| 1.6.6.2.2.3 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to Disabled | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.6.2 Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.1.1 (L1) Ensure 'Do not prompt about Level 1 attachments when closing an item' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.3.6 Ensure 'Configure Outlook object model prompt when responding to meeting and task requests' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.30 (L1) Ensure 'Signature Warning' is set to 'Enabled: Always warn about invalid signatures' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure Outlook object model prompt when accessing an address book | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when accessing an address book | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt When accessing the Formula property of a UserProperty object | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt When accessing the Formula property of a UserProperty object | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when executing Save As | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when reading address information | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when responding to meeting and task requests | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when responding to meeting and task requests | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when responding to meeting and task requests | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO219 - Access restriction settings for published calendars must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO219 - Access restriction settings for published calendars must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO223 - Trust EMail from senders in receivers contact list must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO228 - Plain Text Options for outbound email must be configured - Message Plain Format Mime | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO237 - The remember password for internet e-mail accounts must be disabled. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO237 - The remember password for internet e-mail accounts must be disabled. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO244 - Level 1 file extensions must be blocked and not removed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO250 - Object Model Prompt behavior for programmatic address books must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO256 - Trusted add-ins behavior for email must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO256 - Trusted add-ins behavior for email must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO257 - S/Mime interoperability with external clients for message handling must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO265 - Warning about invalid signatures must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO267 - Retrieving of CRL data must be set for online action. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO268 - Missing Root Certificates warning must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO272 - Permit download of content from safe zones must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO272 - Permit download of content from safe zones must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO274 - Internet with Safe Zones for Picture Download must be disabled. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO276 - Always warn on untrusted macros must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO284 - Automatic download of Internet Calendar appointment attachments must be disallowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO314 - Default message format must be set to use Plain Text. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO316 - Outlook minimum encryption key length settings must be set. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO317 - Replies or forwards to signed/encrypted messages must be signed/encrypted. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO320 - Check e-mail addresses against addresses of certificates being used must be disallowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO425-Outlook13 - The version of Outlook running on the system must be a supported version. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-MB-000305 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
