Detections
Analytics
DTOO262 - Outlook - Run in FIPS compliant mode must be enforced.
Information
Outlook can run in a mode that complies with Federal Information Processing Standards (FIPS), a set of standards published by the National Institute of Standards and Technology (NIST) for use by non-military United States government agencies and by government contractors.By default, Outlook does not run in FIPS-compliant mode. Organizations that do business with the U.S. government but do not run Outlook in FIPS-compliant mode risk violating the government's rules regarding the handling of sensitive information.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Cryptography 'Run in FIPS compliant mode' to 'Enabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2010_V1R14_STIG.zip
Item Details
Audit Name: DISA Microsoft Outlook 2010 STIG v1r14
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-7, CAT|II, CCI|CCI-000803, Rule-ID|SV-33565r1_rule, STIG-ID|DTOO262, Vuln-ID|V-17787
Plugin: Windows
Control ID: e272e86e925c57bf6253319f89d190a1eb6aece0909ef2b9f3832c720d418057