| 1.1.3.2.3 Ensure 'VBA Macro Notification Settings' is set to Enabled (Disable all Except Digitally Signed Macros) | CIS Microsoft Office Access 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.2.4 Ensure Set 'Disable Trust Bar Notification for unsigned application add-ins' is set to Enabled | CIS Microsoft Office Access 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.2.2 Ensure 'Do Not Open Files From The Internet Zone in Protected View' is set to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.5 Ensure 'Disable Trust Bar Notification For Unsigned Application Add-ins And Block Them' is set to Enabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.5 Ensure 'Disable Trust Bar Notification For Unsigned Application Add-ins And Block Them' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.7 Ensure 'VBA Macro Notification Settings' is set to Enabled (Disable all Except Digitally Signed Macros) | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.2.2.4 Ensure 'Do not open files in unsafe locations in Protected View' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 Set 'Automatically download content for e- mail from people in Safe Senders and Safe Recipients Lists' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.1.3 Ensure 'Update Automatic Links at Open' is set to Disabled | CIS Microsoft Office Word 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.7.2.2.2 Ensure 'Do Not Open Files in Unsafe Locations in Protected View' is set to Disabled | CIS Microsoft Office Word 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.7.2.5 Ensure 'Disable Trust Bar Notification for Unsigned Application Add-ins and Block Them' to Enable | CIS Microsoft Office Word 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13 Set 'Display pictures and external content in HTML e- mail' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.1.4 Ensure 'Do not permit download of content from safe zones' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.1.2 Ensure 'Display Level 1 attachments' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.3.1.2 Ensure 'Display Level 1 attachments' is set to Disabled | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.4.3 Ensure 'Security Setting for Macros' is set to Enabled:Never warn, disable all | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.26 Set 'Remove file extensions blocked as Level 1' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.1.1 Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.12.1.2 Ensure 'Disable UI extending from documents and templates' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Set 'Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled' to 'Enabled' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.7 Ensure 'Unblock automatic download of linked images' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.4.2 Ensure 'Publisher Automation Security Level' is set to 'Enabled: By UI (prompted)' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.1.2 Ensure 'Disable UI Extending from Documents and Templates' is set to Enabled - InfoPath | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.1.2 Ensure 'Disable UI Extending from Documents and Templates' is set to Enabled - Outlook | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.1.2 Ensure 'Update automatic links at Open' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11.52.1.1 (L2) Ensure 'Prevent Codec Download (User)' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.6 Set 'Display Level 1 attachments' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Disable the automatic run of safe files in Safari | CIS Apple macOS 10.12 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Disable the automatic run of safe files in Safari | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.3 Set 'Allow font downloads' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.5 Set 'Run .NET Framework-reliant components signed with Authenticode' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.10 Set 'Run .NET Framework-reliant components not signed with Authenticode' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.12 Set 'Download unsigned ActiveX controls' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.12 Set 'Download unsigned ActiveX controls' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.3 Set 'Download signed ActiveX controls' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.6 Set 'Allow font downloads' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.7 Set 'Initialize and script ActiveX controls not marked as safe' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.8 Set 'Run .NET Framework-reliant components signed with Authenticode' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.13 Set 'Download unsigned ActiveX controls' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.21 Set 'Download unsigned ActiveX controls' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.24 Set 'Only allow approved domains to use ActiveX controls without prompt' to 'Enabled:Enable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.24 Set 'Script ActiveX controls marked safe for scripting' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.27 Set 'Run .NET Framework-reliant components not signed with Authenticode' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.4.3 Set 'Don't run antimalware programs against ActiveX controls' to 'Enabled:Disabled' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.6.2 Set 'Only allow approved domains to use ActiveX controls without prompt' to 'Enabled:Enable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.8.2 Ensure 'Set the default behavior for AutoRun' is set to 'Enabled: Do not execute any autorun commands' | CIS Windows 7 Workstation Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 19.7.44.2.1 (L1) Ensure 'Prevent Codec Download' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 19.7.44.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 19.7.44.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
