Detections
Analytics

DISA STIG Microsoft OneDrive v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft OneDrive v2r1

Updated: 4/25/2022

Authority: Operating Systems and Applications

Plugin: Windows

Revision: 1.4

Estimated Item Count: 20

Audit Items

DescriptionCategories
DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced.

CONFIGURATION MANAGEMENT

DTOO111 - Enabling IE Bind to Object functionality must be present.

CONFIGURATION MANAGEMENT

DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced.

CONFIGURATION MANAGEMENT

DTOO123 - Navigation to URLs embedded in Office products must be blocked.

CONFIGURATION MANAGEMENT

DTOO124 - Scripted Window Security must be enforced.

CONFIGURATION MANAGEMENT

DTOO126 - Add-on Management functionality must be allowed.

CONFIGURATION MANAGEMENT

DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked.

CONFIGURATION MANAGEMENT

DTOO132 - File Downloads must be configured for proper restrictions.

CONFIGURATION MANAGEMENT

DTOO209 - Protection from zone elevation must be enforced.

CONFIGURATION MANAGEMENT

DTOO211 - ActiveX Installs must be configured for proper restriction.

CONFIGURATION MANAGEMENT

DTOO605 - OneDrive must only allow synchronizing of accounts for DoD organization instances.
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - DEP
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - ForceRelocateImages
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideEnableRopCallerCheck
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideEnableRopSimExec
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideEnableRopStackPivot
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideExportAddressFilter
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideExportAddressFilterPlus
DTOO606 - Exploit Protection mitigations in Windows 10 must be configured for OneDrive.exe - OverrideImportAddressFilter
DTOO607 - The use of personal accounts for OneDrive synchronization must be disabled.