Microsoft Excel 2016 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000210
Group -
Disabling of user name and password syntax from being used in URLs must be enforced.
The Uniform Resource Locator (URL) standard allows user authentication to be included in URL strings in the form http://username:password@example.com. A malicious user might use this URL syntax to ...Rule Medium Severity -
Open/Save actions for Excel 4 macrosheets and add-in files must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for Excel 4 worksheets must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Actions for Excel 95 workbooks must be configured to edit in Protected View.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for Dif and Sylk files must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for Excel 3 macrosheets and add-in files must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for Excel 3 worksheets must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for web pages and Excel 2003 XML spreadsheets must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity -
Open/Save actions for dBase III / IV files must be blocked.
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. If you enable this policy setting,...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.