Skip to content
Log In

Microsoft Office System 2010 STIG

Rules, Groups, and Values defined within the XCCDF Benchmark

  • DTOO195 - Disable Password to Open UI

    Group
    Show

  • Passwords for secured documents must be enforced.

    If 2010 Office users add passwords to documents, other users can be prevented from opening the documents. This capability can provide an extra level of protection to documents already protected by ...
    Rule Medium Severity
    Show

  • DTOO197 - Document Manifests

    Group
    Show

  • Automation Security to enforce macro level security in Office documents must be configured.

    When a separate program is used to launch Microsoft Office Excel, PowerPoint, or Word programmatically, any macros can run in the programmatically opened application without being blocked. This fun...
    Rule Medium Severity
    Show

  • DTOO208 - Office client polling from Office Server

    Group
    Show

  • Office client polling of Sharepoint servers published links must be disabled.

    Users of Office applications can see and use links to Microsoft Office SharePoint Server sites from those applications. Administrators configure published links to Office applications during initia...
    Rule Medium Severity
    Show

  • DTOO201 - Connection permissions verification

    Group
    Show

  • Connection verification of permissions must be enforced.

    Users are not required to connect to the network to verify permissions. If users do not need their licenses confirmed when attempting to open Office documents, they might be able to access document...
    Rule Medium Severity
    Show

  • DTOO185 - Do not receive Automatic small updates

    Group
    Show

  • DTOO193 - Automation Security

    Group
    Show

  • DTOO203 - Legacy Format signatures

    Group
    Show

  • DTOO192 - Load controls for forms3

    Group
    Show

  • DTOO179 - Open as Read/Write when browsing

    Group
    Show

  • Documents must be configured to not open as Read Write when browsing.

    Office document on a Web server using Internet Explorer, the appropriate application opens the file in read-only mode. However, if the default configuration is changed, the document is opened as re...
    Rule Medium Severity
    Show

  • DTOO199 - Permissions on managed content

    Group
    Show

  • DTOO178 - Uploads to Office Online

    Group
    Show

  • Upload of document templates to Office Online must be prevented.

    Office users can share Excel, PowerPoint, and Word templates they create with other Microsoft Office users around the world by uploading them to the community area of the Microsoft Office Online We...
    Rule Medium Severity
    Show

  • DTOO188 - Protect document metadata

    Group
    Show

  • DTOO187 - Protect metadata / rights managed docs

    Group
    Show

  • Rights managed Office Open XML files must be protected.

    When Information Rights Management (IRM) is used to restrict access to an Office Open XML document, any metadata associated with the document is not encrypted. This configuration could allow potent...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules