DISA STIG Microsoft Office System 2013 v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft Office System 2013 v2r1

Updated: 8/19/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.6

Estimated Item Count: 50

File Details

Filename: DISA_STIG_Microsoft_Office_System_2013_v2r1.audit

Size: 93.8 kB

MD5: 040f9704856f984c226dd9a1246e4f9e

SHA256: ca31d7ea6974a0e5432b45e80a451b9ada6501b27e0c3418c8ecd6da4b5c8064

Audit Items

Description	Categories
DISA_STIG_Microsoft_Office_System_2013_v2r1.audit from DISA Microsoft Office System 2013 v2r1 STIG
DTOO179 - Documents must be configured to not open as Read Write when browsing.	CONFIGURATION MANAGEMENT
DTOO180 - Relying on Vector markup Language (VML) for displaying graphics in browsers must be disallowed - VML for displaying graphics in browsers must be disallowed	CONFIGURATION MANAGEMENT
DTOO182 - The Help Improve Proofing Tools feature for Office must be configured.	CONFIGURATION MANAGEMENT
DTOO183 - The Opt-In Wizard must be disabled.	CONFIGURATION MANAGEMENT
DTOO184 - The Customer Experience Improvement Program for Office must be disabled.	CONFIGURATION MANAGEMENT
DTOO185 - Automatic receiving of small updates to improve reliability must be disallowed.	CONFIGURATION MANAGEMENT
DTOO186 - Trust Bar notifications for Security messages must be enforced.	SYSTEM AND INFORMATION INTEGRITY
DTOO187 - Rights managed Office Open XML files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO188 - Document metadata for password protected files must be protected.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO189 - The encryption type for password protected Open XML files must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO191 - ActiveX control initialization must be disabled.	CONFIGURATION MANAGEMENT
DTOO192 - Load controls in forms3 must be disabled from loading.	CONFIGURATION MANAGEMENT
DTOO193 - Automation Security to enforce macro level security in Office documents must be configured.	CONFIGURATION MANAGEMENT
DTOO194 - Hyperlink warnings for Office must be configured for use.	SYSTEM AND INFORMATION INTEGRITY
DTOO195 - Passwords for secured documents must be enforced.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO196 - A mix of policy and user locations for Office Products must be disallowed.	CONFIGURATION MANAGEMENT
DTOO197 - Smart Documents use of Manifests in Office must be disallowed.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO198 - The Internet Fax Feature must be disabled.	ACCESS CONTROL
DTOO199 - Changing permissions on rights managed content for users must be enforced.	ACCESS CONTROL
DTOO200 - Office must be configured to not allow read with browsers.	ACCESS CONTROL
DTOO201 - Connection verification of permissions must be enforced.	CONFIGURATION MANAGEMENT
DTOO203 - Legacy format signatures must be enabled.	SYSTEM AND INFORMATION INTEGRITY
DTOO204 - External Signature Services Menu for Office must be suppressed.	CONFIGURATION MANAGEMENT
DTOO206 - Inclusion of document properties for PDF and XPS output must be disallowed.	CONFIGURATION MANAGEMENT
DTOO207 - Document Information panel Beaconing must show UI.	CONFIGURATION MANAGEMENT
DTOO208 - Office client polling of SharePoint servers published links must be disabled.	CONFIGURATION MANAGEMENT
DTOO212 - Blogging entries created from inside Office products must be configured for SharePoint only.	CONFIGURATION MANAGEMENT
DTOO321 - Encrypt document properties must be configured for OLE documents.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO345 - Online content options must be configured for offline content availability.	CONFIGURATION MANAGEMENT
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - automatic updates	SYSTEM AND INFORMATION INTEGRITY
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update server	SYSTEM AND INFORMATION INTEGRITY
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update stats server	SYSTEM AND INFORMATION INTEGRITY
DTOO402 - The Enable Updates and Disable Updates options in the UI must be hidden from users.	CONFIGURATION MANAGEMENT
DTOO403 - The video informing a user about signing into Office365 must be disabled.	CONFIGURATION MANAGEMENT
DTOO404 - The first-run prompt to sign into Office365 must be disabled.	CONFIGURATION MANAGEMENT
DTOO405 - The ability to sign into Office365 must be disabled.	ACCESS CONTROL
DTOO406 - The ability to automatically hyperlink screenshots within Word, PowerPoint, Excel and Outlook must be disabled.	CONFIGURATION MANAGEMENT
DTOO407 - The prompt to save to OneDrive (formerly SkyDrive) must be disabled.	ACCESS CONTROL
DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online.	ACCESS CONTROL
DTOO409 - The ability to create an online presentation programmatically must be disabled.	SYSTEM AND INFORMATION INTEGRITY
DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled.	CONFIGURATION MANAGEMENT
DTOO411 - The Office Feedback tool must be disabled.	CONFIGURATION MANAGEMENT
DTOO412 - The ability to run unsecure Office apps must be disabled.	SYSTEM AND COMMUNICATIONS PROTECTION
DTOO413 - Users must be prevented from using or inserting apps that come from the Office Store.	CONFIGURATION MANAGEMENT
DTOO414 - Roaming settings must be stored locally and not synchronized to the Microsoft Office roaming settings web service.	ACCESS CONTROL
DTOO415 - The ability of the Office Telemetry Agent to periodically upload telemetry data to a shared folder must be disabled.	CONFIGURATION MANAGEMENT
DTOO416 - The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.	CONFIGURATION MANAGEMENT
DTOO417 - The Office Telemetry Agent and Office applications must be configured to collect telemetry data.	AUDIT AND ACCOUNTABILITY

Detections

Analytics

DISA STIG Microsoft Office System 2013 v2r1

Warning! Audit Deprecated

Audit Details

File Details

Audit Items