CCE Lists

Unnamed: 0	Last modified: 2013-02-11	Unnamed: 2	Unnamed: 3	Unnamed: 4	Unnamed: 5	Unnamed: 6	Unnamed: 7	Unnamed: 8	Unnamed: 9	Unnamed: 10
NaN	Version: 5.20130214	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN
CCE ID	CCE Description	CCE Parameters	CCE Technical Mechanisms	NaN	Old v4 CCE ID	Microsoft Office 2007 Threats and Countermeasures guide Beta release	Microsoft Office 2007 Recommendations (Security Settings for Office 2007 Applications.xlsx)	NIST SCAP Microsoft Office 2007 OVAL (SCAP-Office2007-OVAL-Beta-v1.xml)	NIST SCAP Microsoft Office 2007 XCCDF (SCAP-Office2007-XCCDF-Beta-v1.xml )	Microsoft Office 2007 DISA STIGs
CCE-116-4	The "Disable VBA for Office applications" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: GPO Settings:Computer Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 System / Security Settings (2) Registry keys: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\12.0\Common\VbaOff 2003: (3) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Disable VBA for Office applications (4) HKLM\Software\Policies\Microsoft\Office\11.0\Common - VbaOff (5) User Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Disable VBA for Office applications (6) HKCU\Software\Policies\Microsoft\Office\11.0\Common - VbaOff	NaN	CCE-116	Table 1.124. Disable VBA for Office applications, Table 2.5. Disable VBA for Office applications	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable VBA for Office applications, Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\Disable VBA for Office applications	oval:org.mitre.oval:def:771	DisableVBAForOfficeApplications	NaN
CCE-908-4	The "ActiveX Control Initialization:" setting should be configured correctly.	(1) 1 = Do not prompt \| 4 = Prompt user to use control defaults \| 6 = Prompt user to use persisted data	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 system / Security /ActiveX Control InitializationSettings (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security\UFIControls 2003: (3) User Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\ActiveX Control Initialization (4) HKCU\Software\Policies\Microsoft\Office\Common\Security - UFIControls	NaN	CCE-908	Table 1.3. ActiveX Control Initialization	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\ActiveX Control Initialization (1 \| 2 \| 3 \| 4 \| 5 \| 6)	oval:org.mitre.oval:def:814	ActiveXControlInitialization	NaN
CCE-184-2	The "Enable Customer Experience Improvement Program" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 / Privacy / Trust Center , Registry Keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\QMEnable	NaN	CCE-184	Table 1.148. Enable Customer Experience Improvement Program	User Configuration\Administrative Templates\Microsoft Office 2007 system\Privacy\Trust Center\Enable Customer Experience Improvement Program	oval:org.mitre.oval:def:829	EnableCustomerExperienceImprovementProgram	STIG ID: DTOO184 - Office 2007 Rule ID: SV-18747r3_rule Vuln ID: V-17612: Disable the "Enable Customer Experience Improvement Program" for Office.
CCE-276-6	The "Enable Customer Experience Improvement Program" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 / Privacy / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\UpdateReliabilityData	NaN	CCE-276	Table 1.23. Automatically receive small updates to improve reliability	User Configuration\Administrative Templates\Microsoft Office 2007 system\Privacy\Trust Center\Automatically receive small updates to improve reliability	oval:org.mitre.oval:def:1473	AutomaticallyReceiveSmallUpdatesToImproveReliability	STIG ID: DTOO185 - Office Rule ID: SV-18922r1_rule Vuln ID: V-17740: Disable Automatic receiving of small updates to improve reliability - Office.
CCE-967-0	The "Online content options" setting should be configured correctly.	(1) 0 = Never show online content or entry points \| 1 = Search only offline content whenever available \| 2 = Search online content whenever available	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 system / Tools / Options / General / Service Options / Online Content (2) Registry keys: HKEY_CURRENT_USER\Softtware\Polices\Microsoft\Office\12.0\Common\Internet\UseOnlineContent	NaN	CCE-967	Table 1.179. Online content options	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Service Options...\Online Content\Online content options (Never show online content or entry points \| Search only offline content whenever available \| Search online content whenever available)	oval:org.mitre.oval:def:1302	OnlineContentOptions	NaN
CCE-427-5	The "VBA Macro Warning Settings" setting should be configured correctly for Access 2007.	(1) 1 = No Security checks for macros \| 2 = Trust Bar warning for all macros \| 3 = Trust Bar warning for digitally signed macros only \| 4 = No Warnings for all macros but disable all macros	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Access 2007 / Application Settings / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Access\Security\VBAWarnings	NaN	CCE-427	Table 1.234. VBA Macro Warning Settings	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\VBA Macro Warning Settings (Trust Bar warning for all macros \| Trust Bar warning for digitally signed macros only (unsigned macros will be disabled) \| No Warnings for all macros but disable all macros \| No Security checks for macros (Not recommended, code in all documents can run))	oval:org.mitre.oval:def:1403	VBAMacroWarningSettings-Access	STIG ID: DTOO304 - Access Rule ID: SV-18637r2_rule Vuln ID: V-17545: Enable Warning Bar settings for VBA macros contained in Access Files.
CCE-649-4	The "VBA Macro Warning Settings" setting should be configured correctly for Excel 2007.	(1) 1 = No Security checks for macros \| 2 = Trust Bar warning for all macros \| 3 = Trust Bar warning for digitally signed macros only \| 4 = No Warnings for all macros but disable all macros	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Excel 2007 / Excel Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Excel\Security\VBAWarnings	NaN	CCE-649	Table 1.234. VBA Macro Warning Settings	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\VBA Macro Warning Settings (Trust Bar warning for all macros \| Trust Bar warning for digitally signed macros only (unsigned macros will be disabled) \| No Warnings for all macros but disable all macros \| No Security checks for macros (Not recommended, code in all documents can run))	oval:org.mitre.oval:def:649	VBAMacroWarningSettings-Excel	STIG ID: DTOO304 - Excel Rule ID: SV-18638r2_rule Vuln ID: V-17545: Enable Warning Bar settings for VBA macros contained in Excel Files.
