DISA STIG Office 2010 Outlook v1r5

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Office 2010 Outlook v1r5

Updated: 10/27/2021

Authority: DISA STIG

Plugin: Windows

Revision: 1.21

Estimated Item Count: 86

File Details

Filename: DISA_STIG_MS_Office_Outlook_2010.audit

Size: 90.5 kB

MD5: 294695eef882b770ff7d90ca79126fb8

SHA256: bb42a99081d962ea0de48e43cc8b79b54ce4e508df7bcee2ebf86e75b6d8782d

Audit Items

Description	Categories
DISA_STIG_MS_Office_Outlook_2010.audit for MS Outlook, from DISA Office 2010 STIG, v1r5 10.26.2012
DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced.	CONFIGURATION MANAGEMENT
DTOO111 - Enabling IE Bind to Object functionality must be present.	CONFIGURATION MANAGEMENT
DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced.	CONFIGURATION MANAGEMENT
DTOO123 - Navigation to URL's embedded in Office products must be blocked.	CONFIGURATION MANAGEMENT
DTOO124 - Scripted Window Security must be enforced.	CONFIGURATION MANAGEMENT
DTOO126 - Add-on Management functionality must be allowed.	CONFIGURATION MANAGEMENT
DTOO128 - Data Execution Prevention must be enforced.	CONFIGURATION MANAGEMENT
DTOO129 - Links that invoke instances of IE from within an Office product must be blocked.	CONFIGURATION MANAGEMENT
DTOO132 - File Downloads must be configured for proper restrictions.	CONFIGURATION MANAGEMENT
DTOO209 - Protection from zone elevation must be enforced.	CONFIGURATION MANAGEMENT
DTOO211 - ActiveX Installs must be configured for proper restriction.	CONFIGURATION MANAGEMENT
DTOO214 - Read EMail as plain text must be enforced.	CONFIGURATION MANAGEMENT
DTOO215 - Read signed email as plain text must be enforced.	CONFIGURATION MANAGEMENT
DTOO216 - Publishing calendars to Office Online must be prevented.	ACCESS CONTROL
DTOO217 - Publishing to a Web Distributed and Authoring (DAV) server must be prevented.	CONFIGURATION MANAGEMENT
DTOO218 - Level of calendar details that a user can publish must be restricted.	CONFIGURATION MANAGEMENT
DTOO219 - Access restriction settings for published calendars must be configured.	ACCESS CONTROL
DTOO220 - Upload method for publishing calendars to Office Online must be restricted.	ACCESS CONTROL
DTOO221 - Junk Mail UI must be configured.	SYSTEM AND INFORMATION INTEGRITY
DTOO223 - Trust EMail from senders in receiver's contact list must be enforced.	CONFIGURATION MANAGEMENT
DTOO224 - Recipients of sent email must be unable to be added to the safe sender's list.	CONFIGURATION MANAGEMENT
DTOO225 - Outlook Dial-up options to Warn user before allowing switch in dial-up access must be configured.	CONFIGURATION MANAGEMENT
DTOO226 - Dial-up and Hang up Options for Outlook must be configured.	CONFIGURATION MANAGEMENT
DTOO227 - Digital signatures must be allowed.	CONFIGURATION MANAGEMENT
DTOO228 - Plain Text Options for outbound email must be configured.
DTOO229 - Outlook must be enforced as the default email, calendar, and contacts program.	CONFIGURATION MANAGEMENT
DTOO230 - Folders in non-default stores, set as folder home pages, must be disallowed.	CONFIGURATION MANAGEMENT
DTOO231 - Dragging Unicode eMail messages to file system must be disallowed.	CONFIGURATION MANAGEMENT
DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders.	CONFIGURATION MANAGEMENT
DTOO234 - Active X One-Off forms must be configured.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO236 - The Add-In Trust Level must be configured.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO237 - The 'remember password' for internet e-mail accounts must be disabled.	IDENTIFICATION AND AUTHENTICATION
DTOO238 - Users customizing attachment security settings must be prevented.	SYSTEM AND INFORMATION INTEGRITY
DTOO239 - Outlook Security Mode must be configured to use Group Policy settings.	CONFIGURATION MANAGEMENT
DTOO240 - The ability to display level 1 attachments must be disallowed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured.	CONFIGURATION MANAGEMENT
DTOO242 - Prompting behavior for Level 1 attachments on sending must be configured.	CONFIGURATION MANAGEMENT
DTOO243 - Level 1 attachment close behaviors must be configured.	CONFIGURATION MANAGEMENT
DTOO244 - Level 1 file extensions must be blocked and not removed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO245 - Level 2 file extensions must be blocked and not removed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO246 - Scripts in One-Off Outlook forms must be disallowed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO247 - Custom Outlook Object Model (OOM) action execution prompts must be configured.	CONFIGURATION MANAGEMENT
DTOO249 - Object Model Prompt for programmatic email send behavior must be configured.	CONFIGURATION MANAGEMENT
DTOO250 - Object Model Prompt behavior for programmatic address books must be configured.	CONFIGURATION MANAGEMENT
DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured.	CONFIGURATION MANAGEMENT
DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured.	CONFIGURATION MANAGEMENT
DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured.	CONFIGURATION MANAGEMENT
DTOO254 - Object Model Prompt behavior for accessing User Property Formula must be configured.	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA STIG Office 2010 Outlook v1r5

Warning! Audit Deprecated

Audit Details

File Details

Audit Items