| DISA_STIG_Microsoft_Office_System_2016_v2r3.audit from DISA Microsoft Office System 2016 v2r3 STIG | |
| DTOO182 - The Help Improve Proofing Tools feature for Office must be configured. | CONFIGURATION MANAGEMENT |
| DTOO186 - Trust Bar notifications for Security messages must be enforced. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO187 - Rights managed Office Open XML files must be protected. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - The encryption type for password protected Open XML files must be set. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO191 - ActiveX control initialization must be disabled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO192 - Load controls in forms3 must be disabled from loading. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO193 - Automation Security to enforce macro level security in Office documents must be configured. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO196 - A mix of policy and user locations for Office Products must be disallowed. | CONFIGURATION MANAGEMENT |
| DTOO197 - Smart Documents use of Manifests in Office must be disallowed. | CONFIGURATION MANAGEMENT |
| DTOO201 - Connection verification of permissions must be enforced. | ACCESS CONTROL |
| DTOO206 - Inclusion of document properties for PDF and XPS output must be disallowed. | CONFIGURATION MANAGEMENT |
| DTOO321 - Encrypt document properties must be configured for OLE documents. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO408 - Office Presentation Service must be removed as an option for presenting PowerPoint and Word online. | CONFIGURATION MANAGEMENT |
| DTOO409 - The ability to create an online presentation programmatically must be disabled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO410 - When using the Office Feedback tool, the ability to include a screenshot must be disabled. | CONFIGURATION MANAGEMENT |
| DTOO412 - The ability to run unsecure Office web add-ins and Catalogs must be disabled. | CONFIGURATION MANAGEMENT |
| DTOO416 - The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder. | CONFIGURATION MANAGEMENT |
| DTOO601 - The ability to send personal information to Office must be disabled. | CONFIGURATION MANAGEMENT |