CCE-862-3	The "Trust access to Visual Basic Project" setting should be configured correctly for Excel 2007 and 2003.	(1) enabled/disabled	(1) 2007GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Excel 2007 / Excel Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Excel\Security\AccessVBOM 2003: (3) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Excel: Trust access to Visual Basic Project (4) HKLM\Software\Policies\Microsoft\Office\11.0\Excel\Security - AccessVBOM (5) User Configuration\Administrative Templates\Microsoft Office Excel 2003\Tools\Macros\Security\Trust access to Visual Basic Project (6) HKCU\Software\Policies\Microsoft\Office\11.0\Excel\Security - AccessVBOM	NaN	CCE-862	Table 1.225. Trust access to Visual Basic Project	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Trust access to Visual Basic Project	oval:org.mitre.oval:def:1560	TrustAccessToVisualBasicProject-Excel	NaN
CCE-567-8	The "VBA Macro Warning Settings" setting should be configured correctly for PowerPoint 2007.	(1) 1 = No Security checks for macros \| 2 = Trust Bar warning for all macros \| 3 = Trust Bar warning for digitally signed macros only \| 4 = No Warnings for all macros but disable all macros	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office PowerPoint 2007 / PowerPoint Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\VBAWarnings	NaN	CCE-567	Table 1.234. VBA Macro Warning Settings	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\VBA Macro Warning Settings (Trust Bar warning for all macros \| Trust Bar warning for digitally signed macros only (unsigned macros will be disabled) \| No Warnings for all macros but disable all macros \| No Security checks for macros (Not recommended, code in all documents can run))	oval:org.mitre.oval:def:654	VBAMacroWarningSettings-PowerPoint	NaN
CCE-68-7	The "Trust access to Visual Basic Project" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office PowerPoint 2007 / PowerPoint Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\AccessVBOM	NaN	CCE-68	Table 1.225. Trust access to Visual Basic Project	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Trust access to Visual Basic Project	oval:org.mitre.oval:def:665	TrustAccessToVisualBasicProject-PowerPoint	NaN
CCE-537-1	The "Disable Remember Passwords" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Disable Remember Passwords (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\EnableRememberPwd	NaN	CCE-537	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Disable Remember Passwords	oval:org.mitre.oval:def:1298	DisableRememberPassword	NaN
CCE-786-4	The "Configure Add-In Trust Level" setting should be configured correctly for Outlook 2007.	(1) 0 = Trust all or use Exchange settings if present \| 1 = Trust all loaded and installed COM addins \| 2 = Do NOT trust loaded and installed COM addins	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Configure Add-In Trust Level (2) HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\AddinTrust	NaN	CCE-786	Table 1.72. Configure trusted add-ins	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Trusted Add-insConfigure trusted add-ins	oval:org.mitre.oval:def:1390	ConfigureAddInTrustLevel	NaN
CCE-937-3	DEPRECATED in favor of CCE-537-1.	NaN	NaN	NaN	CCE-937	NaN	NaN	NaN	NaN	NaN
CCE-13-3	The "Minimum encryption settings" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\MinEncKey	NaN	CCE-13	Table 1.173. Minimum encryption settings	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Minimum encryption settings	oval:org.mitre.oval:def:661	MinimumEncryptionSettings	NaN
CCE-316-0	The "Do not check e-mail address against address of certificates being using" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\SupressNameChecks	NaN	CCE-316	Table 1.134. Do not check e-mail address against address of certificates being using	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Do not check e-mail address against address of certificates being used	oval:org.mitre.oval:def:1399	DoNotCheckEmailAddressAgainstAddressOfCertificatesBeingUsed	NaN
CCE-14-1	The "Send all signed messages as clear signed messages" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\ClearSign 2003: (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Send all signed messages as clear signed messages (4) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - ClearSign	NaN	CCE-14	Table 1.214. Send all signed messages as clear signed messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Send all signed messages as clear signed messages	oval:org.mitre.oval:def:1388	SendAllSignedMessagesAsClearSignedMessages	NaN
CCE-153-7	The "Request an S/MIME receipt for all S/MIME signed messages" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\RequestSecureReceipt	NaN	CCE-153	Table 1.198. Request an S/MIME receipt for all S/MIME signed messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Request an S/MIME receipt for all S/MIME signed messages	oval:org.mitre.oval:def:705	RequestAnSMIMEReceiptForAllSMIMESignedMessages	NaN
CCE-345-9	The "Do not display 'Publish to GAL' button" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\PublishToGalDisabled 2003: (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Disable 'Publish to GAL' button (4) HKCU\Software\Policies\Microsoft\office\11.0\outlook\Security - PublishToGalDisabled	NaN	CCE-345	Table 1.135. Do not display 'Publish to GAL' button	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Do not display 'Publish to GAL' button	oval:org.mitre.oval:def:741	DoNotDisplayPublishToGALButton	NaN
CCE-700-5	The "Signature Warning" setting should be configured correctly.	(1) 0 = Let user decide if they want to be warned \| 1 = Always warn about invalid signatures \| 2 = Never warn about invalid signatures	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\WarnAboutInvalid 2003: (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Signature Warning (4) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - WarnAboutInvalid	NaN	CCE-700	Table 1.220. Signature Warning	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Warning (Let user decide if they want to be warned \| Always warn about invalid signatures \| Never warn about invalid signatures)	oval:org.mitre.oval:def:756	SignatureWarning	NaN
CCE-695-7	The "Enable Cryptography Icons" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\ConvertSMIMEBlobSignedIcons 2003: (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Enable cryptography icons (4) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - ConvertSMIMEBlobSignedIcons	NaN	CCE-695	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Enable Cryptography Icons	oval:org.mitre.oval:def:1716	EnableCryptographyIcons	NaN
CCE-395-4	The "Retrieving CRLs (Certificate Revocation Lists)" setting should be configured correctly.	(1) 0 = Use system Default \| 1 = When online always retreive the CRL \| 2 = Never retreive the CRL	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Outlook 2007 / Security / Cryptography / Signature Status Dialog Box (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security\UseCRLChasing	NaN	CCE-395	Table 1.204. Retrieving CRLs (Certificate Revocation Lists)	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Retrieving CRLs (Certificate Revocation Lists) (Use system Default \| When online always retreive the CRL \| Never retreive the CRL)	oval:org.mitre.oval:def:1700	RetrievingCRLs	NaN
CCE-659-3	The "VBA Macro Warning Settings" setting should be configured correctly for Word 2007.	(1) 1 = No Security checks for macros \| 2 = Trust Bar warning for all macros \| 3 = Trust Bar warning for digitally signed macros only \| 4 = No Warnings for all macros but disable all macros	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Word 2007 / Word Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Word\Security\VBAWarnings	NaN	CCE-659	Table 1.234. VBA Macro Warning Settings	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\VBA Macro Warning Settings (Trust Bar warning for all macros \| Trust Bar warning for digitally signed macros only (unsigned macros will be disabled) \| No Warnings for all macros but disable all macros \| No )	oval:org.mitre.oval:def:1350	VBMacroWarningSettings-Word	NaN
CCE-703-9	The "Trust access to Visual Basic Project" setting should be configured correctly for Word 2007 and 2003.	(1) enabled/disabled	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Word 2007 / Word Options / Security / Trust Center (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\12.0\Word\Security\AccessVBOM 2003: (3) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Word: Trust access to Visual Basic Project (4) HKLM\Software\Policies\Microsoft\Office\11.0\Word\Security - AccessVBOM (5) User Configuration\Administrative Templates\Microsoft Office Word 2003\Tools\Macro\Security\Trust access to Visual Basic Project (6) HKCU\Software\Policies\Microsoft\Office\11.0\Word\Security - AccessVBOM	NaN	CCE-703	Table 1.225. Trust access to Visual Basic Project	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Trust access to Visual Basic Project	oval:org.mitre.oval:def:1713	TrustAccessToVisualBasicProject-Word	NaN
CCE-173-5	The "Warn before printing, saving or sending a file that contains tracked changes or comments" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office Word 2007 / Word Options / Security (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Word\Options\vpref\fWarnRevisions_1805_1 2003: (2) User Configuration\Administrative Templates\Microsoft Office Word 2003\Tools\Options\Security\Warn before printing or saving or sending a file that contains tracked changes or comments (3) HKCU\Software\Policies\Microsoft\Office\11.0\Word\Options\vpre	NaN	CCE-173	NaN	NaN	oval:org.mitre.oval:def:788	WarnBeforePrintingSavingOrSendingAFileThatContainsTrackedChangesOrComments	NaN
CCE-784-9	The "Block updates from the Office Update Site from applying" setting should be configured correctly.	(1) enabled/disabled	(1) GPO Settings:User Configuration / Administrative Templates / Classic Administrative Templates / Microsoft Office 2007 / Miscellaneous (2) Registry keys: HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\OfficeUpdate\BlockUpdates	NaN	CCE-784	Table 1.64. Block updates from the Office Update Site from applying	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Block updates from the Office Update Site from applying	oval:org.mitre.oval:def:1755	BlockUpdatesFromTheOfficeUpdateSiteFromApplying	STIG ID: DTOO213 - Office 2007 Rule ID: SV-18669r3_rule Vuln ID: V-17565: Block Office from receiving updates from the Office Update Site.
