| Checked | Name | Title |
|---|
| ☐ | SV-223280r508019_rule | Macros must be blocked from running in Access files from the Internet. |
| ☐ | SV-223281r508019_rule | Trust Bar Notifications for unsigned application add-ins in Access must be disabled and blocked. |
| ☐ | SV-223282r508019_rule | VBA Macros not digitally signed must be blocked in Access. |
| ☐ | SV-223283r508019_rule | Allowing Trusted Locations on the network must be disabled in Access. |
| ☐ | SV-223284r508192_rule | The Macro Runtime Scan Scope must be enabled for all documents. |
| ☐ | SV-223285r508019_rule | Document metadata for rights managed Office Open XML files must be protected. |
| ☐ | SV-223286r538226_rule | The Office client must be prevented from polling the SharePoint Server for published links. |
| ☐ | SV-223287r508019_rule | Custom user interface (UI) code must be blocked from loading in all Office applications. |
| ☐ | SV-223288r508019_rule | ActiveX Controls must be initialized in Safe Mode. |
| ☐ | SV-223289r508019_rule | Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level. |
| ☐ | SV-223290r508019_rule | Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked. |
| ☐ | SV-223291r508019_rule | Office applications must be configured to specify encryption type in password-protected Office 97-2003 files. |
| ☐ | SV-223292r508019_rule | Office applications must be configured to specify encryption type in password-protected Office Open XML files. |
| ☐ | SV-223293r508019_rule | Users must be prevented from creating new trusted locations in the Trust Center. |
| ☐ | SV-223294r508019_rule | Office applications must not load XML expansion packs with Smart Documents. |
| ☐ | SV-223295r684247_rule | The load of controls in Forms3 must be blocked. |
| ☐ | SV-223296r508019_rule | Add-on Management must be enabled for all Office 365 ProPlus programs. |
| ☐ | SV-223297r508019_rule | Consistent MIME handling must be enabled for all Office 365 ProPlus programs. |
| ☐ | SV-223298r508019_rule | User name and password must be disabled in all Office programs. |
| ☐ | SV-223299r508019_rule | The Information Bar must be enabled in all Office programs. |
| ☐ | SV-223300r508019_rule | The Local Machine Zone Lockdown Security must be enabled in all Office programs. |
| ☐ | SV-223301r508019_rule | The MIME Sniffing safety feature must be enabled in all Office programs. |
| ☐ | SV-223302r508019_rule | Navigate URL must be enabled in all Office programs. |
| ☐ | SV-223303r508019_rule | Object Caching Protection must be enabled in all Office programs. |
| ☐ | SV-223304r508019_rule | Protection from zone elevation must be enabled in all Office programs. |
| ☐ | SV-223305r508019_rule | ActiveX installation restriction must be enabled in all Office programs. |
| ☐ | SV-223306r508019_rule | File Download Restriction must be enabled in all Office programs. |
| ☐ | SV-223307r508019_rule | The Save from URL feature must be enabled in all Office programs. |
| ☐ | SV-223308r508019_rule | Scripted Windows Security restrictions must be enabled in all Office programs. |
| ☐ | SV-223309r508019_rule | Flash player activation must be disabled in all Office programs. |
| ☐ | SV-223310r508019_rule | Trusted Locations on the network must be disabled in Excel. |
| ☐ | SV-223311r508019_rule | VBA Macros not digitally signed must be blocked in Excel. |
| ☐ | SV-223312r508019_rule | Dynamic Data Exchange (DDE) server launch in Excel must be blocked. |
| ☐ | SV-223313r508019_rule | Dynamic Data Exchange (DDE) server lookup in Excel must be blocked. |
| ☐ | SV-223314r508019_rule | Open/save of dBase III / IV format files must be blocked. |
| ☐ | SV-223315r508019_rule | Open/save of Dif and Sylk format files must be blocked. |
