| 1.1 Set 'Restrict level of calendar details users can publish' to 'Enabled:Disables 'Full details' and 'Limited details'' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.4.1.3 Ensure 'Consistent Mime Handling' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.4.1.5 Ensure 'Information Bar' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.4.1.11 Ensure 'Restrict ActiveX Install' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.4.1.12 Ensure 'Restrict File Download' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.5.2 Ensure ask users to integrate Office 365 calendar when they sign in is set to disabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.5.4 Ensure enforce OAuth 2.0 for Office 365 calendar integration is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.3.4 (L1) Ensure 'User owned apps and services' is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 1.3.4 (L1) Ensure 'User owned apps and services' is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 1.4.7.2.2.1 Ensure 'Turn Off Protected View For Attachments Opened from Outlook' is set to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.2.1 Ensure 'Turn Off Protected View For Attachments Opened from Outlook' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.4 Ensure 'Trust Access To Visual Basic Project' is set to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.4 Ensure 'Trust Access To Visual Basic Project' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.3 Ensure 'Turn Off File Validation' is set to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.2.3 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.2.2.3 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to Disabled | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.2.5 Ensure 'Trust Access to Visual Basic Project' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.5 Ensure 'Trust Access to Visual Basic Project' is set to Disabled | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.8.7.2.2.3 Ensure 'Turn Off Protected View for Attachments Opened From Outlook' is set to Disabled | CIS Microsoft Office Word 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.7.2.2.3 Ensure 'Turn Off Protected View for Attachments Opened From Outlook' is set to Disabled | CIS Microsoft Office Word 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.25.1.1 Ensure 'Allow users to submit feedback to Microsoft' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.3.4 Ensure 'Allow mix of policy and user locations' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.5 (L1) Ensure 'Allow Basic Authentication prompts from network proxies' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.6.3 (L1) Ensure 'Make Outlook the default program for E-mail, Contacts, and Calendar' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.4 (L1) Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.4 (L1) Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.51.1.2 Ensure 'Enable Windows NTP Client' is set to 'Enabled: DoD time server' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 Ensure 'Enable Windows NTP Client' is set to 'Enabled: DoD time server' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.24 Ensure 'Domain Controllers run on a machine dedicated to that function' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| DTOO110 - Blocking as default file block opening behavior must be enforced. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO110 - Blocking as default file block opening behavior must be enforced. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000315 - Exchange must not send delivery reports to remote domains. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000320 - Exchange must not send nondelivery reports to remote domains. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000630 - Exchange must not send delivery reports to remote domains. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000640 - Exchange must not send nondelivery reports to remote domains. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000021 - Exchange auto-forwarding email to remote domains must be disabled or restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX19-MB-000230 - Exchange must not send delivery reports to remote domains. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000231 - Exchange must not send nondelivery reports to remote domains. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-000300 - SQL Server must maintain and support organization-defined security labels on stored information. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL4-00-031900 - When supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in storage. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | ACCESS CONTROL |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-013400 - SQL Server must generate audit records when successful and unsuccessful attempts to add privileges/permissions occur. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| Turn off file validation - enableonload - excel | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off file validation - enableonload - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off file validation - enableonload - word | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off file validation - excel | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off file validation - powerpoint | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000045 - The system must be configured to use Safe DLL Search Mode. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
