Microsoft Office 365 ProPlus Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Extraction options must be blocked when opening corrupt Excel workbooks.
<VulnDiscussion>This policy setting controls whether Excel presents users with a list of data extraction options before beginning an Open and...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
Trust Bar notification must be enabled for unsigned application add-ins in Excel and blocked.
<VulnDiscussion>This policy setting controls whether the specified Office 2016 applications notify users when unsigned application add-ins ar...Rule Medium Severity -
Updating of links in Excel must be prompted and not automatic.
<VulnDiscussion>This policy setting controls whether Excel prompts users to update automatic links, or whether the updates occur in the backg...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
Loading of pictures from Web pages not created in Excel must be disabled.
<VulnDiscussion>This policy setting controls whether Excel loads graphics when opening Web pages that were not created in Excel. It configure...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
AutoRepublish in Excel must be disabled.
<VulnDiscussion>This policy setting allows administrators to disable the AutoRepublish feature in Excel. If users choose to publish Excel dat...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
AutoRepublish warning alert in Excel must be enabled.
<VulnDiscussion>This policy setting allows administrators to disable the AutoRepublish feature in Excel. If users choose to publish Excel dat...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
The ability to run programs from PowerPoint must be disabled.
<VulnDiscussion>This policy setting controls the prompting and activation behavior for the "Run Programs" option for action buttons in PowerP...Rule Medium Severity -
File extensions must be enabled to match file types in Excel.
<VulnDiscussion>This policy setting controls how Excel loads file types that do not match their extension. Excel can load files with extensio...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
Scan of encrypted macros in Excel Open XML workbooks must be enabled.
<VulnDiscussion>This policy setting controls whether encrypted macros in Open XML workbooks be are required to be scanned with anti-virus sof...Rule Medium Severity -
SRG-APP-000112
<GroupDescription></GroupDescription>Group -
File validation in Excel must be enabled.
<VulnDiscussion>This policy setting allows you turn off the file validation feature. If you enable this policy setting, file validation will...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
WEBSERVICE Function Notification in Excel must be configured to disable all, with notifications.
<VulnDiscussion>This policy setting controls how Excel will warn users when WEBSERVICE functions are present. If you enable this policy sett...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.