| 5.003 - Booting into alternate operating systems is permitted. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office 16.0 - WOW6432Node | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - Office - WOW6432Node | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB70-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Publisher - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - PowerPoint - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - Word - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Access - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Word - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - PowerPoint - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Publisher - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Access - Scripted Window Security must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Project - Scripted Window Security must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Publisher - Scripted Window Security must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Project - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Publisher - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Access - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Word - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - Project - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - Word - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO134 - Word - Disallowance of Trusted Locations on the network must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO139 - PowerPoint - Save files default format must be configured. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO156 - InfoPath - Offline Mode capability to cache queries for offline mode must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO158 - InfoPath - Disabling the opening of solutions from the Internet Security Zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO159 - InfoPath - Disabling of Fully Trusted Solutions access to computers must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO201 - Office System - Connection verification of permissions must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| DTOO210 - Word - Pre-release versions of file formats new to Office Products must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO211 - PowerPoint - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Publisher - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO262 - Outlook - Run in FIPS compliant mode must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO265 - Outlook - Warning about invalid signatures must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO269 - Outlook - Attachments using generated name for secure temporary folders must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO271 - Outlook - Automatic download content for email in Safe Senders list must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO276 - Outlook - Always warn on untrusted macros must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO277 - Outlook - Hyperlinks in suspected phishing e-mail messages must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO280 - Outlook - Authentication with Exchange Server must be required. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO292 - Word - Document behavior if file validation fails must be set - OpenInProtectedView | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Access - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO304 - PowerPoint - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO319 - PowerPoint - The configuration for Slide Update with counterparts must be disallowed. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO322 - Publisher - Fatally corrupt files must be blocked from opening. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO337 - Word - Word 95 binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO344 - Outlook - Outlook Rich Text options must be set for converting to plain text format. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO999 - PowerPoint - The version of PowerPoint running on the system must be a supported version. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO999 - Project - The version of Microsoft Project running on the system must be a supported version. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO999 - Word - The version of Microsoft Word running on the system must be a supported version. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND INFORMATION INTEGRITY |
