DISA STIG Microsoft Excel 2013 v1r8

Audit Details

Name: DISA STIG Microsoft Excel 2013 v1r8

Updated: 8/19/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.0

Estimated Item Count: 50

File Details

Filename: DISA_STIG_Microsoft_Excel_2013_v1r8.audit

Size: 92.5 kB

MD5: e7151f716d1016dda4e59fa8d25b57be
SHA256: 80cb6b7acd851d8d9f2be4b4c4d3a92b83b0648a7ffbdb5e13dd252a6977c742

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Excel_2013_v1r8.audit from DISA Microsoft Excel 2013 v1r8 STIG
DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO105 - Open/Save actions for Excel 4 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO106 - Open/Save actions for Excel 4 workbooks must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO107 - Open/Save actions for Excel 4 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO108 - Actions for Excel 95 workbooks must be configured to edit in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO109 - Actions for Excel 95-97 workbooks and templates must be configured to edit in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO110 - Blocking as default file block opening behavior must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO111 - Internet Explorer Bind to Object functionality must be enabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO112 - Open/Save actions for Dif and Sylk files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO113 - Open/Save actions for Excel 2 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO114 - Open/Save actions for Excel 2 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO115 - Open/Save actions for Excel 3 macrosheets and add-in files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO116 - Open/Save actions for Excel 3 worksheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO119 - Configuration for file validation must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO120 - Open/Save actions for web pages and Excel 2003 XML spreadsheets must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO121 - Files from the Internet zone must be opened in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO122 - Open/Save actions for dBase III / IV files must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO123 - Navigation to URLs embedded in Office products must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO124 - Scripted Window Security must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO126 - Add-on Management functionality must be allowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.

CONFIGURATION MANAGEMENT

DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked.

CONFIGURATION MANAGEMENT

DTOO132 - File downloads must be configured for proper restrictions.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO133 - All automatic loading from trusted locations must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO134 - Disallowance of trusted locations on the network must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO138 - Internet links and Network UNCs created as embedded hyperlinks must be prevented.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO139 - The Save commands default file format must be configured.

CONFIGURATION MANAGEMENT

DTOO140 - Automatic republish to web pages must be disallowed.

CONFIGURATION MANAGEMENT

DTOO141 - The AutoRepublish warning alert must be provided.

CONFIGURATION MANAGEMENT

DTOO142 - The scanning of encrypted macros in open XML documents must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO143 - File types must be configured to provide mismatch warnings

SYSTEM AND INFORMATION INTEGRITY

DTOO145 - Macro storage must be in personal macro workbooks.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO146 - Trust access for VBA must be disallowed.

CONFIGURATION MANAGEMENT

DTOO150 - The Update of automatic links setting must be configured to prompt user before allowing links to be updated.

SYSTEM AND INFORMATION INTEGRITY

DTOO152 - The loading of images from web pages must not be allowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Protection from zone elevation must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO210 - The opening of pre-release versions of file formats new to Excel 2013 through the Compatibility Pack for Office 2013 and Excel 2013 Converter must be blocked.

CONFIGURATION MANAGEMENT

DTOO211 - ActiveX Installs must be configured for proper restriction.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO288 - Files in unsafe locations must be opened in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Document behavior if file validation fails must be set - DisableEditFromPV

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Document behavior if file validation fails must be set - OpenInProtectedView

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO293 - Excel attachments opened from Outlook must be in Protected View.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO304 - Warning Bar settings for VBA macros must be configured.

CONFIGURATION MANAGEMENT

DTOO418 - WEBSERVICE functions must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO419 - Corrupt workbook options must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO600 - Macros must be blocked from running in Office 2013 files from the Internet.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO999-Excel13 - The version of Excel running on the system must be a supported version.

SYSTEM AND INFORMATION INTEGRITY