| 1.1.2.3 Ensure 'Authentication with Exchange server.' is set to 'Enabled:Kerberos/NTLM Password Authentication' | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.2.6 Ensure 'Enable RPC encryption' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.1 Ensure 'Automatically download attachments' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.6.1 Ensure 'Download full text of articles as HTML attachments' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.6.2 Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.6.3 Ensure 'Turn Off RSS Feature' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.4.2.2 Ensure 'Outlook Rich Text Options' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.4.2.2 Ensure 'Outlook Rich Text Options' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.9.6.3 Ensure 'Make Outlook the default program for E-mail, Contacts, and Calendar' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.1.2.2 Ensure 'Prevent publishing to a DAV server' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.1.2.3 Ensure 'Prevent publishing to Office.com' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | ACCESS CONTROL |
| 1.9.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to Enabled:Disables 'Full details' and 'Limited details' | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.1.2.5 Ensure 'Restrict upload method' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | ACCESS CONTROL |
| 1.9.8.3.4 Ensure 'Read signed e-mail as plain text' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.3.4 Ensure 'Read signed e-mail as plain text' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.4.2 Ensure 'Hide Junk Mail UI' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.9.8.4.4 Ensure 'Trust e-mail from contacts' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.8.4.4 Ensure 'Trust e-mail from contacts' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.9.11 Ensure 'Internet and Network Paths into Hyperlinks' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.10.2 Ensure 'Turn Off Outlook Social Connector' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.1.1 Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.1.1 Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.1.2 Ensure 'Block Trusted Zones' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.2.1.5 Ensure 'Retrieving CRLs (Certificate Revocation Lists)' is set to Enabled:When online always retrieve the CRL | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.13.2.2 Ensure 'Do not display 'Publish to GAL' button' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.2.3 Ensure 'Do not provide Continue option on Encryption warning dialog boxes' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.6 Ensure 'S/MIME interoperability with external clients' is set to Enabled:Handle internally | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.9 Ensure 'Signature Warning' is set to Enabled:Always warn about invalid signatures | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.1.1 Ensure 'Allow users to demote attachments to Level 2' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.1.3 Ensure 'Do not prompt about Level 1 attachments when closing an item' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.1.5 Ensure 'Remove file extensions blocked as Level 1' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.1.5 Ensure 'Remove file extensions blocked as Level 1' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.1.6 Ensure 'Remove file extensions blocked as Level 2' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled' | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled' | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.2 Ensure 'Configure Outlook object model prompt when accessing an address book:' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.2 Ensure 'Configure Outlook object model prompt when accessing an address book:' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.3 'Configure Outlook object model prompt When accessing the Formula property of a UserProperty object:' is Enabled:Auto Deny | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.4 Ensure 'Configure Outlook object model prompt when executing Save As:' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.5 Ensure 'Configure Outlook object model prompt when reading address information:' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.6 Ensure 'Configure Outlook object model prompt when responding to meeting and task requests:' is set to Enabled:Automatically Deny | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.4.1 Ensure 'Allow hyperlinks in suspected phishing e-mail messages' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.13.5 Ensure 'Allow Active X One Off Forms' is set to Enabled:Load only Outlook Controls | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.8 Ensure 'Do not automatically sign replies' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.9 Ensure 'Prevent users from customizing attachment security settings' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.13.10 Ensure 'Prompt User To Choose Security Settings If Default settings Fail' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
