III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516
Group -
The Office Telemetry Agent must be configured to obfuscate the file name, file path, and title of Office documents before uploading telemetry data to the shared folder.
This policy setting configures the Office Telemetry Agent to disguise, or obfuscate, certain file properties that are reported in telemetry data. If this policy setting is enabled, Office Telemetry...Rule Medium Severity -
SRG-APP-000141
Group -
The Opt-In Wizard must be disabled.
The Opt-in Wizard displays the first time users run a 2013 Microsoft Office application, which allows them to opt into Internet-based services that will help improve their Office experience, such a...Rule Medium Severity -
SRG-APP-000141
Group -
The Customer Experience Improvement Program for Office must be disabled.
When users choose to participate in the Customer Experience Improvement Program (CEIP), Office applications automatically send information to Microsoft about how the applications are used. This inf...Rule Medium Severity -
SRG-APP-000141
Group -
Automatic receiving of small updates to improve reliability must be disallowed.
Having access to updates, add-ins, and patches on the Office Online website can help users ensure computers are up to date and equipped with the latest security patches. However, to ensure updates ...Rule Medium Severity -
SRG-APP-000141
Group -
The Internet Fax Feature must be disabled.
Excel, PowerPoint, and Word users can use the Internet Fax feature to send documents to fax recipients through an Internet fax service provider. If your organization has policies that govern the ti...Rule Medium Severity -
SRG-APP-000141
Group -
Online content options must be configured for offline content availability.
The Office 2013 Help system automatically searches MicrosoftOffice.com for content when a computer is connected to the Internet. Users can change this default by clearing the Search Microsoft Offic...Rule Medium Severity -
SRG-APP-000141
Group -
The video informing a user about signing into Office365 must be disabled.
Office 365 is a subscription-based service which offers access to various Microsoft Office applications. Access to Office 365 will not be permitted; only locally installed and configured Office 20...Rule Medium Severity -
SRG-APP-000141
Group -
The first-run prompt to sign into Office365 must be disabled.
Office 365 functionality allows users to provide credentials for accessing Office 365 using either their Microsoft Account, or the user ID assigned by the organization. Access to Office 365 will no...Rule Medium Severity -
SRG-APP-000141
Group -
The ability to sign into Office365 must be disabled.
Office 2013 can be configured to prompt users for credentials to Office365 using either their Microsoft Account or the user ID assigned by an organization for accessing Office 365. Access to Offic...Rule Medium Severity -
SRG-APP-000141
Group -
The ability to automatically hyperlink screenshots within Word, PowerPoint, Excel and Outlook must be disabled.
The ability to automatically bind hyperlink to a screenshot inserted through the Insert Screenshot tool introduces the possibility of a malicious URL or website being imbedded in the Word, PowerPoi...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.