CCE-1395-3	The "Underline hyperlinks" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Web Options\General\Underline hyperlinks (2) Software\Policies\Microsoft\Office\12.0\Access\Internet	NaN	CCE-1395	Table 1.230. Underline hyperlinks	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Web Options\General\Underline hyperlinks	NaN	NaN	NaN
CCE-1137-9	The "Number of documents in the Recent Documents list (0-9)" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\General\General\Number of documents in the Recent Documents list (0-9) (2) Software\Policies\Microsoft\Office\12.0\Access\Settings	NaN	CCE-1137	NaN	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\General\General\Number of documents in the Recent Documents list (0-9)	NaN	NaN	NaN
CCE-1423-3	The "Disable Trust Bar Notification for unsigned application add-ins" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins (2) Software\Policies\Microsoft\Office\12.0\Access\Security	NaN	CCE-1423	Table 1.120. Disable Trust Bar Notification for unsigned application add-ins	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins	NaN	NaN	STIG ID: DTOO131 - Access Rule ID: SV-18219r2_rule Vuln ID: V-17187: Disable Trust Bar Notification for unsigned application add-ins - Access
CCE-1238-5	The "Disable all application add-ins" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Disable all application add-ins (2) Software\Policies\Microsoft\Office\12.0\Access\Security	NaN	CCE-1238	Table 1.87. Disable all application add-ins	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Disable all application add-ins	NaN	NaN	NaN
CCE-1476-1	The "Require that application add-ins are signed by Trusted Publisher" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher (2) Software\Policies\Microsoft\Office\12.0\Access\Security	NaN	CCE-1476	Table 1.200. Require that application add-ins are signed by Trusted Publisher	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher	NaN	NaN	NaN
CCE-1520-6	The "Disable all trusted locations" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted LocationsDisable all trusted locations (2) Software\Policies\Microsoft\Office\12.0\Access\Security\Trusted Locations	NaN	CCE-1520	Table 1.89. Disable all trusted locations	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted Locations\Disable all trusted locations	NaN	NaN	NaN
CCE-780-7	The "Allow Trusted Locations not on the computer" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted Locations\Allow Trusted Locations not on the computer (2) Software\Policies\Microsoft\Office\12.0\Access\Security\Trusted Locations	NaN	CCE-780	Table 1.11. Allow Trusted Locations not on the computer	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted Locations\Allow Trusted Locations not on the computer	NaN	NaN	NaN
CCE-1214-6	The "Modal Trust Decision Only" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted Locations\Modal Trust Decision Only (2) Software\Policies\Microsoft\Office\12.0\Access\Security\Trusted Locations	NaN	CCE-1214	Table 1.176. Modal Trust Decision Only	User Configuration\Administrative Templates\Microsoft Office Access 2007\Application Settings\Security\Trust Center\Trusted Locations\Modal Trust Decision Only	NaN	NaN	NaN
CCE-1370-6	The "Disable commands" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1370	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands	NaN	NaN	NaN
CCE-1268-2	The "Disable commands - Office Button \| E-Mail" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| E-Mail (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1268	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| E-Mail	NaN	NaN	NaN
CCE-1400-1	The "Disable commands - Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlink" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlink (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1400	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlink	NaN	NaN	NaN
CCE-1440-7	The "Disable commands - Database Tools \| Database Tools \| Encrypt with Password" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Database Tools \| Encrypt with Password (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1440	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Database Tools \| Encrypt with Password	NaN	NaN	NaN
CCE-581-9	The "Disable commands - Database Tools \| Administer \| Users and Permission \| User and Group Permissions" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permission \| User and Group Permissions (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-581	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permission \| User and Group Permissions	NaN	NaN	NaN
CCE-1480-3	The "Disable commands - Database Tools \| Administer \| Users and Permissions \| User and Group Accounts" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permissions \| User and Group Accounts (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1480	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permissions \| User and Group Accounts	NaN	NaN	NaN
CCE-1489-4	The "Disable commands - Database Tools \| Administer \| Users and Permission \| User-Level Security Wizard..." setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permission \| User-Level Security Wizard... (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1489	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Administer \| Users and Permission \| User-Level Security Wizard...	NaN	NaN	NaN
CCE-1392-0	The "Disable commands - Database Tools \| Database Tools \| Encode/Decode Database" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Database Tools \| Encode/Decode Database (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1392	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Database Tools \| Encode/Decode Database	NaN	NaN	NaN
CCE-1414-2	The "Disable commands - Database Tools \| Macro \| Visual Basic" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Macro \| Visual Basic (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1414	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Macro \| Visual Basic	NaN	NaN	NaN
CCE-1418-3	The "Disable commands - Database Tools \| Macro \| Run Macro" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Macro \| Run Macro (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1418	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Database Tools \| Macro \| Run Macro	NaN	NaN	NaN
CCE-1405-0	The "Database Tools \| Macro \| Convert Macros to Visual Basic" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Database Tools \| Macro \| Convert Macros to Visual Basic (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1405	NaN	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Database Tools \| Macro \| Convert Macros to Visual Basic	NaN	NaN	NaN
CCE-1550-3	The "Database Tools \| Macro \| Create Shortcut Menu from Macro" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Database Tools \| Macro \| Create Shortcut Menu from Macro (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1550	NaN	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Database Tools \| Macro \| Create Shortcut Menu from Macro	NaN	NaN	NaN
CCE-1075-1	The "Disable shortcut keys" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable shortcut keys (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledShortcutKeysCheckBoxes	NaN	CCE-1075	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable shortcut keys	NaN	NaN	NaN
CCE-709-6	The "Disable commands - Ctrl+K (Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlinks)" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Ctrl+K (Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlinks) (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledShortcutKeysCheckBoxes	NaN	CCE-709	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Ctrl+K (Office Button \| Access Options \| Customize \| All Commands \| Insert Hyperlinks)	NaN	NaN	NaN
CCE-1502-4	The "Disable commands - Alt+F11 (Database Tools \| Macro \| Visual Basic)" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Alt+F11 (Database Tools \| Macro \| Visual Basic) (2) Software\Policies\Microsoft\Office\12.0\Access\DisabledShortcutKeysCheckBoxes	NaN	CCE-1502	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Access 2007\Disable items in user interface\Predefined\Disable commands - Alt+F11 (Database Tools \| Macro \| Visual Basic)	NaN	NaN	NaN
CCE-1260-9	The "Default file format (Access 2007 \| Access 2002-2003)" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Miscellaneous\Default file format (Access 2007 \| Access 2002-2003) (2) Software\Policies\Microsoft\Office\12.0\Access\Settings	NaN	CCE-1260	Table 1.80. Default file format	User Configuration\Administrative Templates\Microsoft Office Access 2007\Miscellaneous\Default file format (Access 2007 \| Access 2002-2003)	NaN	NaN	STIG ID: DTOO136 - Access Rule ID: SV-18706r2_rule Vuln ID: V-17584: Set the default saved file format for Access.
