| 2.2.4.7.2.2.1 (L1) Ensure 'dBase III /IV files' is set to 'Enable: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.2 (L1) Ensure 'Dif and Sylk files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.23.2 Ensure 'Block opening of pre-release versions of file formats new to PowerPoint 2016 through the Compatibility Pack for Office 2016 and PowerPoint 2016 Converter' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.1.1 Ensure 'PowerPoint 97-2003 presentations, shows, templates and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.1.2 Ensure 'Set default file block behavior' to 'Enabled: Blocked files are not opened' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.3 (L1) Ensure 'Word 2000 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.7 (L1) Ensure 'Word 95 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.9 Ensure 'Word XP binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.2 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 3b576869-a4ec-4529-8536-b80a7769e899 | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 5beb7efe-fd9a-4556-801d-275e5ffc04cc | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 56a863a9-875e-4185-98a7-b882c64b5ce5 | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84 | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84 | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 26190899-1602-49e8-8b27-eb1d0a1ce869 | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 26190899-1602-49e8-8b27-eb1d0a1ce869 | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - 26190899-1602-49e8-8b27-eb1d0a1ce869 | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - c1db55ab-c21a-4637-bb3f-a12568109d35 | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - c1db55ab-c21a-4637-bb3f-a12568109d35 | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688a | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688a | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - d4f940ab-401b-4efc-aadc-ad5f3c50688a | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - e6db77e5-3df2-4cf1-b95a-636979351e5b | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - ExploitGuard_ASR_Rules | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - ExploitGuard_ASR_Rules | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Attack Surface Reduction rules - ExploitGuard_ASR_Rules | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTOO143 - Excel - File types must be configured to provide mismatch warnings. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO150 - Excel - Update of automatic links must be configured to prompt. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Turn off routine remediation | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
