DoD Outlook 2016 STIG User v2r3 | |
Data collected on: 3/7/2024 3:06:31 PM |
Domain | security.local |
Owner | SECURITY\Domain Admins |
Created | 3/15/2022 4:43:16 PM |
Modified | 3/15/2022 6:28:52 PM |
User Revisions | 6 (AD), 6 (SYSVOL) |
Computer Revisions | 1 (AD), 1 (SYSVOL) |
Unique ID | {C4BEAF29-E2D7-4B90-AF5A-9755A1CAA222} |
GPO Status | Computer settings disabled |
Location | Enforced | Link Status | Path |
---|---|---|---|
None |
Name |
---|
NT AUTHORITY\Authenticated Users |
Name | Allowed Permissions | Inherited |
---|---|---|
NT AUTHORITY\Authenticated Users | Read (from Security Filtering) | No |
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS | Read | No |
NT AUTHORITY\SYSTEM | Edit settings, delete, modify security | No |
SECURITY\Domain Admins | Edit settings, delete, modify security | No |
SECURITY\Enterprise Admins | Edit settings, delete, modify security | No |
Policy | Setting | Comment | ||
---|---|---|---|---|
Authentication with Exchange Server | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Enable RPC encryption | Enabled |
Policy | Setting | Comment |
---|---|---|
Automatically download attachments | Disabled | |
Do not include Internet Calendar integration in Outlook | Enabled |
Policy | Setting | Comment |
---|---|---|
Automatically download enclosures | Disabled | |
Download full text of articles as HTML attachments | Disabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Disable user entries to server list | Enabled | |||
|
Policy | Setting | Comment |
---|---|---|
Internet and network paths into hyperlinks | Disabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Outlook Rich Text options | Enabled | |||
|
Policy | Setting | Comment | ||
---|---|---|---|---|
Set message format | Enabled | |||
|
Policy | Setting | Comment |
---|---|---|
Do not allow Outlook object model scripts to run for public folders | Enabled | |
Do not allow Outlook object model scripts to run for shared folders | Enabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Access to published calendars | Enabled | |||
Prevent publishing to a DAV server | Enabled | |||
Prevent publishing to Office.com | Enabled | |||
Restrict level of calendar details users can publish | Enabled | |||
|
Policy | Setting | Comment |
---|---|---|
Read e-mail as plain text | Enabled | |
Read signed e-mail as plain text | Enabled |
Policy | Setting | Comment | ||||
---|---|---|---|---|---|---|
Allow Active X One Off Forms | Enabled | |||||
| ||||||
Policy | Setting | Comment | ||||
Configure Add-In Trust Level | Enabled | |||||
| ||||||
Policy | Setting | Comment | ||||
Disable 'Remember password' for Internet e-mail accounts | Enabled | |||||
Prevent users from customizing attachment security settings | Enabled | |||||
Prompt user to choose security settings if default settings fail | Disabled |
Policy | Setting | Comment |
---|---|---|
Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists | Disabled | |
Block Trusted Zones | Enabled | |
Display pictures and external content in HTML e-mail | Enabled | |
Do not permit download of content from safe zones | Disabled | |
Include Internet in Safe Zones for Automatic Picture Download | Disabled | |
Include Intranet in Safe Zones for Automatic Picture Download | Disabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Do not check e-mail address against address of certificates being used | Enabled | |||
Message Formats | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Minimum encryption settings | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Replies or forwards to signed/encrypted messages are signed/encrypted | Enabled | |||
Run in FIPS compliant mode | Enabled | |||
S/MIME interoperability with external clients: | Enabled | |||
| ||||
Policy | Setting | Comment | ||
S/MIME receipt requests behavior | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Send all signed messages as clear signed messages | Enabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Retrieving CRLs (Certificate Revocation Lists) | Enabled | |||
|
Policy | Setting | Comment | ||
---|---|---|---|---|
Outlook Security Mode | Enabled | |||
|
Policy | Setting | Comment |
---|---|---|
Display Level 1 attachments | Disabled | |
Remove file extensions blocked as Level 1 | Disabled | |
Remove file extensions blocked as Level 2 | Disabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Allow scripts in one-off Outlook forms | Disabled | |||
Set Outlook object model custom actions execution prompt | Enabled | |||
|
Policy | Setting | Comment | ||
---|---|---|---|---|
Configure Outlook object model prompt when accessing an address book | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Configure Outlook object model prompt When accessing the Formula property of a UserProperty object | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Configure Outlook object model prompt when executing Save As | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Configure Outlook object model prompt when reading address information | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Configure Outlook object model prompt when responding to meeting and task requests | Enabled | |||
| ||||
Policy | Setting | Comment | ||
Configure Outlook object model prompt when sending mail | Enabled | |||
|
Policy | Setting | Comment |
---|---|---|
Configure trusted add-ins | Disabled |
Policy | Setting | Comment | ||
---|---|---|---|---|
Allow hyperlinks in suspected phishing e-mail messages | Disabled | |||
Security setting for macros | Enabled | |||
|