| 2.3.3 Ensure 'Enable automatic replies to remote domains' is set to 'False' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.6.1.3 Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.6 (L1) Ensure 'Allow hyperlinks in suspected phishing e-mail messages' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.7 (L1) Ensure 'Allow scripts in one-off Outlook forms' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.28 (L1) Ensure 'Security setting for macros' is set to 'Enabled: Warn for signed, disable unsigned' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| AIX7-00-002057 - AIX audit logs must be rotated daily. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| Allow scripts in one-off Outlook forms | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow scripts in one-off Outlook forms | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication with Exchange Server | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Configure Outlook object model prompt when sending mail | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for public folders | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for public folders | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow Outlook object model scripts to run for shared folders | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Do not allow Outlook object model scripts to run for shared folders | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO229 - Outlook must be enforced as the default email, calendar, and contacts program. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO247 - Custom Outlook Object Model (OOM) action execution prompts must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO249 - Object Model Prompt for programmatic email send behavior must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO284 - Automatic download of Internet Calendar appointment attachments must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| O365-OU-000003 - Scripts associated with public folders must be prevented from execution in Outlook. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000004 - Scripts associated with shared folders must be prevented from execution in Outlook. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000008 - Outlook must be configured to prevent users overriding attachment security settings. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | ACCESS CONTROL |
| O365-OU-000019 - Outlook must be configured to not run scripts in forms in which the script and the layout are contained within the message. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000020 - When a custom action is executed that uses the Outlook object model, Outlook must automatically deny it. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000026 - When an untrusted program attempts to send e-mail programmatically using the Outlook object model, Outlook must automatically deny it. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000011 - Open/Save of Word 2007 and later binary documents and templates must be blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Retrieving CRLs (Certificate Revocation Lists) | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Retrieving CRLs (Certificate Revocation Lists) | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Set Outlook object model custom actions execution prompt | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set Outlook object model custom actions execution prompt | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set Outlook object model custom actions execution prompt | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set Outlook object model custom actions execution prompt | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set Outlook object model custom actions execution prompt | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set Outlook object model custom actions execution prompt | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Protected View for attachments opened from Outlook - disableattachmentsinpv - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