CCE-1510-7	The "Do not prompt to convert older databases" setting should be configured correctly for Access 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Access 2007\Miscellaneous\Do not prompt to convert older databases (2) Software\Policies\Microsoft\Office\12.0\Access\Settings	NaN	CCE-1510	Table 1.141. Do not prompt to convert older databases	User Configuration\Administrative Templates\Microsoft Office Access 2007\Miscellaneous\Do not prompt to convert older databases	NaN	NaN	NaN
CCE-1532-1	The "Internet and network paths as hyperlinks" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Proofing\Autocorrect Options\Internet and network paths as hyperlinks (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1532	Table 1.164. Internet and network paths as hyperlinks	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Proofing\Autocorrect Options\Internet and network paths as hyperlinks	NaN	NaN	NaN
CCE-1039-7	The "Save Excel files as (Excel Workbook (.xlsx) \| Excel Macro-Enabled Workbook (.xlsm) \| Excel Binary Workbook (.xlsb) \| Web Page (.htm; .html) \| Excel 97-2003 Workbook (.xls) \| Excel 5.0/95 Workbook (*.xls))" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\Save Excel files as (Excel Workbook (.xlsx) \| Excel Macro-Enabled Workbook (.xlsm) \| Excel Binary Workbook (.xlsb) \| Web Page (.htm; .html) \| Excel 97-2003 Workbook (.xls) \| Excel 5.0/95 Workbook (*.xls)) (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1039	Table 1.211. Save Excel files as	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\Save Excel files as (Excel Workbook (.xlsx) \| Excel Macro-Enabled Workbook (.xlsm) \| Excel Binary Workbook (.xlsb) \| Web Page (.htm; .html) \| Excel 97-2003 Workbook (.xls) \| Excel 5.0/95 Workbook (*.xls))	NaN	NaN	NaN
CCE-1295-5	The "Disable AutoRepublish" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\Disable AutoRepublish (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1295	Table 1.91. Disable AutoRepublish	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\Disable AutoRepublish	NaN	NaN	NaN
CCE-1334-2	The "AutoRepublish Warning Alert (Always show the alert before publishing \| Never show the alert before publishing)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\AutoRepublish Warning Alert (Always show the alert before publishing \| Never show the alert before publishing) (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1334	Table 1.25. AutoRepublish Warning Alert	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Save\AutoRepublish Warning Alert (Always show the alert before publishing \| Never show the alert before publishing)	NaN	NaN	NaN
CCE-1308-6	The "Determine whether to force encrypted macros to be scanned in Microsoft Excel Open XML workbooks" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Determine whether to force encrypted macros to be scanned in Microsoft Excel Open XML workbooks (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-1308	Table 1.81. Determine whether to force encrypted macros to be scanned in Microsoft Excel Open XML workbooks	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Determine whether to force encrypted macros to be scanned in Microsoft Excel Open XML workbooks	NaN	NaN	NaN
CCE-616-3	The "Force file extension to match file type (Allow different \| Allow different, but warn \| Always match file type)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Force file extension to match file type (Allow different \| Allow different, but warn \| Always match file type) (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-616	Table 1.155. Force file extension to match file type	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Force file extension to match file type (Allow different \| Allow different, but warn \| Always match file type)	NaN	NaN	NaN
CCE-1246-8	The "Store macro in Personal Macro Workbook by default" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Store macro in Personal Macro Workbook by default (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-1246	Table 1.221. Store macro in Personal Macro Workbook by default	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Store macro in Personal Macro Workbook by default	NaN	NaN	NaN
CCE-1251-8	The "Disable all application add-ins" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Disable all application add-ins (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-1251	Table 1.87. Disable all application add-ins	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Disable all application add-ins	NaN	NaN	NaN
CCE-1524-8	The "Require that application add-ins are signed by Trusted Publisher" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-1524	Table 1.200. Require that application add-ins are signed by Trusted Publisher	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher	NaN	NaN	NaN
CCE-1422-5	The "Disable Trust Bar Notification for unsigned application add-ins" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins (2) Software\Policies\Microsoft\Office\12.0\Excel\Security	NaN	CCE-1422	Table 1.120. Disable Trust Bar Notification for unsigned application add-ins	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins	NaN	NaN	NaN
CCE-1444-9	The "Allow Trusted Locations not on the computer" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\Trusted Locations	NaN	CCE-1444	Table 1.11. Allow Trusted Locations not on the computer	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer	NaN	NaN	NaN
CCE-1449-8	The "Disable all trusted locations" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Trusted LocationsDisable all trusted locations (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\Trusted Locations	NaN	CCE-1449	Table 1.89. Disable all trusted locations	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Security\Trust Center\Trusted LocationsDisable all trusted locations	NaN	NaN	NaN
CCE-1471-2	The "Ignore other applications " setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Ignore other applications (2) Software\Policies\Microsoft\Office\12.0\Excel\Options\BinaryOptions	NaN	CCE-1471	Table 1.159. Ignore other applications	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Ignore other applications	NaN	NaN	NaN
CCE-1119-7	The "Ask to update automatic links" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Ask to update automatic links (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1119	Table 1.17. Ask to update automatic links	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Ask to update automatic links	NaN	NaN	NaN
CCE-1378-9	The "Number of documents in the Recent Documents list (0-17)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Number of documents in the Recent Documents list (0-17) (2) Software\Policies\Microsoft\Office\12.0\Excel\File MRU	NaN	CCE-1378	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Number of documents in the Recent Documents list (0-17)	NaN	NaN	NaN
CCE-1277-3	The "Save any additional data necessary to maintain formulas" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Web Options…\GeneralSave any additional data necessary to maintain formulas (2) Software\Policies\Microsoft\Office\12.0\Excel\Internet	NaN	CCE-1277	Table 1.210. Save any additional data necessary to maintain formulas	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Web Options…\GeneralSave any additional data necessary to maintain formulas	NaN	NaN	NaN
CCE-1464-7	The "Load pictures from Web pages not created in Excel" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Web Options…\GeneralLoad pictures from Web pages not created in Excel (2) Software\Policies\Microsoft\Office\12.0\Excel\Internet	NaN	CCE-1464	Table 1.169. Load pictures from Web pages not created in Excel	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Excel Options\Advanced\Web Options…\GeneralLoad pictures from Web pages not created in Excel	NaN	NaN	NaN
CCE-1094-2	The "Do not show data extraction options when opening corrupt workbooks" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Do not show data extraction options when opening corrupt workbooks (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1094	Table 1.143. Do not show data extraction options when opening corrupt workbooks	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Do not show data extraction options when opening corrupt workbooks	NaN	NaN	NaN
CCE-1129-6	The "Assume structured storage format of workbook is intact when recovering data" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Assume structured storage format of workbook is intact when recovering data (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1129	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Assume structured storage format of workbook is intact when recovering data	NaN	NaN	NaN
CCE-1389-6	The "Corrupt formula conversion (Convert unrecoverable references to: values \| #REF or #NAME)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Corrupt formula conversion (Convert unrecoverable references to: values \| #REF or #NAME) (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1389	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Recovery\Corrupt formula conversion (Convert unrecoverable references to: values \| #REF or #NAME)	NaN	NaN	NaN
