| 5.17 Ensure HTTP Header Referrer-Policy is set appropriately | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI032-IE11 - Accessing data sources across domains must be disallowed (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI032-IE11 - Accessing data sources across domains must be disallowed (Internet zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI039-IE11 - Navigating windows and frames across different domains must be disallowed (Internet zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI122-IE11 - Accessing data sources across domains must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r18 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI122-IE11 - Accessing data sources across domains must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI356-IE11 - The 64-bit tab processes, when running in Enhanced Protected Mode on 64-bit versions of Windows, must be turned on. | DISA STIG IE 11 v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI460 - Loose XAML files must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI475 - First-Run Opt-In ability must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Access - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Project - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Project - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO120 - Excel - Open/Save actions for Web pages and Excel 2003 XML spreadsheets must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO121 - Files from the Internet zone must be opened in Protected View. | DISA STIG Microsoft Excel 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO121 - PowerPoint - Files from the Internet zone must be opened in Protected View. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Access - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft Groove 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Excel - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Project - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Excel - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - PowerPoint - Data Execution Prevention must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Word - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Project 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - Excel - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO145 - Excel - Macro storage must be in Personal macro workbooks. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO167 - InfoPath - Opening behavior for EMail forms containing code or scripts must be controlled. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO170 - InfoPath - InfoPath 2003 forms as email forms in InfoPath 2010 must be disallowed. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO173 - InfoPath - Disabling of email forms from the Full Trust Security Zone must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO180 - Office System - Vector markup Language (VML) for displaying graphics in browsers must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO193 - Office System - Automation Security to enforce macro level security in Office documents must be configured. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO194 - Office System - Hyperlink warnings for Office must be configured for use. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Publisher - Protection from zone elevation must be enforced. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Access - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX installs must be configured for proper restrictions. | DISA STIG Microsoft Groove 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Word - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - Excel - Files in unsafe locations must be opened in Protected View. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - Files in unsafe locations must be opened in Protected View. | DISA STIG Microsoft Excel 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - PowerPoint - Files in unsafe locations must be opened in Protected View. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO291 - PowerPoint - Automatic download of linked images must be disallowed. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set - openinprotectedview | DISA STIG Microsoft Excel 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO293 - Excel attachments opened from Outlook must be in Protected View. | DISA STIG Microsoft Excel 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO294 - InfoPath - InfoPath must be enforced to not use e-mail forms from the Intranet security zone. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO295 - InfoPath - InfoPath e-mail forms in Outlook must be disallowed. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Trust access for VBA must be disallowed. | DISA STIG Microsoft Access 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Warning Bar settings for VBA macros must be configured. | DISA STIG Microsoft Excel 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Warning Bar settings for VBA macros must be configured. | DISA STIG Microsoft Project 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Warning Bar settings for VBA macros must be configured. | DISA STIG Microsoft Visio 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO334 - Word - Word 2000 binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO338 - Word - Word 97 binary documents and templates must be configured to edit in protected view. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO600 - Macros must be blocked from running in Office 2013 files from the Internet. | DISA STIG Microsoft PowerPoint 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
