| 1.3.3 Ensure 'Maximum lifetime for user ticket' is set to '10 or fewer hours, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.6.6.6.6 (L1) Ensure 'Turn off file validation' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.64 Ensure 'TFTP Client' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| DTOO110 - Excel - Blocking as default file block opening behavior must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - Project - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO115 - Excel - Open/Save actions for Excel 3 macrosheets and add-in files must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO116 - Excel - Open/Save actions for Excel 3 worksheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - PowerPoint - Configuration for file validation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - OneNote - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Excel - Scripted Window Security must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Outlook - Scripted Window Security must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Excel - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO129 - PowerPoint - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Excel - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Publisher - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO133 - InfoPath - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO142 - Excel - Force encrypted macros to be scanned in open XML documents must be determined and configured. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO157 - InfoPath - Redirection behavior for upgraded web sites by SharePoint must be blocked. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO168 - InfoPath - Disabling sending form templates with the email forms must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO169 - InfoPath - Dynamic caching of InfoPath eMail forms must be disabled. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO172 - InfoPath - Disabling email forms from the Internet Security Zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - PowerPoint - Protection from zone elevation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - OneNote - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Outlook - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO215 - Outlook - Read signed email as plain text must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO228 - Outlook - Plain Text Options for outbound email must be configured - Message Plain Format Mime | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO233 - Outlook - Outlook Object Model scripts must be disallowed to run for public folders. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO234 - Outlook - Active X One-Off forms must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO238 - Outlook - Users customizing attachment security settings must be prevented. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO256 - Outlook - Trusted add-ins behavior for eMail must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO264 - Outlook - All signed messages as clear signed messages must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO266 - Outlook - Automatic sending s/Mime receipt requests must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO274 - Outlook - Internet with Safe Zones for Picture Download must be disabled. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO296 - InfoPath - Disabling opening forms with managed code from the Internet security zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Publisher - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO309 - InfoPath - The InfoPath APTCA Assembly Allowable List must be enforced. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO313 - Outlook - Automatically downloading enclosures on RSS must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO316 - Outlook - Outlook minimum encryption key length settings must be set. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO320 - Outlook - Check e-mail addresses against addresses of certificates being used must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO321 - Office System - Encrypt document properties must be configured for OLE documents. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO323 - Publisher - The Publisher Automation Security Level must be configured for high security. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO345 - Office System - Online content options must be configured for offline content availability. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - publisher | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - visio | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - visio | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - visio | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Require that application add-ins are signed by Trusted Publisher - requireaddinsig - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