CCE-1433-2	The "Connection File Locations" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Access Security\Connection File Locations (2) Software\Policies\Microsoft\Office\Common\Server Links\Published	NaN	CCE-1433	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Access Security\Connection File Locations	NaN	NaN	NaN
CCE-1323-5	The "Automatic Query Refresh (Prompt for all workbooks \| Do not prompt; do not allow auto refresh \| Do not prompt; allow auto refresh)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Access Security\Automatic Query Refresh (Prompt for all workbooks \| Do not prompt; do not allow auto refresh \| Do not prompt; allow auto refresh) (2) Software\Policies\Microsoft\Office\Common\Server Links\Published	NaN	CCE-1323	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Data Access Security\Automatic Query Refresh (Prompt for all workbooks \| Do not prompt; do not allow auto refresh \| Do not prompt; allow auto refresh)	NaN	NaN	NaN
CCE-1469-6	The "Disable commands" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1469	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands	NaN	NaN	NaN
CCE-1473-8	The "Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Save as Web Page" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Save as Web Page (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1473	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Save as Web Page	NaN	NaN	NaN
CCE-1499-3	The "Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Web Page Preview" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Web Page Preview (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1499	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Web Page Preview	NaN	NaN	NaN
CCE-1024-9	The "Disable commands - Office Button \| Send \| Email" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1024	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email	NaN	NaN	NaN
CCE-1530-5	The "Disable commands - Insert \| Links \| Hyperlink" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1530	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink	NaN	NaN	NaN
CCE-1120-5	The "Disable commands - Review \| Changes \| Protect Sheet" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect Sheet (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1120	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect Sheet	NaN	NaN	NaN
CCE-1252-6	The "Disable commands - Review \| Changes \| Protect Workbook" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect Workbook (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1252	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect Workbook	NaN	NaN	NaN
CCE-1151-0	The "Disable commands - Review \| Changes \| Protect and Share Workbook" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect and Share Workbook (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1151	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Review \| Changes \| Protect and Share Workbook	NaN	NaN	NaN
CCE-1301-1	The "Disable commands - View \| Macros \| Macros" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1301	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros	NaN	NaN	NaN
CCE-1310-2	The "Disable commands - Developer \| Code \| Macros" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1310	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros	NaN	NaN	NaN
CCE-1213-8	The "Disable commands - Developer \| Code \| Record Macro" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Record Macro (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1213	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Record Macro	NaN	NaN	NaN
CCE-1362-3	The "Disable commands - Developer \| Code \| Macro Security" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1362	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security	NaN	NaN	NaN
CCE-1156-9	The "Disable commands - Developer \| Code \| Visual Basic" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1156	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic	NaN	NaN	NaN
CCE-1429-0	The "Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Document Location" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Document Location (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1429	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Excel Options \| Customize \| All Commands \| Document Location	NaN	NaN	NaN
CCE-1182-5	The "Disable shortcut keys" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledShortcutKeysCheckBoxes	NaN	CCE-1182	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys	NaN	NaN	NaN
CCE-1525-5	The "Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink) (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledShortcutKeysCheckBoxes	NaN	CCE-1525	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink)	NaN	NaN	NaN
CCE-1547-9	The "Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros) (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledShortcutKeysCheckBoxes	NaN	CCE-1547	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros)	NaN	NaN	NaN
CCE-1300-3	The "Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic) (2) Software\Policies\Microsoft\Office\12.0\Excel\DisabledShortcutKeysCheckBoxes	NaN	CCE-1300	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic)	NaN	NaN	NaN
CCE-1331-8	The "Block opening of pre-release versions of file formats new to Excel 2007" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to Excel 2007 (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1331	Table 1.34. Block opening of files created by pre-release versions of Excel 2007	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to Excel 2007	NaN	NaN	NaN
CCE-1468-8	The "Block opening of Open XML file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Open XML file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1468	Table 1.38. Block opening of Open XML file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Open XML file types	NaN	NaN	NaN
CCE-1490-2	The "Block opening of Binary 12 file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Binary 12 file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1490	Table 1.29. Block opening of Binary 12 file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Binary 12 file types	NaN	NaN	NaN
CCE-1512-3	The "Block opening of Binary file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Binary file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1512	Table 1.30. Block opening of Binary file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Binary file types	NaN	NaN	NaN
CCE-1543-8	The "Block opening of Html and Xmlss files types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Html and Xmlss files types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1543	Table 1.35. Block opening of Html and Xmlss files types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Html and Xmlss files types	NaN	NaN	NaN
CCE-1195-7	The "Block opening of Xml file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Xml file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1195	Table 1.49. Block opening of Xml file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Xml file types	NaN	NaN	NaN
CCE-554-6	The "Block opening of DIF and SYLK file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of DIF and SYLK file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-554	Table 1.32. Block opening of DIF and SYLK file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of DIF and SYLK file types	NaN	NaN	NaN
CCE-1415-9	The "Block opening of Text file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Text file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1415	Table 1.46. Block opening of Text file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Text file types	NaN	NaN	NaN
CCE-1437-3	The "Block opening of Xll file type" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Xll file type (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1437	Table 1.48. Block opening of Xll file type	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Open\Block opening of Xll file type	NaN	NaN	NaN
CCE-1446-4	The "Block saving of Open Xml file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Open Xml file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-1446	Table 1.57. Block saving of Open Xml file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Open Xml file types	NaN	NaN	NaN
CCE-1098-3	The "Block saving of Binary12 file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Binary12 file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-1098	Table 1.52. Block saving of Binary12 file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Binary12 file types	NaN	NaN	NaN
CCE-562-9	The "Block saving of Binary file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Binary file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-562	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Binary file types	NaN	NaN	NaN
CCE-1507-3	The "Block saving of Html and Xmlss file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Html and Xmlss file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-1507	Table 1.55. Block saving of Html and Xmlss file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Html and Xmlss file types	NaN	NaN	NaN
