DISA STIG Microsoft Outlook 2016 v1r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Microsoft Outlook 2016 v1r2

Updated: 6/2/2021

Authority: DISA STIG

Plugin: Windows

Revision: 1.7

Estimated Item Count: 59

Audit Changelog


Revision 1.7 Jun 2, 2021 Miscellaneous Audit deprecated. Metadata updated. References updated.
Revision 1.6 Feb 1, 2021 Miscellaneous Metadata updated. References updated.
Revision 1.5 Sep 29, 2020 Miscellaneous References updated.
Revision 1.4 Apr 22, 2020 Miscellaneous Metadata updated. References updated.
Revision 1.3 Feb 11, 2019 Miscellaneous Metadata updated. References updated.
Revision 1.2 Dec 14, 2018 Miscellaneous References updated.
Revision 1.1 Jul 24, 2018 Miscellaneous Metadata updated. Platform check updated. Added DISA_STIG_Microsoft_Outlook_2016_v1r2.audit for Microsoft Outlook 2016, from DISA STIG Microsoft Outlook 2016 v1r2 DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. DTOO111 - Enabling IE Bind to Object functionality must be present. DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced. DTOO123 - Navigation to URLs embedded in Office products must be blocked. DTOO124 - Scripted Window Security must be enforced. DTOO126 - Add-on Management functionality must be allowed. DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. DTOO132 - File Downloads must be configured for proper restrictions. DTOO209 - Protection from zone elevation must be enforced. DTOO211 - ActiveX Installs must be configured for proper restriction. DTOO216 - Publishing calendars to Office Online must be prevented. DTOO217 - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. DTOO218 - Level of calendar details that a user can publish must be restricted. DTOO219 - Access restriction settings for published calendars must be configured. DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders. DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders. DTOO234 - ActiveX One-Off forms must be configured. DTOO236 - The Add-In Trust Level must be configured. DTOO237 - The remember password for internet e-mail accounts must be disabled. DTOO238 - Users customizing attachment security settings must be prevented. DTOO239 - Outlook Security Mode must be configured to use Group Policy settings. DTOO240 - The ability to display level 1 attachments must be disallowed. DTOO244 - Level 1 file extensions must be blocked and not removed. DTOO245 - Level 2 file extensions must be blocked and not removed. DTOO246 - Scripts in One-Off Outlook forms must be disallowed. DTOO247 - Custom Outlook Object Model (OOM) action execution prompts must be configured. DTOO249 - Object Model Prompt for programmatic email send behavior must be configured. DTOO250 - Object Model Prompt behavior for programmatic address books must be configured. DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured. DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured. DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured. DTOO254 - Object Model Prompt behavior for accessing User Property Formula must be configured. DTOO256 - Trusted add-ins behavior for email must be configured. DTOO257 - S/Mime interoperability with external clients for message handling must be configured. DTOO260 - Message formats must be set to use SMime. DTOO262 - Run in FIPS compliant mode must be enforced. DTOO264 - Send all signed messages as clear signed messages must be configured. DTOO266 - Automatic sending s/Mime receipt requests must be disallowed. DTOO267 - Retrieving of CRL data must be set for online action. DTOO270 - External content and pictures in HTML email must be displayed. DTOO271 - Automatic download content for email in Safe Senders list must be disallowed. DTOO272 - Permit download of content from safe zones must be configured. DTOO273 - IE Trusted Zones assumed trusted must be blocked. DTOO274 - Internet with Safe Zones for Picture Download must be disabled. DTOO275 - Intranet with Safe Zones for automatic picture downloads must be configured. DTOO276 - Always warn on untrusted macros must be enforced. DTOO277 - Hyperlinks in suspected phishing email messages must be disallowed. DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. DTOO283 - Disabling download full text of articles as HTML must be configured. DTOO284 - Automatic download of Internet Calendar appointment attachments must be disallowed. DTOO285 - Internet calendar integration in Outlook must be disabled. DTOO286 - User Entries to Server List must be disallowed. DTOO313 - Automatically downloading enclosures on RSS must be disallowed. DTOO315 - Outlook must be configured not to prompt