II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516
Group -
Permit download of content from safe zones must be configured.
This policy setting controls whether Outlook automatically downloads content from safe zones when displaying messages. If you enable this policy setting content from safe zones will be downloaded a...Rule Medium Severity -
SRG-APP-000516
Group -
IE Trusted Zones assumed trusted must be blocked.
This policy setting controls whether pictures from sites in the Trusted Sites security zone are automatically downloaded in Outlook e-mail messages and other items. If you enable this policy settin...Rule Medium Severity -
SRG-APP-000516
Group -
Internet with Safe Zones for Picture Download must be disabled.
This policy setting controls whether pictures and external content in HTML e-mail messages from untrusted senders on the Internet are downloaded without Outlook users explicitly choosing to do so. ...Rule Medium Severity -
SRG-APP-000516
Group -
Intranet with Safe Zones for automatic picture downloads must be configured.
This policy setting controls whether pictures and external content in HTML e-mail messages from untrusted senders on the local intranet are downloaded without Outlook users explictly choosing to do...Rule Medium Severity -
SRG-APP-000207
Group -
Always warn on untrusted macros must be enforced.
This policy setting controls the security level for macros in Outlook. If you enable this policy setting, you can choose from four options for handling macros in Outlook: - Always warn. This option...Rule Medium Severity -
SRG-APP-000516
Group -
Hyperlinks in suspected phishing email messages must be disallowed.
This policy setting controls whether hyperlinks in suspected phishing e-mail messages in Outlook are allowed. If you enable this policy setting, Outlook will allow hyperlinks in suspected phishing ...Rule Medium Severity -
SRG-APP-000395
Group -
RPC encryption between Outlook and Exchange server must be enforced.
This policy setting controls whether Outlook uses remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. If you enable this policy setting, Outlook uses RPC encrypti...Rule Medium Severity -
SRG-APP-000395
Group -
Outlook must be configured to force authentication when connecting to an Exchange server.
This policy setting controls which authentication method Outlook uses to authenticate with Microsoft Exchange Server. Note - Exchange Server supports the Kerberos authentication protocol and NTLM f...Rule Medium Severity -
SRG-APP-000516
Group -
Disabling download full text of articles as HTML must be configured.
This policy setting controls whether Outlook automatically makes an offline copy of the RSS items as HTML attachments. If you enable this policy setting, Outlook automatically makes an offline copy...Rule Medium Severity -
SRG-APP-000209
Group -
Automatic download of Internet Calendar appointment attachments must be disallowed.
This policy setting controls whether Outlook downloads files attached to Internet Calendar appointments. If you enable this policy setting, Outlook automatically downloads all Internet Calendar app...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.