| 2.5.14.1.1 (L1) Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.2.4 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 17.7.3 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.77.10.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office - WOW6432Node | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB70-AE6D-11CF-96B8-444553540000 - Office | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control how Office handles form-based sign-in prompts | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO111 - Project - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - PowerPoint - Configuration for file validation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - Word - Configuration for file validation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Word - Scripted Window Security must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Word - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO129 - PowerPoint - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Publisher - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Word - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO139 - Word - Save files default format must be configured. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO179 - Office System - Documents must be configured to not open as Read Write when browsing. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO182 - Office System - The Help Improve Proofing Tools feature for Office must be configured. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - Office System - ActiveX control initialization must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Office System - Passwords for secured documents must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO200 - Office System - Office must be configured to not allow read with browsers. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| DTOO208 - Office System - Office client polling of Sharepoint servers published links must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| DTOO209 - PowerPoint - Protection from zone elevation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Word - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO210 - PowerPoint - Pre-release versions of file formats new to Office Products must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO210 - The opening of pre-release versions of file formats new to Excel 2013 through the Compatibility Pack for Office 2013 and Excel 2013 Converter must be blocked. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | CONFIGURATION MANAGEMENT |
| DTOO304 - Publisher - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO321 - Office System - Encrypt document properties must be configured for OLE documents. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO333 - Word - Word 2 and earlier binary documents and templates must be blocked for open/save. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO339 - Word - Word XP binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO345 - Office System - Online content options must be configured for offline content availability. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO411 - The Office Feedback tool must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| Encryption type for password protected Office 97-2003 files | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office 97-2003 files | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000260 - Exchange must not send automated replies to remote domains. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Set document behavior if file validation fails - disableeditfrompv - excel | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - openinprotectedview - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set document behavior if file validation fails- openinprotectedview - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
