| Checked | Name | Title |
|---|
| ☐ | SV-75853r1_rule | Disable user name and password syntax from being used in URLs |
| ☐ | SV-33390r1_rule | Enabling IE Bind to Object functionality must be present. |
| ☐ | SV-33419r1_rule | Saved from URL mark to assure Internet zone processing must be enforced. |
| ☐ | SV-33412r1_rule | Navigation to URL's embedded in Office products must be blocked. |
| ☐ | SV-33398r1_rule | Links that invoke instances of IE from within an Office product must be blocked. |
| ☐ | SV-33558r2_rule | Permit download of content from safe zones must be configured. |
| ☐ | SV-33513r1_rule | Access restriction settings for published calendars must be configured. |
| ☐ | SV-33520r1_rule | Recipients of sent email must be unable to be added to the safe sender's list. |
| ☐ | SV-33523r1_rule | Active X One-Off forms must be configured. |
| ☐ | SV-33586r1_rule | Scripts in One-Off Outlook forms must be disallowed. |
| ☐ | SV-33540r1_rule | IE Trusted Zones assumed 'trusted' must be blocked. |
| ☐ | SV-33932r1_rule | The Add-In Trust Level must be configured. |
| ☐ | SV-33588r1_rule | Object Model Prompt behavior for programmatic address books must be configured. |
| ☐ | SV-33578r1_rule | Action to demote an EMail Level 1 attachment to Level 2 must be configured. |
| ☐ | SV-33589r1_rule | Object Model Prompt behavior for accessing User Property Formula must be configured. |
| ☐ | SV-33592r1_rule | Object Model Prompt behavior for the SaveAs method must be configured. |
| ☐ | SV-33593r1_rule | Object Model Prompt behavior for programmatic access of user address data must be configured. |
| ☐ | SV-33594r1_rule | Object Model Prompt behavior for Meeting and Task Responses must be configured. |
| ☐ | SV-33595r1_rule | Object Model Prompt for programmatic email send behavior must be configured. |
| ☐ | SV-33596r1_rule | Trusted add-ins behavior for eMail must be configured. |
| ☐ | SV-33506r1_rule | Dial-up and Hang up Options for Outlook must be configured. |
| ☐ | SV-33507r1_rule | Outlook Dial-up options to Warn user before allowing switch in dial-up access must be configured. |
| ☐ | SV-33524r1_rule | The "remember password" for internet e-mail accounts must be disabled. |
| ☐ | SV-33581r1_rule | Level 1 attachment close behaviors must be configured. |
| ☐ | SV-33582r1_rule | Prompting behavior for Level 1 attachments on sending must be configured. |
| ☐ | SV-33500r1_rule | Disabling download full text of articles as HTML must be configured. |
| ☐ | SV-33597r1_rule | Hyperlinks in suspected phishing e-mail messages must be disallowed. |
| ☐ | SV-33493r1_rule | RPC encryption between Outlook and Exchange server must be enforced. |
| ☐ | SV-33521r1_rule | Junk Mail UI must be configured. |
| ☐ | SV-33561r2_rule | Internet with Safe Zones for Picture Download must be disabled. |
| ☐ | SV-33562r2_rule | Intranet with Safe Zones for automatic picture downloads must be configured. |
| ☐ | SV-33580r1_rule | The ability to display level 1 attachments must be disallowed. |
| ☐ | SV-33548r2_rule | External content and pictures in HTML eMail must be displayed. |
| ☐ | SV-33504r1_rule | Digital signatures must be allowed. |
| ☐ | SV-33509r1_rule | Folders in non-default stores, set as folder home pages, must be disallowed. |
| ☐ | SV-33510r1_rule | Outlook Object Model scripts must be disallowed to run for public folders. |
| ☐ | SV-33511r1_rule | Outlook Object Model scripts must be disallowed to run for shared folders. |
| ☐ | SV-33499r1_rule | Do not include Internet Calendar Integration in Outlook must be enforced. |
| ☐ | SV-33572r1_rule | Attachments using generated name for secure temporary folders must be configured. |
| ☐ | SV-33486r1_rule | Authentication with Exchange Server must be required. |
| ☐ | SV-33487r2_rule | Automatically configure user profile based on Active Directory primary SMTP address must be enforced. |
