DISA_STIG_Microsoft_Outlook_2013_v1r12.audit for Microsoft Outlook 2013, from DISA STIG Microsoft Outlook 2013 v1r12 | |
DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | CONFIGURATION MANAGEMENT |
DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | CONFIGURATION MANAGEMENT |
DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing. | CONFIGURATION MANAGEMENT |
DTOO123 - Navigation to URLs embedded in Office products must be blocked. | CONFIGURATION MANAGEMENT |
DTOO124 - Scripted Window Security must be enforced. | CONFIGURATION MANAGEMENT |
DTOO126 - Add-on Management functionality must be allowed. | CONFIGURATION MANAGEMENT |
DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | CONFIGURATION MANAGEMENT |
DTOO132 - File Downloads must be configured for proper restrictions. | CONFIGURATION MANAGEMENT |
DTOO209 - Protection from zone elevation must be enforced. | CONFIGURATION MANAGEMENT |
DTOO211 - ActiveX installs must be configured for proper restrictions. | CONFIGURATION MANAGEMENT |
DTOO214 - Read EMail as plain text must be enforced. | CONFIGURATION MANAGEMENT |
DTOO215 - Read signed email as plain text must be enforced. | CONFIGURATION MANAGEMENT |
DTOO216 - Publishing calendars to Office Online must be prevented. | ACCESS CONTROL |
DTOO217 - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. | CONFIGURATION MANAGEMENT |
DTOO218 - Level of calendar details that a user can publish must be restricted. | CONFIGURATION MANAGEMENT |
DTOO219 - Access restriction settings for published calendars must be configured. | ACCESS CONTROL |
DTOO220 - Upload method for publishing calendars to Office Online must be restricted. | ACCESS CONTROL |
DTOO221 - Junk Mail UI must be configured. | SYSTEM AND INFORMATION INTEGRITY |
DTOO223 - Trust EMail from senders in receivers contact list must be enforced. | CONFIGURATION MANAGEMENT |
DTOO224 - Recipients of sent email must be unable to be added to the safe senders list. | CONFIGURATION MANAGEMENT |
DTOO227 - The ability to add signatures to email messages must be allowed. | CONFIGURATION MANAGEMENT |
DTOO228 - Plain Text Options for outbound email must be configured - Message Plain Format Mime | CONFIGURATION MANAGEMENT |
DTOO228 - Plain Text Options for outbound email must be configured - PlainWrapLen | CONFIGURATION MANAGEMENT |
DTOO229 - Outlook must be enforced as the default email, calendar, and contacts program. | CONFIGURATION MANAGEMENT |
DTOO230 - Folders in non-default stores, set as folder home pages, must be disallowed. | CONFIGURATION MANAGEMENT |
DTOO231 - Dragging Unicode email messages to file system must be disallowed. | CONFIGURATION MANAGEMENT |
DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders. | CONFIGURATION MANAGEMENT |
DTOO234 - ActiveX One-Off forms must be configured. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO236 - The Add-In Trust Level must be configured. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO237 - The remember password for internet e-mail accounts must be disabled. | IDENTIFICATION AND AUTHENTICATION |
DTOO238 - Users customizing attachment security settings must be prevented. | SYSTEM AND INFORMATION INTEGRITY |
DTOO239 - Outlook Security Mode must be configured to use Group Policy settings. | CONFIGURATION MANAGEMENT |
DTOO240 - The ability to display level 1 attachments must be disallowed. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | CONFIGURATION MANAGEMENT |
DTOO242 - The prompt to display level 1 attachments must be disallowed when sending an item. | CONFIGURATION MANAGEMENT |
DTOO243 - The prompt to display level 1 attachments must be disallowed when closing an item. | CONFIGURATION MANAGEMENT |
DTOO244 - Level 1 file extensions must be blocked and not removed. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO245 - Level 2 file extensions must be blocked and not removed. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO246 - Scripts in One-Off Outlook forms must be disallowed. | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO247 - Custom Outlook Object Model (OOM) action execution prompts must be configured. | CONFIGURATION MANAGEMENT |
DTOO249 - Object Model Prompt for programmatic email send behavior must be configured. | CONFIGURATION MANAGEMENT |
DTOO250 - Object Model Prompt behavior for programmatic address books must be configured. | CONFIGURATION MANAGEMENT |
DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured. | CONFIGURATION MANAGEMENT |
DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured. | CONFIGURATION MANAGEMENT |
DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured. | CONFIGURATION MANAGEMENT |
DTOO254 - Object Model Prompt behavior for accessing User Property Formula must be configured. | CONFIGURATION MANAGEMENT |
DTOO256 - Trusted add-ins behavior for email must be configured. | CONFIGURATION MANAGEMENT |
DTOO257 - S/Mime interoperability with external clients for message handling must be configured. | SYSTEM AND COMMUNICATIONS PROTECTION |