users to choose security settings if default settings fail. DTOO316 - Outlook minimum encryption key length settings must be set. DTOO317 - Replies or forwards to signed/encrypted messages must be signed/encrypted. DTOO320 - Check e-mail addresses against addresses of certificates being used must be disallowed. Removed DISA_STIG_Microsoft_Outlook_2016_v1r2.audit for Microsoft Outlook 2016, from DISA STIG Microsoft Outlook 2016 v1r2 DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. DTOO111 - Enabling IE Bind to Object functionality must be present. DTOO117 - Saved from URL mark to assure Internet zone processing must be enforced. DTOO123 - Navigation to URLs embedded in Office products must be blocked. DTOO124 - Scripted Window Security must be enforced. DTOO126 - Add-on Management functionality must be allowed. DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. DTOO132 - File Downloads must be configured for proper restrictions. DTOO209 - Protection from zone elevation must be enforced. DTOO211 - ActiveX Installs must be configured for proper restriction. DTOO216 - Publishing calendars to Office Online must be prevented. DTOO217 - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. DTOO218 - Level of calendar details that a user can publish must be restricted. DTOO219 - Access restriction settings for published calendars must be configured. DTOO232 - Outlook Object Model scripts must be disallowed to run for shared folders. DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders. DTOO234 - ActiveX One-Off forms must be configured. DTOO236 - The Add-In Trust Level must be configured. DTOO237 - The remember password for internet e-mail accounts must be disabled. DTOO238 - Users customizing attachment security settings must be prevented. DTOO239 - Outlook Security Mode must be configured to use Group Policy settings. DTOO240 - The ability to display level 1 attachments must be disallowed. DTOO244 - Level 1 file extensions must be blocked and not removed. DTOO245 - Level 2 file extensions must be blocked and not removed. DTOO246 - Scripts in One-Off Outlook forms must be disallowed. DTOO247 - Custom Outlook Object Model (OOM) action execution prompts must be configured. DTOO249 - Object Model Prompt for programmatic email send behavior must be configured. DTOO250 - Object Model Prompt behavior for programmatic address books must be configured. DTOO251 - Object Model Prompt behavior for programmatic access of user address data must be configured. DTOO252 - Object Model Prompt behavior for Meeting and Task Responses must be configured. DTOO253 - Object Model Prompt behavior for the SaveAs method must be configured. DTOO254 - Object Model Prompt behavior for accessing User Property Formula must be configured. DTOO256 - Trusted add-ins behavior for email must be configured. DTOO257 - S/Mime interoperability with external clients for message handling must be configured. DTOO260 - Message formats must be set to use SMime. DTOO262 - Run in FIPS compliant mode must be enforced. DTOO264 - Send all signed messages as clear signed messages must be configured. DTOO266 - Automatic sending s/Mime receipt requests must be disallowed. DTOO267 - Retrieving of CRL data must be set for online action. DTOO270 - External content and pictures in HTML email must be displayed. DTOO271 - Automatic download content for email in Safe Senders list must be disallowed. DTOO272 - Permit download of content from safe zones must be configured. DTOO273 - IE Trusted Zones assumed trusted must be blocked. DTOO274 - Internet with Safe Zones for Picture Download must be disabled. DTOO275 - Intranet with Safe Zones for automatic picture downloads must be configured. DTOO276 - Always warn on untrusted macros must be enforced. DTOO277 - Hyperlinks in suspected phishing email messages must be disallowed. DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. DTOO283 - Disabling download full text of articles as HTML must be configured. DTOO284 - Automatic download of Internet Calendar appointment attachments must be disallowed. DTOO285 - Internet calendar integration in Outlook must be disabled. DTOO286 - User Entries to Server List must be disallowed. DTOO313 - Automatically downloading enclosures on RSS must be disallowed. DTOO315 - Outlook must be configured not to prompt users to choose security settings if default settings fail. DTOO316 - Outlook minimum encryption key length settings must be set. DTOO317 - Replies or forwards to signed/encrypted messages must be signed/encrypted. DTOO320 - Check e-mail addresses against addresses of certificates being used must be disallowed.