Microsoft Office 365 ProPlus Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Macros must be blocked from running in Visio files from the Internet.
<VulnDiscussion>This policy setting allows you to block macros from running in Office files that come from the Internet. If you enable this ...Rule Medium Severity -
SRG-APP-000131
<GroupDescription></GroupDescription>Group -
Word must automatically disable unsigned add-ins without informing users.
<VulnDiscussion>This policy setting controls whether the specified Office application notifies users when unsigned application add-ins are lo...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
In Word, encrypted macros must be scanned.
<VulnDiscussion>This policy setting controls whether encrypted macros in Open XML documents be are required to be scanned with anti-virus sof...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Files downloaded from the Internet must be opened in Protected view in Word.
<VulnDiscussion>This policy setting allows you to determine if files downloaded from the Internet zone open in Protected View. If you enable...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
If file validation fails, files must be opened in Protected view in Word with ability to edit disabled.
<VulnDiscussion>This policy setting controls how Office handles documents when they fail file validation. If you enable this policy setting...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Word attachments opened from Outlook must be in Protected View.
<VulnDiscussion>This policy setting allows you to determine if Word files in Outlook attachments open in Protected View. If you enable this ...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
The default file block behavior must be set to not open blocked files in Word.
<VulnDiscussion>This policy setting allows you to determine if users can open, view, or edit Word files. If you enable this policy setting, ...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Open/Save of Word 2 and earlier binary documents and templates must be blocked.
<VulnDiscussion>This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified ...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Open/Save of Word 2000 binary documents and templates must be blocked.
<VulnDiscussion>This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified ...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Open/Save of Word 2003 binary documents and templates must be blocked.
<VulnDiscussion>This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified ...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.