Microsoft Outlook 2016 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Object Model Prompt behavior for programmatic access of user address data must be configured.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to gain access to a recipient field, such as the...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
Object Model Prompt behavior for Meeting and Task Responses must be configured.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to programmatically send e-mail in Outlook using...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
Object Model Prompt behavior for the SaveAs method must be configured.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to use the Save As command to programmatically s...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
Object Model Prompt behavior for accessing User Property Formula must be configured.
<VulnDiscussion>This policy setting controls what happens when a user designs a custom form in Outlook and attempts to bind an Address Inform...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Trusted add-ins behavior for email must be configured.
<VulnDiscussion>This policy setting can be used to specify a list of trusted add-ins that can be run without being restricted by the security...Rule Medium Severity -
SRG-APP-000179
<GroupDescription></GroupDescription>Group -
S/Mime interoperability with external clients for message handling must be configured.
<VulnDiscussion>This policy setting controls whether Outlook decodes encrypted messages itself or passes them to an external program for proc...Rule Medium Severity -
SRG-APP-000179
<GroupDescription></GroupDescription>Group -
Message formats must be set to use SMime.
<VulnDiscussion>This policy setting controls which message encryption formats Outlook can use. Outlook supports three formats for encrypting ...Rule Medium Severity -
SRG-APP-000179
<GroupDescription></GroupDescription>Group -
Run in FIPS compliant mode must be enforced.
<VulnDiscussion>This policy setting controls whether Outlook is required to use FIPS-compliant algorithms when signing and encrypting message...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Send all signed messages as clear signed messages must be configured.
<VulnDiscussion>This policy setting controls whether Outlook sends signed messages as clear text signed messages. If you enable this policy s...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Automatic sending s/Mime receipt requests must be disallowed.
<VulnDiscussion>This policy setting controls how Outlook handles S/MIME receipt requests. If you enable this policy setting, you can choose f...Rule Medium Severity -
SRG-APP-000175
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.