Microsoft Office 365 ProPlus Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Navigate URL must be enabled in all Office programs.
<VulnDiscussion>To protect users from attacks, Internet Explorer usually does not attempt to load malformed URLs. This functionality can be c...Rule Medium Severity -
SRG-APP-000179
<GroupDescription></GroupDescription>Group -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
SRG-APP-000131
<GroupDescription></GroupDescription>Group -
Trust Bar Notifications for unsigned application add-ins in Access must be disabled and blocked.
<VulnDiscussion>This policy setting controls whether the specified Office application notifies users when unsigned application add-ins are lo...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
VBA Macros not digitally signed must be blocked in Access.
<VulnDiscussion>This policy setting controls how the specified applications warn users when Visual Basic for Applications (VBA) macros are pr...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
File attachments from Outlook must be opened in Excel in Protected mode.
<VulnDiscussion>This policy setting allows you to determine if Excel files in Outlook attachments open in Protected View. If you enable this...Rule Medium Severity -
Allowing Trusted Locations on the network must be disabled in Access.
<VulnDiscussion>This policy setting controls whether trusted locations on the network can be used. If you enable this policy setting, users...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
The Macro Runtime Scan Scope must be enabled for all documents.
<VulnDiscussion>This policy setting specifies for which documents the VBA Runtime Scan feature is enabled. If the feature is disabled for al...Rule Medium Severity -
SRG-APP-000429
<GroupDescription></GroupDescription>Group -
Document metadata for rights managed Office Open XML files must be protected.
<VulnDiscussion>This policy setting determines whether metadata is encrypted in Office Open XML files that are protected by Information Right...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
The Office client must be prevented from polling the SharePoint Server for published links.
<VulnDiscussion>This policy setting controls whether Office 365 ProPlus applications can poll Office servers to retrieve lists of published l...Rule Medium Severity -
SRG-APP-000516
<GroupDescription></GroupDescription>Group -
SRG-APP-000219
<GroupDescription></GroupDescription>Group -
Custom user interface (UI) code must be blocked from loading in all Office applications.
<VulnDiscussion>This policy setting controls whether Office 365 ProPlus applications load any custom user interface (UI) code included with a...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.