III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516
Group -
The Help Improve Proofing Tools feature for Office must be configured.
This policy setting controls whether the Help Improve Proofing Tools feature sends usage data to Microsoft. The Help Improve Proofing Tools feature collects data about use of the Proofing Tools, su...Rule Medium Severity -
SRG-APP-000207
Group -
Trust Bar notifications for Security messages must be enforced.
This policy setting controls whether Office 2016 applications notify users when potentially unsafe features or content are detected, or whether such features or content are silently disabled withou...Rule Medium Severity -
SRG-APP-000429
Group -
Rights managed Office Open XML files must be protected.
This policy setting determines whether metadata is encrypted in Office Open XML files that are protected by Information Rights Management (IRM). If you enable this policy setting, Excel, PowerPoint...Rule Medium Severity -
SRG-APP-000231
Group -
Document metadata for password protected files must be protected.
This policy setting determines whether metadata is encrypted when an Office Open XML file is password protected. If you enable this policy setting, Excel 2016, PowerPoint 2016, and Word 2016 encryp...Rule Medium Severity -
SRG-APP-000231
Group -
The encryption type for password protected Open XML files must be set.
This policy setting allows you to specify an encryption type for Office Open XML files. If you enable this policy setting, you can specify the type of encryption that Office applications use to enc...Rule Medium Severity -
SRG-APP-000231
Group -
The encryption type for password protected Office 97 thru Office 2003 must be set.
This policy setting enables you to specify an encryption type for password-protected Office 97-2003 files. If you enable this policy setting, you can specify the type of encryption that Office appl...Rule Medium Severity -
SRG-APP-000488
Group -
ActiveX control initialization must be disabled.
This policy setting specifies the Microsoft ActiveX« initialization security level for all Microsoft Office applications. ActiveX controls can adversely affect a computer directly. In addition, mal...Rule Medium Severity -
SRG-APP-000207
Group -
Load controls in forms3 must be disabled from loading.
This policy setting allows you to control how ActiveX controls in UserForms should be initialized based upon whether they are Safe For Initialization (SFI) or Unsafefor Initialization (UFI). Acti...Rule Medium Severity -
SRG-APP-000210
Group -
Automation Security to enforce macro level security in Office documents must be configured.
This policy setting controls whether macros can run in an Office 2016 application that is opened programmatically by another application. If you enable this policy setting, you can choose from thre...Rule Medium Severity -
SRG-APP-000516
Group -
A mix of policy and user locations for Office Products must be disallowed.
This policy setting controls whether trusted locations can be defined by users, the Office Customization Tool (OCT), and Group Policy, or if they must be defined by Group Policy alone. If you enabl...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.