| 2.2.39 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.32.1 Ensure 'Disable Smart Document's use of manifests' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.25.6 Ensure 'Protect Document Metadata for Password Protected Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - d3e037e1-3eb8-44c8-a917-57927947596d | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.5.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured - d4f940ab-401b-4efc-aadc-ad5f3c50688a | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.6.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.21 Ensure 'DoD Root Certificate Authority (CA) certificates' are installed in the 'Trusted Root Store' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.21 Ensure 'DoD Root Certificate Authority (CA) certificates' are installed in the 'Trusted Root Store' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.40 Ensure 'Only Administrators have Administrator rights on the system' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.48 Ensure 'Permissions for the Application Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.62 Ensure 'Telnet Client is not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ActiveX Control Initialization | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ActiveX Control Initialization | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Automation Security | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft OneDrive v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO507 - Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - powerpoint - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND SERVICES ACQUISITION |
| VBA Macro Notification Settings - powerpoint - vbarequiredigsigwithcodesigningeku | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - publisher - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND SERVICES ACQUISITION |
| VBA Macro Notification Settings - publisher - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbadigsigtrustedpublishers - visio | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequiredigsigwithcodesigningeku - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequiredigsigwithcodesigningeku - publisher | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequiredigsigwithcodesigningeku - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - visio | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - access | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - access | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - publisher | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - word | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - visio - vbadigsigtrustedpublishers | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - visio - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - word - vbarequirelmtrustedpublisher | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
