STIGQter STIGQter: STIG Summary:

Microsoft Outlook 2016 Security Technical Implementation Guide

Version: 2

Release: 1 Benchmark Date: 23 Oct 2020

SV-228419r508021_ruleDisabling of user name and password syntax from being used in URLs must be enforced.
SV-228420r508021_ruleEnabling IE Bind to Object functionality must be present.
SV-228421r508021_ruleSaved from URL mark to assure Internet zone processing must be enforced.
SV-228422r508021_ruleNavigation to URLs embedded in Office products must be blocked.
SV-228423r508021_ruleScripted Window Security must be enforced.
SV-228424r508021_ruleAdd-on Management functionality must be allowed.
SV-228425r508021_ruleLinks that invoke instances of Internet Explorer from within an Office product must be blocked.
SV-228426r508021_ruleFile Downloads must be configured for proper restrictions.
SV-228427r508021_ruleProtection from zone elevation must be enforced.
SV-228428r508021_ruleActiveX Installs must be configured for proper restriction.
SV-228429r508021_rulePublishing calendars to Office Online must be prevented.
SV-228430r508021_rulePublishing to a Web Distributed and Authoring (DAV) server must be prevented.
SV-228431r508021_ruleLevel of calendar details that a user can publish must be restricted.
SV-228432r508021_ruleAccess restriction settings for published calendars must be configured.
SV-228433r508021_ruleOutlook Object Model scripts must be disallowed to run for shared folders.
SV-228434r508021_ruleOutlook Object Model scripts must be disallowed to run for public folders.
SV-228435r508021_ruleActiveX One-Off forms must be configured.
SV-228436r508021_ruleThe Add-In Trust Level must be configured.
SV-228437r508021_ruleThe remember password for internet e-mail accounts must be disabled.
SV-228438r508021_ruleUsers customizing attachment security settings must be prevented.
SV-228439r508021_ruleOutlook Security Mode must be configured to use Group Policy settings.
SV-228440r508021_ruleThe ability to display level 1 attachments must be disallowed.
SV-228441r508021_ruleLevel 1 file extensions must be blocked and not removed.
SV-228442r508021_ruleLevel 2 file extensions must be blocked and not removed.
SV-228443r508021_ruleScripts in One-Off Outlook forms must be disallowed.
SV-228444r508021_ruleCustom Outlook Object Model (OOM) action execution prompts must be configured.
SV-228445r508021_ruleObject Model Prompt for programmatic email send behavior must be configured.
SV-228446r508021_ruleObject Model Prompt behavior for programmatic address books must be configured.
SV-228447r508021_ruleObject Model Prompt behavior for programmatic access of user address data must be configured.
SV-228448r508021_ruleObject Model Prompt behavior for Meeting and Task Responses must be configured.
SV-228449r508021_ruleObject Model Prompt behavior for the SaveAs method must be configured.
SV-228450r508021_ruleObject Model Prompt behavior for accessing User Property Formula must be configured.
SV-228451r508021_ruleTrusted add-ins behavior for email must be configured.
SV-228452r508021_ruleS/Mime interoperability with external clients for message handling must be configured.
SV-228453r508021_ruleMessage formats must be set to use SMime.
SV-228454r559729_ruleRun in FIPS compliant mode must be enforced.
SV-228455r508021_ruleSend all signed messages as clear signed messages must be configured.
SV-228456r508021_ruleAutomatic sending s/Mime receipt requests must be disallowed.
SV-228457r508021_ruleRetrieving of CRL data must be set for online action.
SV-228458r508021_ruleExternal content and pictures in HTML email must be displayed.
SV-228459r508021_ruleAutomatic download content for email in Safe Senders list must be disallowed.
SV-228460r508021_rulePermit download of content from safe zones must be configured.
SV-228461r508021_ruleIE Trusted Zones assumed trusted must be blocked.
SV-228462r508021_ruleInternet with Safe Zones for Picture Download must be disabled.
SV-228463r508021_ruleIntranet with Safe Zones for automatic picture downloads must be configured.
SV-228464r508021_ruleAlways warn on untrusted macros must be enforced.
SV-228465r508021_ruleHyperlinks in suspected phishing email messages must be disallowed.
SV-228466r508021_ruleRPC encryption between Outlook and Exchange server must be enforced.
SV-228467r508021_ruleOutlook must be configured to force authentication when connecting to an Exchange server.
SV-228468r508021_ruleDisabling download full text of articles as HTML must be configured.
SV-228469r508021_ruleAutomatic download of Internet Calendar appointment attachments must be disallowed.
SV-228470r508021_ruleInternet calendar integration in Outlook must be disabled.
SV-228471r508021_ruleUser Entries to Server List must be disallowed.
SV-228472r508021_ruleAutomatically downloading enclosures on RSS must be disallowed.
SV-228473r508021_ruleOutlook must be configured not to prompt users to choose security settings if default settings fail.
SV-228474r508021_ruleOutlook minimum encryption key length settings must be set.
SV-228475r508021_ruleReplies or forwards to signed/encrypted messages must be signed/encrypted.
SV-228476r508021_ruleCheck e-mail addresses against addresses of certificates being used must be disallowed.