Detections
Analytics

DISA STIG Microsoft Office System 2016 v2r3

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft Office System 2016 v2r3

Updated: 4/21/2025

Authority: DISA STIG

Plugin: Windows

Revision: 1.2

Estimated Item Count: 21

File Details

Filename: DISA_STIG_Microsoft_Office_System_2016_v2r3.audit

Size: 48.7 kB

MD5: 5463c5993ddbda7b30e3557aa34798e2
SHA256: 7cb3a9ab063c3e91d18a413fa2cdb2748f8ce6d82c0b56106efbd09c073e8a1b

Audit Items

DescriptionCategories
DISA_STIG_Microsoft_Office_System_2016_v2r3.audit from DISA Microsoft Office System 2016 v2r3 STIG
DTOO182 - The Help Improve Proofing Tools feature for Office must be configured.
DTOO186 - Trust Bar notifications for Security messages must be enforced.
DTOO187 - Rights managed Office Open XML files must be protected.
DTOO188 - Document metadata for password protected files must be protected.
DTOO189 - The encryption type for password protected Open XML files must be set.
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.
DTOO191 - ActiveX control initialization must be disabled.
DTOO192 - Load controls in forms3 must be disabled from loading.
DTOO193 - Automation Security to enforce macro level security in Office documents must be configured.
DTOO196 - A mix of policy and user locations for Office Products must be disallowed.
DTOO197 - Smart Documents use of Manifests in Office must be disallowed.
DTOO201 - Connection verification of permissions must be enforced.
DTOO206 - Inclusion of document properties for PDF and XPS output must be disallowed.
DTOO321 - Encrypt document properties must be configured for OLE documents.
DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online.
DTOO409 - The ability to create an online presentation programmatically must be disabled.
DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled.
DTOO412 - The ability to run unsecure Office web add-ins and Catalogs must be disabled.
DTOO416 - The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.
DTOO601 - The ability to send personal information to Office must be disabled.