Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • DTOO236 - Add-In Trust Level

    <GroupDescription></GroupDescription>
    Group
  • The Add-In Trust Level must be configured.

    &lt;VulnDiscussion&gt;Under normal circumstances the installed COM add-ins are applications that have been approved and intentionally deployed by t...
    Rule Medium Severity
  • DTOO250 - Object Model Prompt for Address Book

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt behavior for programmatic address books must be configured.

    &lt;VulnDiscussion&gt;If an untrusted application accesses the address book, the application could gain access to sensitive data and potentially ch...
    Rule Medium Severity
  • DTOO241 - Demote Attachments to Level 2

    <GroupDescription></GroupDescription>
    Group
  • Action to demote an EMail Level 1 attachment to Level 2 must be configured.

    &lt;VulnDiscussion&gt;Outlook uses two levels of security to restrict access to files attached to email messages or other items. Files with specifi...
    Rule Medium Severity
  • DTOO254 - Object Model Prompt for Formula Property

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt behavior for accessing User Property Formula must be configured.

    &lt;VulnDiscussion&gt;A custom form in Outlook could be used to gain access to sensitive address book data and potentially to change that data. By ...
    Rule Medium Severity
  • DTOO253 - Object Model Prompt for Save As

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt behavior for the SaveAs method must be configured.

    &lt;VulnDiscussion&gt;If an untrusted application uses the Save As command to programmatically save an item, the application could add malicious da...
    Rule Medium Severity
  • DTOO251 - Object Model Prompt for Reading Address

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt behavior for programmatic access of user address data must be configured.

    &lt;VulnDiscussion&gt;If an untrusted application accesses the recipient fields, the application could gain access to sensitive data and potentiall...
    Rule Medium Severity
  • DTOO252-Object Model Prompt for Meeting Response

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt behavior for Meeting and Task Responses must be configured.

    &lt;VulnDiscussion&gt;If an untrusted application programmatically responds to tasks or meeting requests, that application could impersonate a user...
    Rule Medium Severity
  • DTOO249 - Object Model Prmpt for auto email send

    <GroupDescription></GroupDescription>
    Group
  • Object Model Prompt for programmatic email send behavior must be configured.

    &lt;VulnDiscussion&gt;If an untrusted application programmatically sends email, that application could send mail that includes malicious code, impe...
    Rule Medium Severity
  • DTOO256 - Trusted Add-Ins Security

    <GroupDescription></GroupDescription>
    Group
  • Trusted add-ins behavior for email must be configured.

    &lt;VulnDiscussion&gt;The Outlook object model includes entry points to access Outlook data, save data to specified locations, and send email messa...
    Rule Medium Severity
  • DTOO237-Disable "remember password" on eMail Accts

    <GroupDescription></GroupDescription>
    Group
  • The remember password for internet e-mail accounts must be disabled.

    &lt;VulnDiscussion&gt;As a security precaution, password caching for email Internet protocols such as POP3 or IMAP may lead to password discovery a...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules