STIGQter STIGQter: STIG Summary: Microsoft Outlook 2016 Security Technical Implementation Guide

Version: 1

Release: 2 Benchmark Date: 28 Jul 2017

SV-85733r1_ruleDisabling of user name and password syntax from being used in URLs must be enforced.
SV-85735r1_ruleEnabling IE Bind to Object functionality must be present.
SV-85737r1_ruleSaved from URL mark to assure Internet zone processing must be enforced.
SV-85739r1_ruleNavigation to URLs embedded in Office products must be blocked.
SV-85741r1_ruleScripted Window Security must be enforced.
SV-85743r1_ruleAdd-on Management functionality must be allowed.
SV-85745r1_ruleLinks that invoke instances of Internet Explorer from within an Office product must be blocked.
SV-85747r1_ruleFile Downloads must be configured for proper restrictions.
SV-85749r1_ruleProtection from zone elevation must be enforced.
SV-85751r1_ruleActiveX Installs must be configured for proper restriction.
SV-85753r1_rulePublishing calendars to Office Online must be prevented.
SV-85755r1_rulePublishing to a Web Distributed and Authoring (DAV) server must be prevented.
SV-85757r1_ruleLevel of calendar details that a user can publish must be restricted.
SV-85759r1_ruleAccess restriction settings for published calendars must be configured.
SV-85769r1_ruleOutlook Object Model scripts must be disallowed to run for shared folders.
SV-85771r1_ruleOutlook Object Model scripts must be disallowed to run for public folders.
SV-85773r1_ruleActiveX One-Off forms must be configured.
SV-85775r1_ruleThe Add-In Trust Level must be configured.
SV-85777r1_ruleThe remember password for internet e-mail accounts must be disabled.
SV-85779r1_ruleUsers customizing attachment security settings must be prevented.
SV-85781r1_ruleOutlook Security Mode must be configured to use Group Policy settings.
SV-85783r1_ruleThe ability to display level 1 attachments must be disallowed.
SV-85785r1_ruleLevel 1 file extensions must be blocked and not removed.
SV-85787r1_ruleLevel 2 file extensions must be blocked and not removed.
SV-85789r1_ruleScripts in One-Off Outlook forms must be disallowed.
SV-85791r1_ruleCustom Outlook Object Model (OOM) action execution prompts must be configured.
SV-85793r1_ruleObject Model Prompt for programmatic email send behavior must be configured.
SV-85795r1_ruleObject Model Prompt behavior for programmatic address books must be configured.
SV-85797r1_ruleObject Model Prompt behavior for programmatic access of user address data must be configured.
SV-85799r1_ruleObject Model Prompt behavior for Meeting and Task Responses must be configured.
SV-85801r1_ruleObject Model Prompt behavior for the SaveAs method must be configured.
SV-85803r1_ruleObject Model Prompt behavior for accessing User Property Formula must be configured.
SV-85817r1_ruleTrusted add-ins behavior for email must be configured.
SV-85819r1_ruleS/Mime interoperability with external clients for message handling must be configured.
SV-85851r1_ruleMessage formats must be set to use SMime.
SV-85853r1_ruleRun in FIPS compliant mode must be enforced.
SV-85855r1_ruleSend all signed messages as clear signed messages must be configured.
SV-85857r1_ruleAutomatic sending s/Mime receipt requests must be disallowed.
SV-85859r1_ruleRetrieving of CRL data must be set for online action.
SV-85861r1_ruleExternal content and pictures in HTML email must be displayed.
SV-85863r1_ruleAutomatic download content for email in Safe Senders list must be disallowed.
SV-85865r1_rulePermit download of content from safe zones must be configured.
SV-85867r1_ruleIE Trusted Zones assumed trusted must be blocked.
SV-85869r1_ruleInternet with Safe Zones for Picture Download must be disabled.
SV-85871r1_ruleIntranet with Safe Zones for automatic picture downloads must be configured.
SV-85873r1_ruleAlways warn on untrusted macros must be enforced.
SV-85875r1_ruleHyperlinks in suspected phishing email messages must be disallowed.
SV-85877r1_ruleRPC encryption between Outlook and Exchange server must be enforced.
SV-85879r1_ruleOutlook must be configured to force authentication when connecting to an Exchange server.
SV-85883r1_ruleDisabling download full text of articles as HTML must be configured.
SV-85885r1_ruleAutomatic download of Internet Calendar appointment attachments must be disallowed.
SV-85887r1_ruleInternet calendar integration in Outlook must be disabled.
SV-85889r1_ruleUser Entries to Server List must be disallowed.
SV-85891r1_ruleAutomatically downloading enclosures on RSS must be disallowed.
SV-85895r1_ruleOutlook must be configured not to prompt users to choose security settings if default settings fail.
SV-85897r1_ruleOutlook minimum encryption key length settings must be set.
SV-85899r1_ruleReplies or forwards to signed/encrypted messages must be signed/encrypted.
SV-85901r1_ruleCheck e-mail addresses against addresses of certificates being used must be disallowed.