| 1.8.7.2.6 Ensure 'Require That Application Add-ins Are Signed By Trusted Publisher' to Enabled | CIS Microsoft Office Word 2016 v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.9.1 (L1) Ensure 'Document Information Panel Beaconing UI' is set to 'Enabled: Always show UI' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.2.4 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.7.1 Ensure 'Document Information Panel Beaconing UI' is set to Enabled (Always show UI) | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control how Office handles form-based sign-in prompts | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control how Office handles form-based sign-in prompts | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control how Office handles form-based sign-in prompts | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO111 - Project - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - PowerPoint - Configuration for file validation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - Word - Configuration for file validation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - OneNote - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Outlook - Scripted Window Security must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Word - Scripted Window Security must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Access - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Word - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO128 - Access - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - PowerPoint - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO130 - Access - Configuration for enabling of hyperlinks must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Publisher - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Word - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - Access - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - InfoPath - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO137 - Access - Prompts to convert older databases must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO139 - Word - Save files default format must be configured. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO157 - InfoPath - Redirection behavior for upgraded web sites by SharePoint must be blocked. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO168 - InfoPath - Disabling sending form templates with the email forms must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO169 - InfoPath - Dynamic caching of InfoPath eMail forms must be disabled. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO172 - InfoPath - Disabling email forms from the Internet Security Zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO179 - Office System - Documents must be configured to not open as Read Write when browsing. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO182 - Office System - The Help Improve Proofing Tools feature for Office must be configured. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - Office System - ActiveX control initialization must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - PowerPoint - Protection from zone elevation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Word - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - OneNote - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Outlook - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO215 - Outlook - Read signed email as plain text must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO220 - Outlook - Upload method for publishing calendars to Office Online must be restricted. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO296 - InfoPath - Disabling opening forms with managed code from the Internet security zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Publisher - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO309 - InfoPath - The InfoPath APTCA Assembly Allowable List must be enforced. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO321 - Office System - Encrypt document properties must be configured for OLE documents. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO323 - Publisher - The Publisher Automation Security Level must be configured for high security. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO333 - Word - Word 2 and earlier binary documents and templates must be blocked for open/save. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO339 - Word - Word XP binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO345 - Office System - Online content options must be configured for offline content availability. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO406 - The ability to automatically hyperlink screenshots within Word, PowerPoint, Excel and Outlook must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - openinprotectedview - powerpoint | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