CCE-1406-8	The "Block saving Xml file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving Xml file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-1406	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving Xml file types	NaN	NaN	NaN
CCE-573-6	The "Block saving DIF and SYLK file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving DIF and SYLK file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-573	Table 1.50. Block saving DIF and SYLK file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving DIF and SYLK file types	NaN	NaN	NaN
CCE-1336-7	The "Block saving of Text file types" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Text file types (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileSaveBlock	NaN	CCE-1336	Table 1.60. Block saving of Text file types	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Block file formats\Save\Block saving of Text file types	NaN	NaN	NaN
CCE-1230-2	The "Locally cache network file storages" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Locally cache network file storages (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1230	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Locally cache network file storages	NaN	NaN	NaN
CCE-1375-5	The "Locally cache PivotTable reports" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Locally cache PivotTable reports (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1375	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Locally cache PivotTable reports	NaN	NaN	NaN
CCE-1380-5	The "OLAP PivotTable User Defined Function (UDF) security setting (Allow ALL UDFs \| Allow safe UDFs only \| Allow NO UDFs)" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\OLAP PivotTable User Defined Function (UDF) security setting (Allow ALL UDFs \| Allow safe UDFs only \| Allow NO UDFs) (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1380	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\OLAP PivotTable User Defined Function (UDF) security setting (Allow ALL UDFs \| Allow safe UDFs only \| Allow NO UDFs)	NaN	NaN	NaN
CCE-1376-3	The "Recognize SmartTags" setting should be configured correctly for Excel 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Recognize SmartTags (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1376	NaN	User Configuration\Administrative Templates\Microsoft Office Excel 2007\Miscellaneous\Recognize SmartTags	NaN	NaN	NaN
CCE-1398-7	The "Number of documents in the Recent Documents list (0 - 9)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Tools \| Options\General\Number of documents in the Recent Documents list (0 - 9) (2) Software\Policies\Microsoft\Office\12.0\InfoPath	NaN	CCE-1398	NaN	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Tools \| Options\General\Number of documents in the Recent Documents list (0 - 9)	NaN	NaN	NaN
CCE-569-4	The "Offline Mode status (Disabled \| Enabled, InfoPath in Offline Mode \| Enabled, InfoPath not in Offline Mode)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Tools \| Options\Advanced\Offline\Offline Mode status (Disabled \| Enabled, InfoPath in Offline Mode \| Enabled, InfoPath not in Offline Mode) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Editor\Offline	NaN	CCE-569	Table 1.178. Offline Mode status	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Tools \| Options\Advanced\Offline\Offline Mode status (Disabled \| Enabled, InfoPath in Offline Mode \| Enabled, InfoPath not in Offline Mode)	NaN	NaN	NaN
CCE-1065-2	The "Disable commands" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1065	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands	NaN	NaN	NaN
CCE-1361-5	The "Disable commands - File \| Print" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Print (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1361	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Print	NaN	NaN	NaN
CCE-1096-7	The "Disable commands - File \| Send to Mail Recipient" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Send to Mail Recipient (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1096	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Send to Mail Recipient	NaN	NaN	NaN
CCE-1391-2	The "Disable commands - File \| Open from SharePoint Site" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Open from SharePoint Site (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1391	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Open from SharePoint Site	NaN	NaN	NaN
CCE-1519-8	The "Disable commands - File \| Print Preview" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Print Preview (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1519	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Print Preview	NaN	NaN	NaN
CCE-1523-0	The "Disable commands - File \| Page Setup" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Page Setup (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1523	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - File \| Page Setup	NaN	NaN	NaN
CCE-1171-8	The "Disable commands - Insert \| Hyperlinks..." setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Hyperlinks... (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1171	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Hyperlinks...	NaN	NaN	NaN
CCE-1457-1	The "Disable commands - Tools \| Set Language" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Set Language (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1457	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Set Language	NaN	NaN	NaN
CCE-1426-6	The "Disable commands - Tools \| Customize..." setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Customize... (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1426	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Customize...	NaN	NaN	NaN
CCE-805-2	The "Disable commands - Tools \| Options..." setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Options... (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-805	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Tools \| Options...	NaN	NaN	NaN
CCE-1453-0	The "Disable commands - Help \| Microsoft Office Online" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Help \| Microsoft Office Online (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1453	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Help \| Microsoft Office Online	NaN	NaN	NaN
CCE-1351-6	The "Disable commands - Office Diagnostics" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Office Diagnostics (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1351	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Office Diagnostics	NaN	NaN	NaN
CCE-620-5	The "Disable commands - Help \| Activate Product..." setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Help \| Activate Product... (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-620	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Help \| Activate Product...	NaN	NaN	NaN
CCE-1017-3	The "Disable commands - Print Default" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Print Default (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1017	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable commands - Print Default	NaN	NaN	NaN
CCE-1021-5	The "Disable shortcut keys" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledShortcutKeysCheckBoxes	NaN	CCE-1021	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys	NaN	NaN	NaN
CCE-1299-7	The "Disable shortcut keys - Print Shortcut (Ctrl+P)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys - Print Shortcut (Ctrl+P) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledShortcutKeysCheckBoxes	NaN	CCE-1299	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys - Print Shortcut (Ctrl+P)	NaN	NaN	NaN
CCE-1197-3	The "Disable shortcut keys - Insert Hyperlink Shortcut (Ctrl+K)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys - Insert Hyperlink Shortcut (Ctrl+K) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\DisabledShortcutKeysCheckBoxes	NaN	CCE-1197	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Predefined\Disable shortcut keys - Insert Hyperlink Shortcut (Ctrl+K)	NaN	NaN	NaN
CCE-704-7	The "Control behavior for Windows SharePoint Services gradual upgrade (Allow redirections to any location \| Allow redirections to Intranet only \| Block all redirections)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior for Windows SharePoint Services gradual upgrade (Allow redirections to any location \| Allow redirections to Intranet only \| Block all redirections) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-704	Table 1.73. Control behavior for Windows SharePoint Services gradual upgrade	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior for Windows SharePoint Services gradual upgrade (Allow redirections to any location \| Allow redirections to Intranet only \| Block all redirections)	NaN	NaN	NaN
CCE-1105-6	The "Disable opening of solutions from the Internet security zone" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Disable opening of solutions from the Internet security zone (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1105	Table 1.109. Disable opening of solutions from the Internet security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Disable opening of solutions from the Internet security zone	NaN	NaN	NaN
