DTOO201 - Connection verification of permissions must be enforced.

Information

This policy setting controls whether users are required to connect to the Internet or a local network to have their licenses confirmed every time they attempt to open Excel workbooks, InfoPath forms or templates, Outlook e-mail messages, PowerPoint presentations, or Word documents that are protected by Information Rights Management (IRM). This policy is useful if you want to log the usage of files with restricted permissions on the server. If you enable this policy setting, users are required to connect to verify permissions. This policy setting will only affect protected files created on machines where the policy is enabled. If you disable or do not configure this policy setting, users are not required to connect to the network to verify permissions.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2016 -> Manage Restricted Permissions 'Always require users to connect to verify permission' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Office_System_2016_V2R3_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(10), CAT|II, CCI|CCI-002235, Rule-ID|SV-238035r879717_rule, STIG-ID|DTOO201, STIG-Legacy|SV-85505, STIG-Legacy|V-70881, Vuln-ID|V-238035

Plugin: Windows

Control ID: ecfc43e66621f87a477860dd0fed7f513a9409432af329edbb48cdc2bd9c4cc8