Microsoft Office 365 ProPlus Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Untrusted Microsoft Query files must be blocked from opening in Excel.
This policy setting controls whether Microsoft Query files (.iqy, oqy, .dqy, and .rqy) in an untrusted location are prevented from opening. If you enable this policy setting, Microsoft Query files...Rule Medium Severity -
Files from unsafe locations must be opened in Excel in Protected View mode.
This policy setting lets you determine if files located in unsafe locations will open in Protected View. If you have not specified unsafe locations, only the "Downloaded Program Files" and "Tempora...Rule Medium Severity -
File attachments from Outlook must be opened in Excel in Protected mode.
This policy setting allows you to determine if Excel files in Outlook attachments open in Protected View. If you enable this policy setting, Outlook attachments do not open in Protected View. If ...Rule Medium Severity -
The Exchange client authentication with Exchange servers must be enabled to use Kerberos Password Authentication.
This policy setting controls which authentication method Outlook uses to authenticate with Microsoft Exchange Server. Note: Exchange Server supports the Kerberos authentication protocol and NTLM fo...Rule Medium Severity -
Outlook must use remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers.
This policy setting controls whether Outlook uses remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. If you enable this policy setting, Outlook uses RPC encryp...Rule Medium Severity -
The junk email protection level must be set to No Automatic Filtering.
This policy setting controls the Junk E-mail protection level. The Junk E-mail Filter in Outlook helps to prevent junk email messages, also known as spam, from cluttering a user's Inbox. The filter...Rule Medium Severity -
Outlook must be configured to prevent users overriding attachment security settings.
This policy setting prevents users from overriding the set of attachments blocked by Outlook. If you enable this policy setting users will be prevented from overriding the set of attachments block...Rule Medium Severity -
The minimum encryption key length in Outlook must be at least 168.
This policy setting allows you to set the minimum key length for an encrypted e-mail message. If you enable this policy setting, you may set the minimum key length for an encrypted e-mail message....Rule Medium Severity -
Outlook must be configured to allow retrieving of Certificate Revocation Lists (CRLs) always when online.
This policy setting controls how Outlook retrieves Certificate Revocation Lists to verify the validity of certificates. Certificate revocation lists (CRLs) are lists of digital certificates that ha...Rule Medium Severity -
Level 1 file attachments must be blocked from being delivered.
This policy setting controls whether Outlook users can demote attachments to Level 2 by using a registry key, which will allow them to save files to disk and open them from that location. Outlook u...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.