| 1.1.5.1 Ensure 'Automatically download attachments' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.1 Ensure 'Check to disable users from adding entries to server list' is set to Enabled:Publish default, disallow others | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.4.2.3 Ensure 'Plain Text Options' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.6.1.3 Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.9.6.1.5 Ensure 'Use Unicode format when dragging e-mail message to file system' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.1.3 Ensure 'Display pictures and external content in HTML e-mail' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.1.4 Ensure 'Do not permit download of content from safe zones' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.2 Ensure 'Do not display 'Publish to GAL' button' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.2.6 Ensure 'S/MIME interoperability with external clients' is set to Enabled:Handle internally | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.7 Ensure 'S/MIME receipt requests behavior' is set to Enabled:Never send S/MIME receipts | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.2.1 Ensure 'Allow scripts in one-off Outlook forms' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.2.2 Ensure 'Outlook Object Model Custom Actions Execution Prompt' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.4.1 Ensure 'Allow hyperlinks in suspected phishing e-mail messages' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.13.4.3 Ensure 'Security Setting for Macros' is set to Enabled:Never warn, disable all | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.5 Ensure 'Allow Active X One Off Forms' is set to Enabled:Load only Outlook Controls | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.6 Ensure 'Configure Add-In Trust Level' is set to Enabled:Trust all loaded and installed COM addins | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.7 Ensure 'Disable 'Remember password' for Internet e-mail accounts' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.13.7 Ensure 'Disable 'Remember password' for Internet e-mail accounts' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.13.8 Ensure 'Do not automatically sign replies' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.9 Ensure 'Prevent users from customizing attachment security settings' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.12 Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.10.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.11.1 Ensure 'Turn off Outlook Social Connector' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.4 Ensure 'Outlook Security Mode' is set to 'Enabled: Use Outlook Security Group Policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.3.5 (L1) Ensure 'Allow Active X One Off Forms' is set to 'Enabled: Load only Outlook Controls' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.18 (L1) Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.23 (L1) Ensure 'Outlook Security Policy' is set to 'Use Outlook Security Group Policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure Outlook object model prompt when sending mail | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Management_Interface_(VAMI)_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_User_Interface_(UI)_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | |
| Do not allow Outlook object model scripts to run for public folders | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for public folders | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for public folders | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for public folders | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for shared folders | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Do not allow Outlook object model scripts to run for shared folders | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Do not allow Outlook object model scripts to run for shared folders | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO239 - Outlook Security Mode must be configured to use Group Policy settings. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO246 - Scripts in One-Off Outlook forms must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO344 - Outlook Rich Text options must be set for converting to plain text format. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO344 - Outlook Rich Text options must be set for converting to plain text format. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| Encryption mode for Information Rights Management (IRM) | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | |
| Retrieving CRLs (Certificate Revocation Lists) | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Set Outlook object model custom actions execution prompt | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
