Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000231

    <GroupDescription></GroupDescription>
    Group
  • The encryption type for password protected Office 97 thru Office 2003 must be set.

    &lt;VulnDiscussion&gt;This policy setting enables you to specify an encryption type for password-protected Office 97-2003 files. If you enable this...
    Rule Medium Severity
  • SRG-APP-000488

    <GroupDescription></GroupDescription>
    Group
  • ActiveX control initialization must be disabled.

    &lt;VulnDiscussion&gt;This policy setting specifies the Microsoft ActiveX« initialization security level for all Microsoft Office applications. Act...
    Rule Medium Severity
  • SRG-APP-000207

    <GroupDescription></GroupDescription>
    Group
  • Load controls in forms3 must be disabled from loading.

    &lt;VulnDiscussion&gt;This policy setting allows you to control how ActiveX controls in UserForms should be initialized based upon whether they are...
    Rule Medium Severity
  • SRG-APP-000210

    <GroupDescription></GroupDescription>
    Group
  • Automation Security to enforce macro level security in Office documents must be configured.

    &lt;VulnDiscussion&gt;This policy setting controls whether macros can run in an Office 2016 application that is opened programmatically by another ...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • A mix of policy and user locations for Office Products must be disallowed.

    &lt;VulnDiscussion&gt;This policy setting controls whether trusted locations can be defined by users, the Office Customization Tool (OCT), and Grou...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules