DISA STIG Microsoft InfoPath 2013 v1r4

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft InfoPath 2013 v1r4

Updated: 7/2/2018

Authority: DISA STIG

Plugin: Windows

Revision: 1.2

Estimated Item Count: 23

Audit Items

Description	Categories
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.	SYSTEM AND INFORMATION INTEGRITY
DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO133 - All automatic loading from Trusted Locations must be disabled.	CONFIGURATION MANAGEMENT
DTOO156 - Offline Mode capability to cache queries for offline mode must be configured.	CONFIGURATION MANAGEMENT
DTOO157 - Redirection behavior for upgraded web sites by SharePoint must be blocked.	CONFIGURATION MANAGEMENT
DTOO158 - Disabling the opening of solutions from the Internet Security Zone must be configured.	CONFIGURATION MANAGEMENT
DTOO159 - Disabling of Fully Trusted Solutions access to computers must be configured.	CONFIGURATION MANAGEMENT
DTOO160 - Unsafe file types must be prevented from being attached to InfoPath forms.	SYSTEM AND INFORMATION INTEGRITY
DTOO164 - Beaconing UI shown for opened forms must be configured.	CONFIGURATION MANAGEMENT
DTOO165 - Beaconing of UI forms with ActiveX controls must be enforced.	CONFIGURATION MANAGEMENT
DTOO167 - Opening behavior for Email forms containing code or scripts must be controlled.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO168 - Disabling sending form templates with the email forms must be configured.	CONFIGURATION MANAGEMENT
DTOO169 - Disable dynamic caching of the form template in InfoPath eMail forms.	CONFIGURATION MANAGEMENT
DTOO170 - InfoPath 2003 forms as email forms in InfoPath 2013 must be disallowed.	CONFIGURATION MANAGEMENT
DTOO171 - Disabling email forms running in Restricted Security Level must be configured.	CONFIGURATION MANAGEMENT
DTOO172 - Disabling email forms from the Internet Security Zone must be configured.	CONFIGURATION MANAGEMENT
DTOO173 - Disabling of email forms from the Full Trust Security Zone must be configured.	CONFIGURATION MANAGEMENT
DTOO176 - Email with InfoPath forms must be configured to show UI to recipients.	CONFIGURATION MANAGEMENT
DTOO294 - InfoPath must be enforced to not use email forms from the Intranet security zone.	CONFIGURATION MANAGEMENT
DTOO295 - InfoPath email forms in Outlook must be disallowed.	CONFIGURATION MANAGEMENT
DTOO296 - Disabling opening forms with managed code from the Internet security zone must be configured.	CONFIGURATION MANAGEMENT
DTOO297 - A form that is digitally signed must be displayed with a warning.	SYSTEM AND INFORMATION INTEGRITY
DTOO309 - The InfoPath APTCA Assembly Allowable List must be enforced.	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA STIG Microsoft InfoPath 2013 v1r4

Warning! Audit Deprecated

Audit Details

Audit Items