DISA STIG Office System 2010 v1r13

Audit Details

Name: DISA STIG Office System 2010 v1r13

Updated: 8/26/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.0

Estimated Item Count: 38

File Details

Filename: DISA_STIG_Microsoft_Office_System_2010_v1r13.audit

Size: 72.4 kB

MD5: 16166b5dbc6d0ae95674dc470ca49ca9
SHA256: f17686c50493fe4c166ad9829540ceeebda74138ae1d88f95008d32aacd71b32

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG
DTOO177 - Office System - Access to updates, add-ins, and patches on Office.com must be disabled.

CONFIGURATION MANAGEMENT

DTOO178 - Office System - Upload of document templates to Office Online must be prevented.

CONFIGURATION MANAGEMENT

DTOO179 - Office System - Documents must be configured to not open as Read Write when browsing.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO180 - Office System - Vector markup Language (VML) for displaying graphics in browsers must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO182 - Office System - The Help Improve Proofing Tools feature for Office must be configured.

CONFIGURATION MANAGEMENT

DTOO183 - Office System - The Opt-In Wizard must be disabled.

CONFIGURATION MANAGEMENT

DTOO184 - Office System - The Customer Experience Improvement Program for Office must be disabled.

CONFIGURATION MANAGEMENT

DTOO185 - Office System - Automatic receiving of small updates to improve reliability must be disallowed.

CONFIGURATION MANAGEMENT

DTOO186 - Office System - Trust Bar notifications for Security messages must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO187 - Office System - Rights managed Office Open XML files must be protected.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO188 - Office System - Document metadata for password protected files must be protected.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO189 - Office System - The encryption type for password protected Open XML files must be set.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO190 - Office System - The encryption type for password protected Office 97 thru Office 2003 must be set.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO191 - Office System - ActiveX control initialization must be disabled.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO192 - Office System - Load controls in forms3 must be disabled from loading.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO193 - Office System - Automation Security to enforce macro level security in Office documents must be configured.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO194 - Office System - Hyperlink warnings for Office must be configured for use.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO195 - Office System - Passwords for secured documents must be enforced.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO196 - Office System - A mix of policy and user locations for Office Products must be disallowed.

CONFIGURATION MANAGEMENT

DTOO197 - Office System - Smart Documents use of Manifests in Office must be disallowed.

CONFIGURATION MANAGEMENT

DTOO198 - Office System - The Internet Fax Feature must be disabled.

CONFIGURATION MANAGEMENT

DTOO199 - Office System - Changing permissions on rights managed content for users must be enforced.

ACCESS CONTROL

DTOO200 - Office System - Office must be configured to not allow read with browsers.

ACCESS CONTROL

DTOO201 - Office System - Connection verification of permissions must be enforced.

ACCESS CONTROL

DTOO202 - Office System - Microsoft passport Service for content must be disallowed.

CONFIGURATION MANAGEMENT

DTOO203 - Office System - Legacy format signatures must be enabled.

CONFIGURATION MANAGEMENT

DTOO204 - Office System - External Signature Services Menu for Office must be suppressed.

CONFIGURATION MANAGEMENT

DTOO206 - Office System - Inclusion of document properties for PDF and XPS output must be disallowed.

CONFIGURATION MANAGEMENT

DTOO207 - Office System - Document Information panel Beaconing must show UI.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO208 - Office System - Office client polling of Sharepoint servers published links must be disabled.

ACCESS CONTROL

DTOO212 - Office System - Blogging entries created from inside Office products must be configured for Sharepoint only.

CONFIGURATION MANAGEMENT

DTOO306 - Office System - Hyperlinks to web templates in File | New and task panes must be disabled.

CONFIGURATION MANAGEMENT

DTOO307 - Office System - Office Live Workspace Integration must be off.

CONFIGURATION MANAGEMENT

DTOO311 - Office System - Key Usage Filtering must be allowed.

CONFIGURATION MANAGEMENT

DTOO312 - Office System - Customer-submitted templates downloads from Office.com must be disallowed.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO321 - Office System - Encrypt document properties must be configured for OLE documents.

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO345 - Office System - Online content options must be configured for offline content availability.

CONFIGURATION MANAGEMENT