DISA STIG Microsoft Office 365 ProPlus v2r12

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft Office 365 ProPlus v2r12

Updated: 8/28/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.1

Estimated Item Count: 140

File Details

Filename: DISA_STIG_Microsoft_Office_365_ProPlus_v2r12.audit

Size: 370 kB

MD5: ec3ba4429deadc52888dc1d659ba3cde
SHA256: 5d59c2c8f261a07820908ef1991492dedb8a3e3d444f685f8eb0f32f8a5627d7

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Office_365_ProPlus_v2r12.audit from DISA Microsoft Office 365 ProPlus v2r12 STIG
O365-AC-000001 - Macros must be blocked from running in Access files from the Internet.
O365-AC-000002 - Trust Bar Notifications for unsigned application add-ins in Access must be disabled and blocked.
O365-AC-000003 - VBA Macros not digitally signed must be blocked in Access.
O365-AC-000004 - Allowing Trusted Locations on the network must be disabled in Access.
O365-CO-000001 - The Macro Runtime Scan Scope must be enabled for all documents.
O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected.
O365-CO-000003 - The Office client must be prevented from polling the SharePoint Server for published links.
O365-CO-000004 - Custom user interface (UI) code must be blocked from loading in all Office applications.
O365-CO-000005 - ActiveX Controls must be initialized in Safe Mode.
O365-CO-000006 - Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level.
O365-CO-000007 - Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked.
O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files.
O365-CO-000009 - Office applications must be configured to specify encryption type in password-protected Office Open XML files.
O365-CO-000010 - Users must be prevented from creating new trusted locations in the Trust Center.
O365-CO-000012 - Office applications must not load XML expansion packs with Smart Documents.
O365-CO-000013 - The load of controls in Forms3 must be blocked.
O365-CO-000014 - Add-on Management must be enabled for all Office 365 ProPlus programs.
O365-CO-000015 - Consistent MIME handling must be enabled for all Office 365 ProPlus programs.
O365-CO-000016 - User name and password must be disabled in all Office programs.
O365-CO-000017 - The Information Bar must be enabled in all Office programs.
O365-CO-000018 - The Local Machine Zone Lockdown Security must be enabled in all Office programs.
O365-CO-000019 - The MIME Sniffing safety feature must be enabled in all Office programs.
O365-CO-000020 - Navigate URL must be enabled in all Office programs.
O365-CO-000021 - Object Caching Protection must be enabled in all Office programs.
O365-CO-000022 - Protection from zone elevation must be enabled in all Office programs.
O365-CO-000023 - ActiveX installation restriction must be enabled in all Office programs.
O365-CO-000024 - File Download Restriction must be enabled in all Office programs.
O365-CO-000025 - The Save from URL feature must be enabled in all Office programs.
O365-CO-000026 - Scripted Windows Security restrictions must be enabled in all Office programs.
O365-CO-000027 - Flash player activation must be disabled in all Office programs.
O365-EX-000001 - Trusted Locations on the network must be disabled in Excel.
O365-EX-000002 - VBA Macros not digitally signed must be blocked in Excel.
O365-EX-000003 - Dynamic Data Exchange (DDE) server launch in Excel must be blocked.
O365-EX-000004 - Dynamic Data Exchange (DDE) server lookup in Excel must be blocked.
O365-EX-000005 - Open/save of dBase III / IV format files must be blocked.
O365-EX-000006 - Open/save of Dif and Sylk format files must be blocked.
O365-EX-000007 - Open/save of Excel 2 macrosheets and add-in files must be blocked.
O365-EX-000008 - Open/save of Excel 2 worksheets must be blocked.
O365-EX-000009 - Open/save of Excel 3 macrosheets and add-in files must be blocked.
O365-EX-000010 - Open/save of Excel 3 worksheets must be blocked.
O365-EX-000011 - Open/save of Excel 4 macrosheets and add-in files must be blocked.
O365-EX-000012 - Open/save of Excel 4 workbooks must be blocked.
O365-EX-000013 - Open/save of Excel 4 worksheets must be blocked.
O365-EX-000014 - Open/save of Excel 95 workbooks must be blocked.
O365-EX-000015 - Open/save of Excel 95-97 workbooks and templates must be blocked.
O365-EX-000016 - The default file block behavior must be set to not open blocked files in Excel.
O365-EX-000017 - Open/save of Web pages and Excel 2003 XML spreadsheets must be blocked.
O365-EX-000018 - Extraction options must be blocked when opening corrupt Excel workbooks.
O365-EX-000019 - Updating of links in Excel must be prompted and not automatic.