| ☐ | SV-223316r508019_rule | Open/save of Excel 2 macrosheets and add-in files must be blocked. |
| ☐ | SV-223317r508019_rule | Open/save of Excel 2 worksheets must be blocked. |
| ☐ | SV-223318r508019_rule | Open/save of Excel 3 macrosheets and add-in files must be blocked. |
| ☐ | SV-223319r508019_rule | Open/save of Excel 3 worksheets must be blocked. |
| ☐ | SV-223320r508019_rule | Open/save of Excel 4 macrosheets and add-in files must be blocked. |
| ☐ | SV-223321r508019_rule | Open/save of Excel 4 workbooks must be blocked. |
| ☐ | SV-223322r508019_rule | Open/save of Excel 4 worksheets must be blocked. |
| ☐ | SV-223323r508019_rule | Open/save of Excel 95 workbooks must be blocked. |
| ☐ | SV-223324r508019_rule | Open/save of Excel 95-97 workbooks and templates must be blocked. |
| ☐ | SV-223325r508019_rule | The default file block behavior must be set to not open blocked files in Excel. |
| ☐ | SV-223326r508019_rule | Open/save of Web pages and Excel 2003 XML spreadsheets must be blocked. |
| ☐ | SV-223327r508019_rule | Extraction options must be blocked when opening corrupt Excel workbooks. |
| ☐ | SV-223328r508019_rule | Updating of links in Excel must be prompted and not automatic. |
| ☐ | SV-223329r508019_rule | Loading of pictures from Web pages not created in Excel must be disabled. |
| ☐ | SV-223330r508019_rule | AutoRepublish in Excel must be disabled. |
| ☐ | SV-223331r508019_rule | AutoRepublish warning alert in Excel must be enabled. |
| ☐ | SV-223332r508019_rule | File extensions must be enabled to match file types in Excel. |
| ☐ | SV-223333r508019_rule | Scan of encrypted macros in Excel Open XML workbooks must be enabled. |
| ☐ | SV-223334r508019_rule | File validation in Excel must be enabled. |
| ☐ | SV-223335r508019_rule | WEBSERVICE Function Notification in Excel must be configured to disable all, with notifications. |
| ☐ | SV-223336r508019_rule | Macros must be blocked from running in Excel files from the Internet. |
| ☐ | SV-223337r508019_rule | Trust Bar notification must be enabled for unsigned application add-ins in Excel and blocked. |
| ☐ | SV-223338r684249_rule | Untrusted Microsoft Query files must be blocked from opening in Excel. |
| ☐ | SV-223339r684251_rule | Untrusted database files must be opened in Excel in Protected View mode. |
| ☐ | SV-223340r508019_rule | Files from Internet zone must be opened in Excel in Protected View mode. |
| ☐ | SV-223341r508019_rule | Files from unsafe locations must be opened in Excel in Protected View mode. |
| ☐ | SV-223342r508019_rule | Files failing file validation must be opened in Excel in Protected view mode and disallow edits. |
| ☐ | SV-223343r508019_rule | File attachments from Outlook must be opened in Excel in Protected mode. |
| ☐ | SV-223344r508019_rule | The SIP security mode in Lync must be enabled. |
| ☐ | SV-223345r508019_rule | The HTTP fallback for SIP connection in Lync must be disabled. |
| ☐ | SV-223346r508019_rule | The Exchange client authentication with Exchange servers must be enabled to use Kerberos Password Authentication. |
| ☐ | SV-223347r508019_rule | Outlook must use remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. |
| ☐ | SV-223348r508019_rule | Scripts associated with public folders must be prevented from execution in Outlook. |
| ☐ | SV-223349r508019_rule | Scripts associated with shared folders must be prevented from execution in Outlook. |
| ☐ | SV-223350r508019_rule | Files dragged from an Outlook e-mail to the file system must be created in ANSI format. |
| ☐ | SV-223351r508019_rule | Junk e-mail level must be enabled at a setting of High. |
| ☐ | SV-223352r508019_rule | Active X One-Off forms must only be enabled to load with Outlook Controls. |
| ☐ | SV-223353r508019_rule | Outlook must be configured to prevent users overriding attachment security settings. |
