| 1.9.6.3 Ensure 'Make Outlook the default program for E-mail, Contacts, and Calendar' is set to Enabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled' | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.6.3 (L1) Ensure 'Make Outlook the default program for E-mail, Contacts, and Calendar' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.10.8.1.2.4 (L1) Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.5 (L1) Ensure 'Restrict upload method' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | ACCESS CONTROL |
| 2.5.14.3.15 (L1) Ensure 'Display Level 1 attachments' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.1.3 Configure 'Disable VBA for Office applications' - (Machine- level Configuration) | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.1.4 Set 'Allow users to demote attachments to Level 2' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.10 Set 'Make Outlook the default program for E- mail, Contacts, and Calendar' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.11 Set 'Never allow users to specify groups when restricting permission for documents' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | ACCESS CONTROL |
| 22.17 (L1) Ensure 'ASR: Block Office communication application from creating child processes' is set to 'Audit' or higher | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 22.17 (L1) Ensure 'ASR: Block Office communication application from creating child processes' is set to 'Audit' or higher | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Allow users to demote attachments to Level 2 | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DISA_STIG_Crunchy_Data_PostgreSQL_v3r1_OS_Linux.audit from DISA Crunchy Data PostgreSQL v3r1 STIG | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | |
| DISA_STIG_Microsoft_Edge_v2r2.audit from DISA Microsoft Edge v2r2 STIG | DISA STIG Edge v2r2 | Windows | |
| DISA_STIG_Microsoft_OneDrive_v2r3.audit from DISA Microsoft OneDrive v2r3 STIG | DISA STIG Microsoft OneDrive v2r3 | Windows | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_Database.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_OS_Linux.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Linux | Unix | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_OS_Windows.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Windows | Windows | |
| DISA_STIG_Oracle_Database_12c_v3r2_Database.audit from DISA Oracle Database 12c v3r2 STIG | DISA STIG Oracle 12c v3r2 Database | OracleDB | |
| DISA_STIG_Oracle_Database_12c_v3r2_OS_Linux.audit from DISA Oracle Database 12c v3r2 STIG | DISA STIG Oracle 12c v3r2 Linux | Unix | |
| DISA_STIG_Oracle_Database_12c_v3r2_OS_Windows.audit from DISA Oracle Database 12c v3r2 STIG | DISA STIG Oracle 12c v3r2 Windows | Windows | |
| DISA_STIG_Oracle_MySQL_8.0_v2r2_Database.audit from DISA Oracle MySQL 8.0 v2r2 STIG | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | |
| DISA_STIG_Oracle_MySQL_8.0_v2r2_OS_Linux.audit from DISA Oracle MySQL 8.0 v2r2 STIG | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | |
| DISA_STIG_SLES_12_v3r2.audit from DISA SLES 12 v3r2 STIG | DISA SLES 12 STIG v3r2 | Unix | |
| DTOO119 - Excel - Configuration for file validation must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - PowerPoint - Configuration for file validation must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO119 - Word - Configuration for file validation must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO218 - Outlook - Level of calendar details that a user can publish must be restricted. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO221 - Outlook - Junk Mail UI must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO224 - Outlook - Recipients of sent email must be unable to be added to the safe sender's list. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO226 - Outlook - Dial-up and Hang up Options for Outlook must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO229 - Outlook - Outlook must be enforced as the default email, calendar, and contacts program. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO230 - Outlook - Folders in non-default stores, set as folder home pages, must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO237 - Outlook - The 'remember password' for internet e-mail accounts must be disabled. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO247 - Outlook - Custom Outlook Object Model (OOM) action execution prompts must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO252 - Outlook - Object Model Prompt behavior for Meeting and Task Responses must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO267 - Outlook - Retrieving of CRL data must be set for online action. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO270 - Outlook - External content and pictures in HTML eMail must be displayed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO282 - Outlook - RSS Feeds must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO314 - Outlook - Default message format must be set to use Plain Text. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO425 - Text in Outlook that represents Internet and network paths must not be automatically turned into hyperlinks. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| O365-OU-000015 - The ability to demote attachments from Level 2 to Level 1 must be disabled. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000017 - Level 1 file attachments must be blocked from being delivered. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
