| 1.3.1 Ensure 'Block Flash activation in Office documents' is set to 'Enabled: Block all activation' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.8.7.2.6 Ensure 'Require That Application Add-ins Are Signed By Trusted Publisher' to Enabled | CIS Microsoft Office Word 2013 v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.24.1.3 Ensure 'Allow including screenshot with Office Feedback' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO104 - Excel - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Project - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - OneNote - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Project - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO120 - Excel - Open/Save actions for Web pages and Excel 2003 XML spreadsheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Outlook - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Excel - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Project - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Project 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Publisher - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO128 - Excel - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Outlook - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - Excel - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO139 - Excel - Save files default format must be configured. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO141 - Excel - AutoRepublish Warning Alert must be provided. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO145 - Excel - Macro storage must be in Personal macro workbooks. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO146 - PowerPoint - Trust access for VBA must be disallowed. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO150 - Excel - Update of automatic links must be configured to prompt. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO209 - OneNote - Protection from zone elevation must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Outlook - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Publisher - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO214 - Outlook - Read EMail as plain text must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO217 - Outlook - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO231 - Outlook - Dragging Unicode eMail messages to file system must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO244 - Outlook - Level 1 file extensions must be blocked and not removed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO245 - Outlook - Level 2 file extensions must be blocked and not removed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO249 - Outlook - Object Model Prompt for programmatic email send behavior must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO250 - Outlook - Object Model Prompt behavior for programmatic address books must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO251 - Outlook - Object Model Prompt behavior for programmatic access of user address data must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO253 - Outlook - Object Model Prompt behavior for the SaveAs method must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO268 - Outlook - Missing Root Certificates warning must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO273 - Outlook - IE Trusted Zones assumed 'trusted' must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO275 - Outlook - Intranet with Safe Zones for automatic picture downloads must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO279 - Outlook - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO281 - Outlook - RSS feed synchronization with Common Feed List must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO284 - Outlook - Automatic download of Internet Calendar appointment attachments must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - Excel - Files in unsafe locations must be opened in Protected View. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - PowerPoint - Files in unsafe locations must be opened in Protected View. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO291 - PowerPoint - Automatic download of linked images must be disallowed. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO317 - Outlook - Replies or forwards to signed/encrypted messages must be signed/encrypted. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO999 - Publisher - The version of Microsoft Publisher running on the system must be a supported version. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - powerpoint | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - access | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - publisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
