| 1.1.1.1 (L1) Ensure 'Block Flash activation in Office documents' is set to 'Enabled: Block all activation' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.4.1.8 Ensure 'Navigate URL' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.26 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.24.2 Ensure 'Remove Office Presentation Service from the list of online presentation services in PowerPoint and Word' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.27.18 (L1) Ensure 'Protect document metadata for rights managed Office Open XML Files' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.27.19 (L1) Ensure 'Suppress hyperlink warnings' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.1.23 Set 'Suppress hyperlink warnings' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.140 - The HBSS McAfee Agent is not installed. - FrameworkService | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.140 - The HBSS McAfee Agent is not installed. - masvc | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB6E-AE6D-11CF-96B8-444553540000 - office 16.0 - 64-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - office - 32-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| Disable all Trust Bar notifications for security issues | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Disable all Trust Bar notifications for security issues | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO186 - Trust Bar notifications for Security messages must be enforced. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - ActiveX control initialization must be disabled. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO196 - A mix of policy and user locations for Office Products must be disallowed. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO201 - Connection verification of permissions must be enforced. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | ACCESS CONTROL |
| DTOO209 - Protection from zone elevation must be enforced | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Warning Bar settings for VBA macros must be configured | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO321 - Encrypt document properties must be configured for OLE documents. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO345 - Online content options must be configured for offline content availability. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| O365-AC-000002 - Trust Bar Notifications for unsigned application add-ins in Access must be disabled and blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-CO-000013 - The load of controls in Forms3 must be blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-CO-000017 - The Information Bar must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000020 - Navigate URL must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000021 - Object Caching Protection must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-CO-000022 - Protection from zone elevation must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000023 - ActiveX installation restriction must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000026 - Scripted Windows Security restrictions must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000027 - Flash player activation must be disabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000002 - Outlook must use remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-OU-000005 - Files dragged from an Outlook e-mail to the file system must be created in ANSI format. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-OU-000008 - Outlook must be configured to prevent users overriding attachment security settings. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | ACCESS CONTROL |
| O365-OU-000011 - The minimum encryption key length in Outlook must be at least 168. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000015 - The ability to demote attachments from Level 2 to Level 1 must be disabled. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000023 - When an untrusted program attempts to use the Save As command to programmatically save an item, Outlook must automatically deny it. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-PR-000002 - Project must automatically disable unsigned add-ins without informing users. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-PT-000005 - Encrypted macros in PowerPoint Open XML presentations must be scanned. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-004300 - SQL Server must be configured to generate audit records for DoD-defined auditable events within all DBMS/database components. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
