOO206 - Inclusion of document properties for PDF and XPS output must be disallowed.	CONFIGURATION MANAGEMENT
DTOO321 - Encrypt document properties must be configured for OLE documents.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online.	ACCESS CONTROL
DTOO409 - The ability to create an online presentation programmatically must be disabled.	SYSTEM AND INFORMATION INTEGRITY
DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled.	CONFIGURATION MANAGEMENT
DTOO412 - The ability to run unsecure Office web add-ins and Catalogs must be disabled.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO416 - The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.	CONFIGURATION MANAGEMENT
DTOO601 - The ability to send personal information to Office must be disabled.	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA STIG Microsoft Office System 2016 v2r1

Warning! Audit Deprecated

Audit Details

File Details

Audit Items