| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.11.8.7.2.2.3 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 19.7.15.1.2 Ensure 'Turn on off details pane' is set to 'Enabled: Always hide' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.31 Ensure 'Host-based firewall is installed and enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control how Office handles form-based sign-in prompts | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO104 - Excel - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - OneNote - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO120 - Excel - Open/Save actions for Web pages and Excel 2003 XML spreadsheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Outlook - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Excel - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Excel - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Outlook - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - Excel - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO139 - Excel - Save files default format must be configured. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO141 - Excel - AutoRepublish Warning Alert must be provided. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO145 - Excel - Macro storage must be in Personal macro workbooks. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO150 - Excel - Update of automatic links must be configured to prompt. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO183 - Office System - The Opt-In Wizard must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO209 - OneNote - Protection from zone elevation must be enforced. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Outlook - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO210 - Excel - Pre-release versions of file formats new to Office Products must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO214 - Outlook - Read EMail as plain text must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO217 - Outlook - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO220 - Upload method for publishing calendars to Office Online must be restricted. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO231 - Outlook - Dragging Unicode eMail messages to file system must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO244 - Outlook - Level 1 file extensions must be blocked and not removed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO245 - Outlook - Level 2 file extensions must be blocked and not removed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO249 - Outlook - Object Model Prompt for programmatic email send behavior must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO250 - Outlook - Object Model Prompt behavior for programmatic address books must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO251 - Outlook - Object Model Prompt behavior for programmatic access of user address data must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO253 - Outlook - Object Model Prompt behavior for the SaveAs method must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO268 - Outlook - Missing Root Certificates warning must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO273 - Outlook - IE Trusted Zones assumed 'trusted' must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO275 - Outlook - Intranet with Safe Zones for automatic picture downloads must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO279 - Outlook - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO281 - Outlook - RSS feed synchronization with Common Feed List must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO284 - Outlook - Automatic download of Internet Calendar appointment attachments must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - Excel - Files in unsafe locations must be opened in Protected View. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO317 - Outlook - Replies or forwards to signed/encrypted messages must be signed/encrypted. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
