Microsoft Office System 2016 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Automation Security to enforce macro level security in Office documents must be configured.
<VulnDiscussion>This policy setting controls whether macros can run in an Office 2016 application that is opened programmatically by another ...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
A mix of policy and user locations for Office Products must be disallowed.
<VulnDiscussion>This policy setting controls whether trusted locations can be defined by users, the Office Customization Tool (OCT), and Grou...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Smart Documents use of Manifests in Office must be disallowed.
<VulnDiscussion>This policy setting controls whether Office 2016 applications can load an XML expansion pack manifest file with a Smart Docum...Rule Medium Severity -
SRG-APP-000340
<GroupDescription></GroupDescription>Group -
Connection verification of permissions must be enforced.
<VulnDiscussion>This policy setting controls whether users are required to connect to the Internet or a local network to have their licenses ...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Inclusion of document properties for PDF and XPS output must be disallowed.
<VulnDiscussion>This policy setting controls whether document metadata can be saved in PDF and XPS documents. If you enable this policy setti...Rule Medium Severity -
Office Presentation Service must be removed as an option for presenting PowerPoint and Word online.
<VulnDiscussion>This policy setting allows you to remove Office Presentation Service from the list of online presentation services in PowerPo...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
The ability to create an online presentation programmatically must be disabled.
<VulnDiscussion>This policy setting allows you to restrict the ability to create an online presentation programmatically in PowerPoint and Wo...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
When using the Office Feedback tool, the ability to include a screenshot must be disabled.
<VulnDiscussion>This policy setting manages whether the Office Feedback Tool (a.k.a. Send a Smile) allows the user to send a screenshot of th...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
The ability to run unsecure Office web add-ins and Catalogs must be disabled.
<VulnDiscussion>This policy setting allows users to run unsecure web add-in, which are add-ins that have web page or catalog locations that a...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.
<VulnDiscussion>This policy setting configures Office Telemetry Agent to disguise, or obfuscate, certain file properties that are reported in...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
The ability to send personal information to Office must be disabled.
<VulnDiscussion>This policy setting controls whether users can send personal information to Office. When users choose to send information Off...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.