DISA STIG Office System 2010 v1r5

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Office System 2010 v1r5

Updated: 10/27/2021

Authority: DISA STIG

Plugin: Windows

Revision: 1.14

Estimated Item Count: 39

File Details

Filename: DISA_STIG_MS_Office_System_2010.audit

Size: 44.5 kB

MD5: cdcd75ce59c27f54856abf07c25851a6

SHA256: b9726c239aa026be905bf9544b246f1c6c51bd352bb70a777baff145fef40289

Audit Items

Description	Categories
DISA_STIG_MS_Office_System_2010.audit for MS Office System, from DISA Office 2010 STIG, v1r5 10.26.2012
DTOO177 - Access to updates, add-ins, and patches on Office.com must be disabled.	CONFIGURATION MANAGEMENT
DTOO178 - Upload of document templates to Office Online must be prevented.	CONFIGURATION MANAGEMENT
DTOO179 - Documents must be configured to not open as Read Write when browsing.	CONFIGURATION MANAGEMENT
DTOO180 - Vector markup Language (VML) for displaying graphics in browsers must be disallowed.	CONFIGURATION MANAGEMENT
DTOO181 - Choice of output to include PNG (Portable Network Graphics) must be disallowed.	CONFIGURATION MANAGEMENT
DTOO182 - The Help Improve Proofing Tools feature for Office must be configured.	CONFIGURATION MANAGEMENT
DTOO183 - The Opt-In Wizard must be disabled.	CONFIGURATION MANAGEMENT
DTOO184 - The Customer Experience Improvement Program for Office must be disabled.	CONFIGURATION MANAGEMENT
DTOO185 - Automatic receiving of small updates to improve reliability must be disallowed.	CONFIGURATION MANAGEMENT
DTOO186 - Trust Bar notifications for Security messages must be enforced.	SYSTEM AND INFORMATION INTEGRITY
DTOO187 - Rights managed Office Open XML files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO188 - Document metadata for password protected files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO189 - The encryption type for password protected Open XML files must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO191 - ActiveX control initialization must be disabled.	CONFIGURATION MANAGEMENT
DTOO192 - Load controls in forms3 must be disabled from loading.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO193 - Automation Security to enforce macro level security in Office documents must be configured.	CONFIGURATION MANAGEMENT
DTOO194 - Hyperlink warnings for Office must be configured for use.	SYSTEM AND INFORMATION INTEGRITY
DTOO195 - Passwords for secured documents must be enforced.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO196 - A mix of policy and user locations for Office Products must be disallowed.	CONFIGURATION MANAGEMENT
DTOO197 - Smart Documents use of Manifests in Office must be disallowed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO198 - The Internet Fax Feature must be disabled.	ACCESS CONTROL
DTOO199 - Changing permissions on rights managed content for users must be enforced.	ACCESS CONTROL
DTOO200 - Office must be configured to not allow read with browsers.	ACCESS CONTROL
DTOO201 - Connection verification of permissions must be enforced.	CONFIGURATION MANAGEMENT
DTOO202 - Microsoft passport Service for content must be disallowed.	CONFIGURATION MANAGEMENT
DTOO203 - Legacy format signatures must be enabled.	CONFIGURATION MANAGEMENT
DTOO204 - External Signature Services Menu for Office must be suppressed.	CONFIGURATION MANAGEMENT
DTOO206 - Inclusion of document properties for PDF and XPS output must be disallowed.	CONFIGURATION MANAGEMENT
DTOO207 - Document Information panel Beaconing must show UI.	CONFIGURATION MANAGEMENT
DTOO208 - Office client polling of Sharepoint servers published links must be disabled.	CONFIGURATION MANAGEMENT
DTOO212 - Blogging entries created from inside Office products must be configured for Sharepoint only.	CONFIGURATION MANAGEMENT
DTOO306 - Hyperlinks to web templates in File \| New and task panes must be disabled.	CONFIGURATION MANAGEMENT
DTOO307 - Office Live Workspace Integration must be off.	CONFIGURATION MANAGEMENT
DTOO311 - Key Usage Filtering must be allowed.	CONFIGURATION MANAGEMENT
DTOO312 - Customer-submitted templates downloads from Office.com must be disallowed.	CONFIGURATION MANAGEMENT
DTOO321 - Encrypt document properties must be configured for OLE documents.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO345 - Online content options must be configured for offline content availability.	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA STIG Office System 2010 v1r5

Warning! Audit Deprecated

Audit Details

File Details

Audit Items