STIGQter: STIG Summary: Microsoft Outlook 2016 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Message formats must be set to use SMime.

DISA Rule

SV-228453r508021_rule

Vulnerability Number

V-228453

Group Title

SRG-APP-000179

Rule Version

DTOO260

Severity

CAT II

CCI(s)

• CCI-000803 - The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Cryptography "Message Formats" to "Enabled (S\MIME)".

Check Contents

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Cryptography "Message Formats" is set to "Enabled (S\MIME)".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\16.0\outlook\security

Criteria: If the value MsgFormats is REG_DWORD = 1, this is not a finding.

Vulnerability Number

V-228453

Documentable

False

Rule Version

DTOO260

Severity Override Guidance

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Cryptography "Message Formats" is set to "Enabled (S\MIME)".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\16.0\outlook\security

Criteria: If the value MsgFormats is REG_DWORD = 1, this is not a finding.

Check Content Reference

M

Target Key

4224

Comments