III - Administrative Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000488
Group -
Object Model Prompt behavior for accessing User Property Formula must be configured.
This policy setting controls what happens when a user designs a custom form in Outlook and attempts to bind an Address Information field to a combination or formula custom field. If you enable this...Rule Medium Severity -
SRG-APP-000516
Group -
Trusted add-ins behavior for email must be configured.
This policy setting can be used to specify a list of trusted add-ins that can be run without being restricted by the security measures in Outlook. If you enable this policy setting, a list of trust...Rule Medium Severity -
SRG-APP-000179
Group -
S/Mime interoperability with external clients for message handling must be configured.
This policy setting controls whether Outlook decodes encrypted messages itself or passes them to an external program for processing. If you enable this policy setting, you can choose from three opt...Rule Medium Severity -
SRG-APP-000179
Group -
Message formats must be set to use SMime.
This policy setting controls which message encryption formats Outlook can use. Outlook supports three formats for encrypting and signing messages: S/MIME, Exchange, and Fortezza. If you enable this...Rule Medium Severity -
SRG-APP-000179
Group -
Run in FIPS compliant mode must be enforced.
This policy setting controls whether Outlook is required to use FIPS-compliant algorithms when signing and encrypting messages. Outlook can run in a mode that complies with Federal Information Pro...Rule Medium Severity -
SRG-APP-000516
Group -
Send all signed messages as clear signed messages must be configured.
This policy setting controls whether Outlook sends signed messages as clear text signed messages. If you enable this policy setting, the "Send clear text signed message when sending signed messages...Rule Medium Severity -
SRG-APP-000516
Group -
Automatic sending s/Mime receipt requests must be disallowed.
This policy setting controls how Outlook handles S/MIME receipt requests. If you enable this policy setting, you can choose from four options for handling S/MIME receipt requests in Outlook:- Open ...Rule Medium Severity -
SRG-APP-000175
Group -
Retrieving of CRL data must be set for online action.
This policy setting controls how Outlook retrieves Certificate Revocation Lists to verify the validity of certificates.Certificate revocation lists (CRLs) are lists of digital certificates that hav...Rule Medium Severity -
SRG-APP-000516
Group -
External content and pictures in HTML email must be displayed.
This policy setting setting controls whether Outlook downloads untrusted pictures and external content located in HTML e-mail messages without users explicitly choosing to download them. If you ena...Rule Medium Severity -
SRG-APP-000516
Group -
Automatic download content for email in Safe Senders list must be disallowed.
This policy setting controls whether Outlook automatically downloads external content in e-mail from senders in the Safe Senders List or Safe Recipients List. If you enable this policy setting, Out...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.