CCE-1114-8	The "Disable fully trusted solutions full access to computer" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Disable fully trusted solutions full access to computer (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1114	Table 1.102. Disable fully trusted solutions full access to computer	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Disable fully trusted solutions full access to computer	NaN	NaN	NaN
CCE-761-7	The "Allow the use of ActiveX Custom Controls in InfoPath forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Allow the use of ActiveX Custom Controls in InfoPath forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath	NaN	CCE-761	NaN	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Allow the use of ActiveX Custom Controls in InfoPath forms	NaN	NaN	NaN
CCE-739-3	The "Run forms in restricted mode if they do not specify a publish location and use only features introduced before InfoPath 2003 SP1" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Run forms in restricted mode if they do not specify a publish location and use only features introduced before InfoPath 2003 SP1 (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-739	NaN	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Run forms in restricted mode if they do not specify a publish location and use only features introduced before InfoPath 2003 SP1	NaN	NaN	NaN
CCE-1259-1	The "Allow file types as attachments to forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Allow file types as attachments to forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1259	Table 1.7. Allow file types as attachments to forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Allow file types as attachments to forms	NaN	NaN	NaN
CCE-1267-4	The "Block specific file types as attachments to forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Block specific file types as attachments to forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1267	Table 1.62. Block specific file types as attachments to forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Block specific file types as attachments to forms	NaN	NaN	NaN
CCE-1060-3	The "Prevent users from allowing unsafe file types to be attached to forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Prevent users from allowing unsafe file types to be attached to forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1060	Table 1.186. Prevent users from allowing unsafe file types to be attached to forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Prevent users from allowing unsafe file types to be attached to forms	NaN	NaN	NaN
CCE-955-5	The "Display a warning that a form is digitally signed" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Display a warning that a form is digitally signed (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-955	NaN	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Display a warning that a form is digitally signed	NaN	NaN	NaN
CCE-1479-5	The "Control behavior when opening forms in the Internet security zone (Block \| Prompt \| Allow)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Internet security zone (Block \| Prompt \| Allow) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors	NaN	CCE-1479	Table 1.74. Control behavior when opening forms in the Internet security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Internet security zone (Block \| Prompt \| Allow)	NaN	NaN	NaN
CCE-1360-7	The "Control behavior when opening forms in the Intranet security zone (Block \| Prompt \| Allow)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Intranet security zone (Block \| Prompt \| Allow) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors	NaN	CCE-1360	Table 1.75. Control behavior when opening forms in the Intranet security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Intranet security zone (Block \| Prompt \| Allow)	NaN	NaN	NaN
CCE-1386-2	The "Control behavior when opening forms in the Local Machine security zone (Block \| Prompt \| Allow)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Local Machine security zone (Block \| Prompt \| Allow) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors	NaN	CCE-1386	NaN	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Local Machine security zone (Block \| Prompt \| Allow)	NaN	NaN	NaN
CCE-893-8	The "Control behavior when opening forms in the Trusted Site security zone (Block \| Prompt \| Allow)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Trusted Site security zone (Block \| Prompt \| Allow) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors	NaN	CCE-893	Table 1.76. Control behavior when opening forms in the Trusted Site security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Control behavior when opening forms in the Trusted Site security zone (Block \| Prompt \| Allow)	NaN	NaN	NaN
CCE-1290-6	The "Beaconing UI for forms opened in InfoPath (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Beaconing UI for forms opened in InfoPath (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1290	Table 1.26. Beaconing UI for forms opened in InfoPath	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Beaconing UI for forms opened in InfoPath (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone)	NaN	NaN	NaN
CCE-1381-3	The "Beaconing UI for forms opened in InfoPath Editor ActiveX (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Beaconing UI for forms opened in InfoPath Editor ActiveX (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1381	Table 1.27. Beaconing UI for forms opened in InfoPath Editor ActiveX	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Beaconing UI for forms opened in InfoPath Editor ActiveX (Never show beaconing UI \| Always show beaconing UI \| Show UI if Form Template is from Internet Zone)	NaN	NaN	NaN
CCE-1135-3	The "Disable all application add-ins" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Disable all application add-ins (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1135	Table 1.87. Disable all application add-ins	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Disable all application add-ins	NaN	NaN	NaN
CCE-1157-7	The "Require that application add-ins are signed by Trusted Publisher" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1157	Table 1.200. Require that application add-ins are signed by Trusted Publisher	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher	NaN	NaN	NaN
CCE-1434-0	The "Disable Trust Bar Notification for unsigned application add-ins" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1434	Table 1.120. Disable Trust Bar Notification for unsigned application add-ins	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins	NaN	NaN	NaN
CCE-1315-1	The "Control behavior when opening InfoPath e-mail forms containing code or script (Run without prompting \| Prompt before running \| Never run)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Control behavior when opening InfoPath e-mail forms containing code or script (Run without prompting \| Prompt before running \| Never run) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1315	Table 1.77. Control behavior when opening InfoPath e-mail forms containing code or script	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Control behavior when opening InfoPath e-mail forms containing code or script (Run without prompting \| Prompt before running \| Never run)	NaN	NaN	NaN
CCE-1210-4	The "Disable sending form template with e-mail forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable sending form template with e-mail forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Deployment	NaN	CCE-1210	Table 1.112. Disable sending form template with e-mail forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable sending form template with e-mail forms	NaN	NaN	NaN
CCE-1236-9	The "Disable dynamic caching of the form template in InfoPath e-mail forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable dynamic caching of the form template in InfoPath e-mail forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Deployment	NaN	CCE-1236	Table 1.97. Disable dynamic caching of the form template in InfoPath e-mail forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable dynamic caching of the form template in InfoPath e-mail forms	NaN	NaN	NaN
CCE-884-7	The "Disable sending InfoPath 2003 Forms as e-mail forms" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable sending InfoPath 2003 Forms as e-mail forms (2) Software\Policies\Microsoft\Office\12.0\InfoPath	NaN	CCE-884	Table 1.113. Disable sending InfoPath 2003 Forms as e-mail forms	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable sending InfoPath 2003 Forms as e-mail forms	NaN	NaN	NaN
CCE-1518-0	The "Disable e-mail forms running in restricted security level" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms running in restricted security level (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1518	Table 1.101. Disable e-mail forms running in restricted security level	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms running in restricted security level	NaN	NaN	NaN
CCE-1170-0	The "Disable e-mail forms from the Internet security zone" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Internet security zone (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1170	Table 1.99. Disable e-mail forms from the Internet security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Internet security zone	NaN	NaN	NaN
