| 1.2.1.3 Ensure 'Information Bar' is set to Enabled - onent.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.4 Ensure 'Bind to Object' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - mse7.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - mspub.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - msaccess.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - onent.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - spDesign.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.8 Ensure 'Scripted Window Security Restrictions' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.8 Ensure 'Scripted Window Security Restrictions' is set to Enabled - visio.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.8 Ensure 'Scripted Window Security Restrictions' is set to Enabled - winproj.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - exprwd.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - mse7.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - mspub.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - winproj.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.5.1.1 (L1) Ensure 'Add-on Management' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5.1.7 (L1) Ensure 'Mime Sniffing Safety Feature' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.5.1.14 (L1) Ensure 'Scripted Window Security Restrictions' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1.3.2.2 (L1) Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1.3.2.4 (L1) Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.1.2 (L1) Ensure 'Ask to update automatic links' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.1.1 (L1) Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.4.1 (L1) Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.9 (L1) Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.19.5 (L1) Ensure 'Prevent users from changing permissions on rights managed content' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.24.2 (L1) Ensure 'Block opening of pre-release versions of file formats new to PowerPoint 2016 through the Compatibility Pack for Office 2016 and PowerPoint 2016 Converter' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.7 (L1) Ensure 'Automation Security' is set to 'Enabled: Disable Macros by default' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.13 (L1) Ensure 'Encryption type for password protected Office 97-2003 files' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.31.2 (L1) Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.37.3.1 (L1) Ensure 'Open Office documents as read/write while browsing' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.1.2 Ensure 'Disable UI Extending from Documents and Templates' is set to Enabled - InfoPath | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.7.2.1.2 (L1) Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.4 (L1) Ensure 'Word 2003 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.6 (L1) Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.8 (L1) Ensure 'Word 97 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.2.5 (L1) Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.7.2.4 (L1) Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.8 (L1) Ensure 'Scan encrypted macros in Word Open XML Documents' to 'Enabled: Scan encrypted macros (default)' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.17.2 Ensure 'Never Allow Users to Specify Groups When Restricting Permission for Documents' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | ACCESS CONTROL |
| 2.24.1.1 Ensure 'Disable Opt-in Wizard on First Run' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.24.1.5 Ensure 'Send personal information' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.25.8 Ensure 'Encryption Type for Password Protected Office Open XML Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.25.12 Ensure 'Automation Security' is set to Enabled (Disable Macros by Default) | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.26.2 Ensure 'Disable The Office Client From Polling The SharePoint Server For Published Links' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.9 Enable Kernel Level Auditing - Check audit policies is set to arge,argv,cnt | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.9 Enable Kernel Level Auditing, Check if 'flags:lo,ad,cc' is set in /etc/security/audit_control. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
