| 1.1.3.2.2 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to Enabled | CIS Microsoft Office Access 2013 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.3.2.2 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to Enabled | CIS Microsoft Office Access 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - exprwd.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - msaccess.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.6 Ensure 'Require That Application Add-ins are Signed by Trusted Publisher' is set to Enabled | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.18 Ensure 'Protect document metadata for rights managed Office Open XML Files' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 Set 'Enable OOF messages to remote domains' to 'None' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.140 - The HBSS McAfee Agent is not installed. - masvc | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| Disable all Trust Bar notifications for security issues | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO130 - The configuration for enabling of hyperlinks must be enforced | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File Downloads must be configured for proper restrictions | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO135 - Database functionality configurations must be displayed to the user | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - ActiveX control initialization must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO201 - Connection verification of permissions must be enforced. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | ACCESS CONTROL |
| DTOO211 - ActiveX Installs must be configured for proper restriction | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO212 - Blogging entries created from inside Office products must be configured for SharePoint only. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO345 - Online content options must be configured for offline content availability. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| DTOO409 - The ability to create an online presentation programmatically must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO409 - The ability to create an online presentation programmatically must be disabled. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-AC-000001 - Macros must be blocked from running in Access files from the Internet. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000016 - User name and password must be disabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000022 - Protection from zone elevation must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000024 - File Download Restriction must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000025 - The Save from URL feature must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000001 - The Exchange client authentication with Exchange servers must be enabled to use Kerberos Password Authentication. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-OU-000004 - Scripts associated with shared folders must be prevented from execution in Outlook. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000006 - The junk email protection level must be set to No Automatic Filtering. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-OU-000007 - Active X One-Off forms must only be enabled to load with Outlook Controls. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000013 - Outlook must be configured to allow retrieving of Certificate Revocation Lists (CRLs) always when online. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-OU-000014 - The Outlook Security Mode must be enabled to always use the Outlook Security Group Policy. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-OU-000022 - When a user designs a custom form in Outlook and attempts to bind an Address Information field to a combination or formula custom field, Outlook must automatically deny it. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000024 - When an untrusted program attempts to gain access to a recipient field, such as the, To: field, using the Outlook object model, Outlook must automatically deny it. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000027 - Outlook must be configured to not allow hyperlinks in suspected phishing messages. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-PT-000002 - The ability to run programs from PowerPoint must be disabled. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-PT-000009 - Files downloaded from the Internet must be opened in Protected view in PowerPoint. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-PU-000003 - Publisher must disable all unsigned VBA macros. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-VI-000001 - VBA Macros not digitally signed must be blocked in Visio. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-VI-000006 - Visio 5.0 or earlier Binary Drawings, Templates and Stencils must be blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-VI-000007 - Macros must be blocked from running in Visio files from the Internet. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000001 - Word must automatically disable unsigned add-ins without informing users. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-WD-000003 - Files downloaded from the Internet must be opened in Protected view in Word. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000004 - Files located in unsafe locations must be opened in Protected view in Word. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000006 - Word attachments opened from Outlook must be in Protected View. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000018 - VBA Macros not digitally signed must be blocked in Word. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| SQL6-D0-004300 - SQL Server must be configured to generate audit records for DoD-defined auditable events within all DBMS/database components. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
