Microsoft Office 365 ProPlus Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
ActiveX Controls must be initialized in Safe Mode.
<VulnDiscussion>This policy setting specifies the Microsoft ActiveX initialization security level for all Microsoft Office applications. Acti...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level.
<VulnDiscussion>This policy setting controls whether macros can run in an Office 365 ProPlus application that is opened programmatically by a...Rule Medium Severity -
SRG-APP-000131
<GroupDescription></GroupDescription>Group -
Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked.
<VulnDiscussion>This policy setting controls whether Office 365 ProPlus applications notify users when potentially unsafe features or content...Rule Medium Severity -
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Add-on Management must be enabled for all Office 365 ProPlus programs.
<VulnDiscussion>Internet Explorer add-ons are pieces of code, run in Internet Explorer, to provide additional functionality. Rogue add-ons ma...Rule Medium Severity -
SRG-APP-000179
<GroupDescription></GroupDescription>Group -
Office applications must be configured to specify encryption type in password-protected Office 97-2003 files.
<VulnDiscussion>This policy setting enables you to specify an encryption type for password-protected Office 97-2003 files. If you enable thi...Rule Medium Severity -
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Office applications must be configured to specify encryption type in password-protected Office Open XML files.
<VulnDiscussion>This policy setting allows you to specify an encryption type for Office Open XML files. If you enable this policy setting, y...Rule Medium Severity -
SRG-APP-000340
<GroupDescription></GroupDescription>Group -
Users must be prevented from creating new trusted locations in the Trust Center.
<VulnDiscussion>This policy setting controls whether trusted locations can be defined by users, the Office Customization Tool (OCT), and Grou...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
Office applications must not load XML expansion packs with Smart Documents.
<VulnDiscussion>This policy setting controls whether Office 365 ProPlus applications can load an XML expansion pack manifest file with a Smar...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
The load of controls in Forms3 must be blocked.
<VulnDiscussion>This policy setting allows the user to control how ActiveX controls in UserForms should be initialized based upon whether the...Rule Medium Severity -
Consistent MIME handling must be enabled for all Office 365 ProPlus programs.
<VulnDiscussion>Encryption is only as good as the encryption modules utilized. Unapproved cryptographic module algorithms cannot be verified ...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.