| 2.2.45 Ensure 'Increase scheduling priority' is set to 'Administrators' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.45 Ensure 'Increase scheduling priority' is set to 'Administrators' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.46 Ensure 'Increase scheduling priority' is set to 'Administrators' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.17.4 Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop or Prompt for credentials on the secure desktop' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.39.3 (L1) Ensure 'Disable Opt-in Wizard on first run' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.29.1 Ensure 'Suppress External Signature Service' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.6 Set 'Disable UI extending from documents and templates: Disallow in Outlook' to 'Enabled:True' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 19.7.15.1.1 Ensure 'Turn off Preview Pane' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control how Office handles form-based sign-in prompts | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable the Office client from polling the SharePoint Server for published links | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO187 - Rights managed Office Open XML files must be protected. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO200 - Office System - Office must be configured to not allow read with browsers. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| DTOO210 - PowerPoint - Pre-release versions of file formats new to Office Products must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO292 - Document behavior if file validation fails must be set - DisableEditFromPV | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO402 - The Enable Updates and Disable Updates options in the UI must be hidden from users. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO411 - The Office Feedback tool must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO415 - The ability of the Office Telemetry Agent to periodically upload telemetry data to a shared folder must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| Encryption type for password protected Office 97-2003 files | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office 97-2003 files | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-EX-000033 - Files failing file validation must be opened in Excel in Protected view mode and disallow edits. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Require that application add-ins are signed by Trusted Publisher - excel | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - excel | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Set document behavior if file validation fails - disableeditfrompv - excel | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - excel | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - openinprotectedview - excel | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - excel | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - powerpoint | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - word | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails- disableeditfrompv - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
