| 4.9 Ensure 'notListedIsapisAllowed' is set to false | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.9 Ensure 'notListedIsapisAllowed' is set to false | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10 Ensure 'notListedCgisAllowed' is set to false | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10 Ensure 'notListedCgisAllowed' is set to false | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Configure 'Disable All ActiveX' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.16 Set 'Load Controls in Forms3:' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure that the SafeControls list is set to the minimum set of controls needed for your sites | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure that the SafeControls list is set to the minimum set of controls needed for your sites | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always open untrusted database files in Protected View | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always open untrusted database files in Protected View | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always open untrusted database files in Protected View | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always prevent untrusted Microsoft Query files from opening | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always prevent untrusted Microsoft Query files from opening | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Always prevent untrusted Microsoft Query files from opening | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Load Controls in Forms3 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Load Controls in Forms3 | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Load Controls in Forms3 | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Load Controls in Forms3 | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Load Controls in Forms3 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'ASP Default Language set to VBScript' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - ASP Default Language set to VBScript' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
