STIGQter STIGQter: STIG Summary:

Microsoft InfoPath 2010 STIG

Version: 1

Release: 11 Benchmark Date: 27 Apr 2018

SV-33670r1_ruleTrust Bar Notifications for unsigned application add-ins must be blocked.
SV-33860r2_ruleAll automatic loading from Trusted Locations must be disabled.
SV-33657r1_ruleRedirection behavior for upgraded web sites by SharePoint must be blocked.
SV-33627r1_ruleOpening behavior for EMail forms containing code or scripts must be controlled.
SV-33651r1_ruleEmail with InfoPath forms must be configured to show UI to recipients.
SV-33629r1_ruleDynamic caching of InfoPath eMail forms must be disabled.
SV-33631r1_ruleDisabling of email forms from the Full Trust Security Zone must be configured.
SV-33634r1_ruleDisabling email forms from the Internet Security Zone must be configured.
SV-33636r1_ruleDisabling email forms running in Restricted Security Level must be configured.
SV-33661r1_ruleDisabling of Fully Trusted Solutions access to computers must be configured.
SV-33665r1_ruleDisabling the opening of solutions from the Internet Security Zone must be configured.
SV-33639r1_ruleDisabling sending form templates with the email forms must be configured.
SV-33646r1_ruleInfoPath 2003 forms as email forms in InfoPath 2010 must be disallowed.
SV-33652r1_ruleBeaconing UI shown for opened forms must be configured.
SV-33655r1_ruleBeaconing of UI forms with ActiveX controls must be enforced.
SV-33649r1_ruleOffline Mode capability to cache queries for offline mode must be configured.
SV-33668r1_ruleUnsafe file types must be prevented from being attached to InfoPath forms.
SV-33851r1_ruleApplication add-ins must be signed by Trusted Publisher.
SV-33856r1_ruleData Execution Prevention must be enforced.
SV-34111r1_ruleInfoPath must be enforced to not use e-mail forms from the Intranet security zone.
SV-34119r1_ruleInfoPath e-mail forms in Outlook must be disallowed.
SV-34123r1_ruleDisabling opening forms with managed code from the Internet security zone must be configured.
SV-34221r1_ruleA form that is digitally signed must be displayed with a warning.
SV-34226r1_ruleThe InfoPath APTCA Assembly Allowable List must be enforced.