| 2.2.4.7.2.3.5 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.28.2 Ensure 'Disable the Office client from polling the SharePoint Server for published links' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.2.3 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.24.1.1 Ensure 'Disable Opt-in Wizard on First Run' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 20.31 Ensure 'Host-based firewall is installed and enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control how Office handles form-based sign-in prompts | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control how Office handles form-based sign-in prompts | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO110 - Excel - Blocking as default file block opening behavior must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - Project - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO115 - Excel - Open/Save actions for Excel 3 macrosheets and add-in files must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO116 - Excel - Open/Save actions for Excel 3 worksheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Word - Scripted Window Security must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Access - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Word - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO128 - Access - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - PowerPoint - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Publisher - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO130 - Access - Configuration for enabling of hyperlinks must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Publisher - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Word - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - Access - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO137 - Access - Prompts to convert older databases must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO139 - Word - Save files default format must be configured. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO179 - Office System - Documents must be configured to not open as Read Write when browsing. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - Office System - ActiveX control initialization must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Office System - Passwords for secured documents must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - PowerPoint - Protection from zone elevation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Word - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set - DisableEditFromPV | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Publisher - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO323 - Publisher - The Publisher Automation Security Level must be configured for high security. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO333 - Word - Word 2 and earlier binary documents and templates must be blocked for open/save. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO339 - Word - Word XP binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO345 - Office System - Online content options must be configured for offline content availability. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - excel | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - openinprotectedview - excel | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - excel | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview powerpoint | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview word | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