| ☐ | SV-223354r508019_rule | Internet must not be included in Safe Zone for picture download in Outlook. |
| ☐ | SV-223355r508019_rule | The Publish to Global Address List (GAL) button must be disabled in Outlook. |
| ☐ | SV-223356r508019_rule | The minimum encryption key length in Outlook must be at least 168. |
| ☐ | SV-223357r508019_rule | The warning about invalid digital signatures must be enabled to warn Outlook users. |
| ☐ | SV-223358r508019_rule | Outlook must be configured to allow retrieving of Certificate Revocation Lists (CRLs) always when online. |
| ☐ | SV-223359r508019_rule | The Outlook Security Mode must be enabled to always use the Outlook Security Group Policy. |
| ☐ | SV-223360r508019_rule | The ability to demote attachments from Level 2 to Level 1 must be disabled. |
| ☐ | SV-223361r508019_rule | The display of Level 1 attachments must be disabled in Outlook. |
| ☐ | SV-223362r508019_rule | Level 1 file attachments must be blocked from being delivered. |
| ☐ | SV-223363r508019_rule | Level 2 file attachments must be blocked from being delivered. |
| ☐ | SV-223364r508019_rule | Outlook must be configured to not run scripts in forms in which the script and the layout are contained within the message. |
| ☐ | SV-223365r508019_rule | When a custom action is executed that uses the Outlook object model, Outlook must automatically deny it. |
| ☐ | SV-223366r508019_rule | When an untrusted program attempts to programmatically access an Address Book using the Outlook object model, Outlook must automatically deny it. |
| ☐ | SV-223367r508019_rule | When a user designs a custom form in Outlook and attempts to bind an Address Information field to a combination or formula custom field, Outlook must automatically deny it. |
| ☐ | SV-223368r508019_rule | When an untrusted program attempts to use the Save As command to programmatically save an item, Outlook must automatically deny it. |
| ☐ | SV-223369r508019_rule | When an untrusted program attempts to gain access to a recipient field, such as the, To: field, using the Outlook object model, Outlook must automatically deny it. |
| ☐ | SV-223370r508019_rule | When an untrusted program attempts to programmatically send e-mail in Outlook using the Response method of a task or meeting request, Outlook must automatically deny it. |
| ☐ | SV-223371r508019_rule | When an untrusted program attempts to send e-mail programmatically using the Outlook object model, Outlook must automatically deny it. |
| ☐ | SV-223372r508019_rule | Outlook must be configured to not allow hyperlinks in suspected phishing messages. |
| ☐ | SV-223373r508019_rule | The Security Level for macros in Outlook must be configured to Warn for signed and disable unsigned. |
| ☐ | SV-223374r508019_rule | Trusted Locations on the network must be disabled in Project. |
| ☐ | SV-223375r508019_rule | Project must automatically disable unsigned add-ins without informing users. |
| ☐ | SV-223376r508019_rule | VBA Macros not digitally signed must be blocked in Project. |
| ☐ | SV-223377r508019_rule | VBA Macros not digitally signed must be blocked in PowerPoint. |
| ☐ | SV-223378r508019_rule | The ability to run programs from PowerPoint must be disabled. |
| ☐ | SV-223379r508019_rule | Open/Save of PowerPoint 97-2003 presentations, shows, templates, and add-in files must be blocked. |
| ☐ | SV-223380r508019_rule | The default file block behavior must be set to not open blocked files in PowerPoint. |
| ☐ | SV-223381r508019_rule | Encrypted macros in PowerPoint Open XML presentations must be scanned. |
| ☐ | SV-223382r508019_rule | File validation in PowerPoint must be enabled. |
| ☐ | SV-223383r508019_rule | Macros from the Internet must be blocked from running in PowerPoint. |
