| 1.1.5.3 Ensure consent to Office 365 calendar integration permissions on behalf of entire account is set to disabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 2.2.32 Ensure 'Deny log on locally' to include 'Guests' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.46 Ensure 'Increase scheduling priority' is set to 'Administrators' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.2 Ensure 'Enable OOF messages to remote domains' is set to 'None' | CIS Microsoft Exchange Server 2019 L2 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.17.4 Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop or Prompt for credentials on the secure desktop' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.39.3 (L1) Ensure 'Disable Opt-in Wizard on first run' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.21.3 Ensure 'Block Signing into Office' is set to Enabled (None allowed) | CIS Microsoft Office 2016 v1.1.0 | Windows | ACCESS CONTROL |
| 2.24.1.4 Ensure 'Send Office Feedback' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.24.1.5 Ensure 'Send personal information' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 19.7.15.1.1 Ensure 'Turn off Preview Pane' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r6 | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable the Office client from polling the SharePoint Server for published links | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable the Office client from polling the SharePoint Server for published links | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable the Office client from polling the SharePoint Server for published links | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - access | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - access | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - excel | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - infopath | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - visio | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - visio | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO184 - Office System - The Customer Experience Improvement Program for Office must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO292 - Document behavior if file validation fails must be set - openinprotectedview | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set - openinprotectedview | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO415 - The ability of the Office Telemetry Agent to periodically upload telemetry data to a shared folder must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX16-MB-000520 - Exchange must not send automated replies to remote domains. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-MB-000140 - Exchange must not send automated replies to remote domains. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| O365-PT-000012 - If file validation fails, files must be opened in Protected view in PowerPoint with ability to edit disabled. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000005 - If file validation fails, files must be opened in Protected view in Word with ability to edit disabled. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000223 The Photon operating system must not forward IPv4 or IPv6 source-routed packets. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000225 The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000226 The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000227 The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000228 The Photon operating system must log IPv4 packets with impossible addresses. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000229 The Photon operating system must use a reverse-path filter for IPv4 network traffic. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - disableeditfrompv - word | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails - openinprotectedview - word | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