| ☐ | SV-33496r1_rule | Automatic download of Internet Calendar appointment attachments must be disallowed. |
| ☐ | SV-33529r1_rule | Automatic download content for email in Safe Senders list must be disallowed. |
| ☐ | SV-33508r1_rule | Outlook must be enforced as the default email, calendar, and contacts program. |
| ☐ | SV-33563r1_rule | Message formats must be set to use SMime. |
| ☐ | SV-33574r2_rule | Missing Root Certificates warning must be enforced. |
| ☐ | SV-33577r1_rule | Outlook Security Mode must be configured to use Group Policy settings. |
| ☐ | SV-33505r2_rule | Plain Text Options for outbound email must be configured. |
| ☐ | SV-33514r1_rule | Publishing to a Web Distributed and Authoring (DAV) server must be prevented. |
| ☐ | SV-33515r1_rule | Publishing calendars to Office Online must be prevented. |
| ☐ | SV-33525r1_rule | Users customizing attachment security settings must be prevented. |
| ☐ | SV-33518r1_rule | Read EMail as plain text must be enforced. |
| ☐ | SV-33519r1_rule | Read signed email as plain text must be enforced. |
| ☐ | SV-33583r1_rule | Level 1 file extensions must be blocked and not removed. |
| ☐ | SV-33585r1_rule | Level 2 file extensions must be blocked and not removed. |
| ☐ | SV-33516r1_rule | Level of calendar details that a user can publish must be restricted. |
| ☐ | SV-33517r1_rule | Upload method for publishing calendars to Office Online must be restricted. |
| ☐ | SV-33880r1_rule | Retrieving of CRL data must be set for online action. |
| ☐ | SV-33565r1_rule | Run in FIPS compliant mode must be enforced. |
| ☐ | SV-33566r1_rule | S/Mime interoperability with external clients for message handling must be configured. |
| ☐ | SV-33568r1_rule | Automatic sending s/Mime receipt requests must be disallowed. |
| ☐ | SV-33598r1_rule | Always warn on untrusted macros must be enforced. |
| ☐ | SV-33570r1_rule | All signed messages as clear signed messages must be configured. |
| ☐ | SV-33587r1_rule | Custom Outlook Object Model (OOM) action execution prompts must be configured. |
| ☐ | SV-33571r1_rule | Warning about invalid signatures must be enforced. |
| ☐ | SV-33501r1_rule | RSS feed synchronization with Common Feed List must be disallowed. |
| ☐ | SV-33522r1_rule | Trust EMail from senders in receiver's contact list must be enforced. |
| ☐ | SV-33502r1_rule | RSS Feeds must be disallowed. |
| ☐ | SV-33512r1_rule | Dragging Unicode eMail messages to file system must be disallowed. |
| ☐ | SV-33503r1_rule | User Entries to Server List must be disallowed. |
| ☐ | SV-33782r1_rule | Add-on Management functionality must be allowed. |
| ☐ | SV-33790r1_rule | Protection from zone elevation must be enforced. |
| ☐ | SV-33793r1_rule | ActiveX Installs must be configured for proper restriction. |
| ☐ | SV-33800r1_rule | File Downloads must be configured for proper restrictions. |
| ☐ | SV-33806r1_rule | Scripted Window Security must be enforced. |
| ☐ | SV-33857r1_rule | Data Execution Prevention must be enforced. |
| ☐ | SV-34101r1_rule | Automatically downloading enclosures on RSS must be disallowed. |
| ☐ | SV-34103r1_rule | Outlook Rich Text options must be set for converting to plain text format. |
| ☐ | SV-34105r1_rule | Default message format must be set to use Plain Text. |
| ☐ | SV-34106r1_rule | Outlook must be configured not to prompt users to choose security settings if default settings fail. |
| ☐ | SV-34107r1_rule | Outlook minimum encryption key length settings must be set. |
| ☐ | SV-34109r1_rule | Replies or forwards to signed/encrypted messages must be signed/encrypted. |
| ☐ | SV-34110r1_rule | Check e-mail addresses against addresses of certificates being used must be disallowed. |
| ☐ | SV-55984r2_rule | Text in Outlook that represents Internet and network paths must not be automatically turned into hyperlinks. |
STIGQter: STIG Summary: