I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
The display of Level 1 attachments must be disabled in Outlook.
<VulnDiscussion>This policy setting controls whether Outlook blocks potentially dangerous attachments designated Level 1. Outlook uses two le...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Level 1 file attachments must be blocked from being delivered.
<VulnDiscussion>This policy setting controls whether Outlook users can demote attachments to Level 2 by using a registry key, which will allo...Rule Medium Severity -
SRG-APP-000207
<GroupDescription></GroupDescription>Group -
Level 2 file attachments must be blocked from being delivered.
<VulnDiscussion>This policy setting controls which types of attachments (determined by file extension) must be saved to disk before users can...Rule Medium Severity -
SRG-APP-000210
<GroupDescription></GroupDescription>Group -
Outlook must be configured to not run scripts in forms in which the script and the layout are contained within the message.
<VulnDiscussion>This policy setting controls whether scripts can run in Outlook forms in which the script and layout are contained within the...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When a custom action is executed that uses the Outlook object model, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls whether Outlook prompts users before executing a custom action. Custom actions add functionality...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When an untrusted program attempts to programmatically access an Address Book using the Outlook object model, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to gain access to an Address Book using the Outl...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When a user designs a custom form in Outlook and attempts to bind an Address Information field to a combination or formula custom field, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls what happens when a user designs a custom form in Outlook and attempts to bind an Address Inform...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When an untrusted program attempts to use the Save As command to programmatically save an item, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to use the Save As command to programmatically s...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When an untrusted program attempts to gain access to a recipient field, such as the, To: field, using the Outlook object model, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to gain access to a recipient field, such as the...Rule Medium Severity -
SRG-APP-000488
<GroupDescription></GroupDescription>Group -
When an untrusted program attempts to programmatically send e-mail in Outlook using the Response method of a task or meeting request, Outlook must automatically deny it.
<VulnDiscussion>This policy setting controls what happens when an untrusted program attempts to programmatically send e-mail in Outlook using...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.