DISA STIG Office 2010 Outlook v1r13

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Office 2010 Outlook v1r13

Updated: 4/30/2025

Authority: DISA STIG

Plugin: Windows

Revision: 1.7

Estimated Item Count: 86

File Details

Filename: DISA_STIG_Microsoft_Outlook_2010_v1r13.audit

Size: 140 kB

MD5: 780ed16bd761dd48ce7030eff038e12b
SHA256: 3bb3ef66b98434c71d04ffad3c0aebd0d6607a2824379533c84441df15c18e30

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Outlook_2010_v1r13.audit for DISA Microsoft Outlook 2010 STIG v1r13 STIG
DTOO104 - Outlook - Disable user name and password syntax from being used in URLs
DTOO111 - Outlook - Enabling IE Bind to Object functionality must be present.
DTOO117 - Outlook - Saved from URL mark to assure Internet zone processing must be enforced.
DTOO123 - Outlook - Navigation to URL's embedded in Office products must be blocked.
DTOO124 - Outlook - Scripted Window Security must be enforced.
DTOO126 - Outlook - Add-on Management functionality must be allowed.
DTOO128 - Outlook - Data Execution Prevention must be enforced.
DTOO129 - Outlook - Links that invoke instances of IE from within an Office product must be blocked.
DTOO132 - Outlook - File Downloads must be configured for proper restrictions.
DTOO209 - Outlook - Protection from zone elevation must be enforced.
DTOO211 - Outlook - ActiveX Installs must be configured for proper restriction.
DTOO214 - Outlook - Read EMail as plain text must be enforced.
DTOO215 - Outlook - Read signed email as plain text must be enforced.
DTOO216 - Outlook - Publishing calendars to Office Online must be prevented.
DTOO217 - Outlook - Publishing to a Web Distributed and Authoring (DAV) server must be prevented.
DTOO218 - Outlook - Level of calendar details that a user can publish must be restricted.
DTOO219 - Outlook - Access restriction settings for published calendars must be configured.
DTOO220 - Outlook - Upload method for publishing calendars to Office Online must be restricted.
DTOO221 - Outlook - Junk Mail UI must be configured.
DTOO223 - Outlook - Trust EMail from senders in receiver's contact list must be enforced.
DTOO224 - Outlook - Recipients of sent email must be unable to be added to the safe sender's list.
DTOO225 - Outlook - Outlook Dial-up options to Warn user before allowing switch in dial-up access must be configured.
DTOO226 - Outlook - Dial-up and Hang up Options for Outlook must be configured.
DTOO227 - Outlook - Digital signatures must be allowed.
DTOO228 - Outlook - Plain Text Options for outbound email must be configured - Message Plain Format Mime
DTOO228 - Outlook - Plain Text Options for outbound email must be configured - PlainWrapLen
DTOO229 - Outlook - Outlook must be enforced as the default email, calendar, and contacts program.
DTOO230 - Outlook - Folders in non-default stores, set as folder home pages, must be disallowed.
DTOO231 - Outlook - Dragging Unicode eMail messages to file system must be disallowed.
DTOO232 - Outlook - Outlook Object Model scripts must be disallowed to run for shared folders.
DTOO233 - Outlook - Outlook Object Model scripts must be disallowed to run for public folders.
DTOO234 - Outlook - Active X One-Off forms must be configured.
DTOO236 - Outlook - The Add-In Trust Level must be configured.
DTOO237 - Outlook - The 'remember password' for internet e-mail accounts must be disabled.
DTOO238 - Outlook - Users customizing attachment security settings must be prevented.
DTOO239 - Outlook - Outlook Security Mode must be configured to use Group Policy settings.
DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed.
DTOO241 - Outlook - Action to demote an EMail Level 1 attachment to Level 2 must be configured.
DTOO242 - Outlook - Prompting behavior for Level 1 attachments on sending must be configured.
DTOO243 - Outlook - Level 1 attachment close behaviors must be configured.
DTOO244 - Outlook - Level 1 file extensions must be blocked and not removed.
DTOO245 - Outlook - Level 2 file extensions must be blocked and not removed.
DTOO246 - Outlook - Scripts in One-Off Outlook forms must be disallowed.
DTOO247 - Outlook - Custom Outlook Object Model (OOM) action execution prompts must be configured.
DTOO249 - Outlook - Object Model Prompt for programmatic email send behavior must be configured.
DTOO250 - Outlook - Object Model Prompt behavior for programmatic address books must be configured.
DTOO251 - Outlook - Object Model Prompt behavior for programmatic access of user address data must be configured.
DTOO252 - Outlook - Object Model Prompt behavior for Meeting and Task Responses must be configured.
DTOO253 - Outlook - Object Model Prompt behavior for the SaveAs method must be configured.