| 2.5.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.8.1.2.2 Ensure 'Prevent publishing to a DAV server' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.2.1.5 Ensure 'Retrieving CRLs (Certificate Revocation Lists)' is set to 'Enabled: When online always retrieve the CRL' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.5.14.3.17 (L1) Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.26 (L1) Ensure 'Remove file extensions blocked as Level 2' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Authentication with Exchange Server | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Configure Outlook object model prompt when accessing an address book | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when executing Save As | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when executing Save As | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when executing Save As | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when reading address information | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File Downloads must be configured for proper restrictions. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX Installs must be configured for proper restriction. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX installs must be configured for proper restrictions. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO214 - Read EMail as plain text must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO214 - Read EMail as plain text must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO234 - ActiveX One-Off forms must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO236 - The Add-In Trust Level must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO243 - The prompt to display level 1 attachments must be disallowed when closing an item. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO244 - Level 1 file extensions must be blocked and not removed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO246 - Scripts in One-Off Outlook forms must be disallowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO249 - Object Model Prompt for programmatic email send behavior must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO250 - Object Model Prompt behavior for programmatic address books must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO254 - Object Model Prompt behavior for accessing User Property Formula must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO257 - S/Mime interoperability with external clients for message handling must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO264 - Send all signed messages as clear signed messages must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO266 - Automatic sending s/Mime receipt requests must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO271 - Automatic download content for email in Safe Senders list must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO274 - Internet with Safe Zones for Picture Download must be disabled. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO275 - Intranet with Safe Zones for automatic picture downloads must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO277 - Hyperlinks in suspected phishing email messages must be disallowed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO282 - RSS Feeds must be disallowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO285 - Internet calendar integration in Outlook must be disabled. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO285 - Internet calendar integration in Outlook must be disabled. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO315 - Outlook must be configured not to prompt users to choose security settings if default settings fail. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO316 - Outlook minimum encryption key length settings must be set. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO425 - Text in Outlook that represents internet and network paths must not be automatically turned into hyperlinks. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| Junk E-mail protection level | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Remove file extensions blocked as Level 1 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Remove file extensions blocked as Level 1 | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Turn off Protected View for attachments opened from Outlook - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Use Unicode format when dragging e-mail message to file system | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Use Unicode format when dragging e-mail message to file system | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Use Unicode format when dragging e-mail message to file system | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
