| 2.1.1.3.2.4 (L1) Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.37.3.1 (L1) Ensure 'Open Office documents as read/write while browsing' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO104 - OneNote - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO107 - Excel - Open/Save actions for Excel 4 worksheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - Publisher - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO114 - Excel - Open/Save actions for Excel 2 worksheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Excel - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Publisher - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO121 - Excel - Files from the Internet zone must be opened in Protected View. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Project - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Access - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Outlook - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Publisher - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - OneNote - Data Execution Prevention must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Excel - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Outlook - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Project - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Access - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - Excel - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - OneNote - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - Publisher - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO135 - Access - Database functionality configurations must be displayed to the user. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO138 - Excel - Internet links and Network UNCs created as embedded hyperlinks must be prevented. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO146 - Excel - Trust access for VBA must be disallowed. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO152 - Excel - Load pictures from Web pages must be disallowed. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO187 - Rights managed Office Open XML files must be protected. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Project - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Excel - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Project - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO219 - Outlook - Access restriction settings for published calendars must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO227 - Outlook - Digital signatures must be allowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO236 - Outlook - The Add-In Trust Level must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO239 - Outlook - Outlook Security Mode must be configured to use Group Policy settings. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO241 - Outlook - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO246 - Outlook - Scripts in One-Off Outlook forms must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO254 - Outlook - Object Model Prompt behavior for accessing User Property Formula must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO272 - Outlook - Permit download of content from safe zones must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO278 - Outlook - Automatically configure user profile based on Active Directory primary SMTP address must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO283 - Outlook - Disabling download full text of articles as HTML must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO285 - Outlook - Do not include Internet Calendar Integration in Outlook must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO286 - Outlook - User Entries to Server List must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO292 - Excel - Document behavior if file validation fails must be set - OpenInProtectedView | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - PowerPoint - Document behavior if file validation fails must be set. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO293 - PowerPoint - Attachments opened from Outlook must be in Protected View. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO315 - Outlook - Outlook must be configured not to prompt users to choose security settings if default settings fail. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO346 - Project - Untrusted intranet zone access to Project servers must not be allowed. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO425 - Outlook - The version of Outlook running on the system must be a supported version. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WNDF-AV-000033 - Microsoft Defender AV must be configured block Office applications from creating child processes. | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