| ☐ | SV-223384r508019_rule | Unsigned add-ins in PowerPoint must be blocked with no Trust Bar Notification to the user. |
| ☐ | SV-223385r508019_rule | Files downloaded from the Internet must be opened in Protected view in PowerPoint. |
| ☐ | SV-223386r508019_rule | PowerPoint attachments opened from Outlook must be in Protected View. |
| ☐ | SV-223387r508019_rule | Files in unsafe locations must be opened in Protected view in PowerPoint. |
| ☐ | SV-223388r508019_rule | If file validation fails, files must be opened in Protected view in PowerPoint with ability to edit disabled. |
| ☐ | SV-223389r508019_rule | The use of network locations must be ignored in PowerPoint. |
| ☐ | SV-223390r508019_rule | Publisher must be configured to prompt the user when another application programmatically opens a macro. |
| ☐ | SV-223391r508019_rule | Publisher must automatically disable unsigned add-ins without informing users. |
| ☐ | SV-223392r508019_rule | Publisher must disable all unsigned VBA macros. |
| ☐ | SV-223393r508019_rule | VBA Macros not digitally signed must be blocked in Visio. |
| ☐ | SV-223394r508019_rule | Trusted Locations on the network must be disabled in Visio. |
| ☐ | SV-223395r508019_rule | Visio must automatically disable unsigned add-ins without informing users. |
| ☐ | SV-223396r508019_rule | Visio 2000-2002 Binary Drawings, Templates and Stencils must be blocked. |
| ☐ | SV-223397r508019_rule | Visio 2003-2010 Binary Drawings, Templates and Stencils must be blocked. |
| ☐ | SV-223398r508019_rule | Visio 5.0 or earlier Binary Drawings, Templates and Stencils must be blocked. |
| ☐ | SV-223399r508019_rule | Macros must be blocked from running in Visio files from the Internet. |
| ☐ | SV-223400r508019_rule | Word must automatically disable unsigned add-ins without informing users. |
| ☐ | SV-223401r508019_rule | In Word, encrypted macros must be scanned. |
| ☐ | SV-223402r508019_rule | Files downloaded from the Internet must be opened in Protected view in Word. |
| ☐ | SV-223403r508019_rule | Files located in unsafe locations must be opened in Protected view in Word. |
| ☐ | SV-223404r508019_rule | If file validation fails, files must be opened in Protected view in Word with ability to edit disabled. |
| ☐ | SV-223405r508019_rule | Word attachments opened from Outlook must be in Protected View. |
| ☐ | SV-223406r508019_rule | The default file block behavior must be set to not open blocked files in Word. |
| ☐ | SV-223407r508019_rule | Open/Save of Word 2 and earlier binary documents and templates must be blocked. |
| ☐ | SV-223408r508019_rule | Open/Save of Word 2000 binary documents and templates must be blocked. |
| ☐ | SV-223409r508019_rule | Open/Save of Word 2003 binary documents and templates must be blocked. |
| ☐ | SV-223410r508019_rule | Open/Save of Word 2007 and later binary documents and templates must be blocked. |
| ☐ | SV-223411r508019_rule | Open/Save of Word 6.0 binary documents and templates must be blocked. |
| ☐ | SV-223412r508019_rule | Open/Save of Word 95 binary documents and templates must be blocked. |
| ☐ | SV-223413r508019_rule | Open/Save of Word 97 binary documents and templates must be blocked. |
| ☐ | SV-223414r508019_rule | Open/Save of Word XP binary documents and templates must be blocked. |
| ☐ | SV-223415r508019_rule | In Word, macros must be blocked from running, even if Enable all macros is selected in the Macro Settings section of the Trust Center. |
| ☐ | SV-223416r508019_rule | Trusted Locations on the network must be disabled in Word. |
| ☐ | SV-223417r508019_rule | VBA Macros not digitally signed must be blocked in Word. |
| ☐ | SV-223418r508019_rule | File validation in Word must be enabled. |
STIGQter: STIG Summary: