| 2.1.1.3.2.4 (L1) Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.12.1.2 Ensure 'Disable UI extending from documents and templates' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-003002 - The macOS system must enable certificate for smartcards. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003025 - The macOS system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts. | DISA STIG Apple macOS 11 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-003020 The macOS system must enforce smart card authentication. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-000033 - The macOS system must disable FileVault automatic login. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| APPL-15-003020 - The macOS system must enforce smart card authentication. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003030 - The macOS system must allow smart card authentication. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Block macros from running in Office files from the internet - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the Internet - blockcontentexecutionfrominternet - access | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block macros from running in Office files from the internet - blockcontentexecutionfrominternet - access | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - infopath | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - access | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - excel | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - infopath | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - outlook | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - publisher | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - toolbars | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - visio | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - noextensibilitycustomizationfromdocument - word | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - outlook | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - powerpoint | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - project | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - publisher | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - visio | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable UI extending from documents and templates - word | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO219 - Access restriction settings for published calendars must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO219 - Outlook - Access restriction settings for published calendars must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO409 - The ability to create an online presentation programmatically must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO409 - The ability to create an online presentation programmatically must be disabled. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| JBOS-AS-000080 - The JBoss server must generate log records for access and authentication events to the management interface. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