CCE-1316-9	The "Disable e-mail forms from the Intranet security zone" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Intranet security zone (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1316	Table 1.100. Disable e-mail forms from the Intranet security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Intranet security zone	NaN	NaN	NaN
CCE-1567-7	The "Disable e-mail forms from the Full Trust security zone" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Full Trust security zone (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1567	Table 1.98. Disable e-mail forms from the Full Trust security zone	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable e-mail forms from the Full Trust security zone	NaN	NaN	NaN
CCE-1265-8	The "Disable InfoPath e-mail forms in Outlook" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable InfoPath e-mail forms in Outlook (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1265	Table 1.106. Disable InfoPath e-mail forms in Outlook	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Disable items in user interface\Disable InfoPath e-mail forms in Outlook	NaN	NaN	NaN
CCE-1538-8	The "Information Rights Management" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Restricted Features\Information Rights Management (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Designer\RestrictedFeatures	NaN	CCE-1538	Table 1.163. Information Rights Management	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Restricted Features\Information Rights Management	NaN	NaN	NaN
CCE-1564-4	The "Custom code" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Restricted Features\Custom code (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Designer\RestrictedFeatures	NaN	CCE-1564	Table 1.79. Custom code	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Restricted Features\Custom code	NaN	NaN	NaN
CCE-1212-0	The "Email Forms Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone)" setting should be configured correctly for InfoPath 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Miscellaneous\Email Forms Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1212	Table 1.147. Email Forms Beaconing UI	User Configuration\Administrative Templates\Microsoft Office InfoPath 2007\Miscellaneous\Email Forms Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone)	NaN	NaN	NaN
CCE-1344-1	The "Disable user customization of Quick Access Toolbar via UI" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1344	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI	NaN	NaN	NaN
CCE-723-7	The "Disable user customization of Quick Access Toolbar via UI - Disallow in Word" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Word (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-723	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Word	NaN	NaN	NaN
CCE-1384-7	The "Disable user customization of Quick Access Toolbar via UI - Disallow in Excel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Excel (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1384	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Excel	NaN	NaN	NaN
CCE-1159-3	The "Disable user customization of Quick Access Toolbar via UI - Disallow in PowerPoint" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in PowerPoint (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1159	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in PowerPoint	NaN	NaN	NaN
CCE-1146-0	The "Disable user customization of Quick Access Toolbar via UI - Disallow in Access" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Access (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1146	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Access	NaN	NaN	NaN
CCE-1542-0	The "Disable user customization of Quick Access Toolbar via UI - Disallow in Outlook" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Outlook (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1542	Table 1.122. Disable user customization of Quick Access Toolbar via UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable user customization of Quick Access Toolbar via UI - Disallow in Outlook	NaN	NaN	NaN
CCE-582-7	The "Disable all user customization of Quick Access Toolbar" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-582	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar	NaN	NaN	NaN
CCE-1291-4	The "Disable all user customization of Quick Access Toolbar - Disallow in Word" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Word (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1291	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Word	NaN	NaN	NaN
CCE-1326-8	The "Disable all user customization of Quick Access Toolbar - Disallow in Excel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Excel (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1326	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Excel	NaN	NaN	NaN
CCE-1330-0	The "Disable all user customization of Quick Access Toolbar - Disallow in PowerPoint" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in PowerPoint (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1330	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in PowerPoint	NaN	NaN	NaN
CCE-1335-9	The "Disable all user customization of Quick Access Toolbar - Disallow in Access" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Access (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1335	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Access	NaN	NaN	NaN
CCE-1229-4	The "Disable all user customization of Quick Access Toolbar - Disallow in Outlook" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Outlook (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1229	Table 1.90. Disable all user customization of Quick Access Toolbar	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable all user customization of Quick Access Toolbar - Disallow in Outlook	NaN	NaN	NaN
CCE-630-4	The "Disable UI extending from documents and templates" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-630	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates	NaN	NaN	NaN
CCE-1154-4	The "Disable UI extending from documents and templates - Disallow in Word" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Word (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1154	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Word	NaN	NaN	NaN
CCE-1410-0	The "Disable UI extending from documents and templates - Disallow in Excel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Excel (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1410	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Excel	NaN	NaN	NaN
CCE-1432-4	The "Disable UI extending from documents and templates - Disallow in PowerPoint" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in PowerPoint (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1432	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in PowerPoint	NaN	NaN	NaN
CCE-1198-1	The "Disable UI extending from documents and templates - Disallow in Access" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Access (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-1198	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Access	NaN	NaN	NaN
CCE-929-0	The "Disable UI extending from documents and templates - Disallow in Outlook" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Outlook (2) Software\Policies\Microsoft\Office\12.0\Common\Toolbars	NaN	CCE-929	Table 1.121. Disable UI extending from documents and templates	User Configuration\Administrative Templates\Microsoft Office 2007 system\Global Options\Customize\Disable UI extending from documents and templates - Disallow in Outlook	NaN	NaN	NaN
CCE-1074-4	The "Recognize smart tags in Excel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| AutoCorrect Options... (Excel, Word, PowerPoint and Access)\Recognize smart tags in Excel (2) Software\Policies\Microsoft\Office\12.0\Excel\Options	NaN	CCE-1074	Table 1.194. Recognize smart tags in Excel	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| AutoCorrect Options... (Excel, Word, PowerPoint and Access)\Recognize smart tags in Excel	NaN	NaN	NaN
CCE-1458-9	The "Disable Clip Art and Media downloads from the client and from Office Online website" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable Clip Art and Media downloads from the client and from Office Online website (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1458	Table 1.93. Disable Clip Art and Media downloads from the client and from Office Online website	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable Clip Art and Media downloads from the client and from Office Online website	NaN	NaN	NaN
CCE-1233-6	The "Disable template downloads from the client and from Office Online website" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable template downloads from the client and from Office Online website (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1233	Table 1.117. Disable template downloads from the client and from Office Online website	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable template downloads from the client and from Office Online website	NaN	NaN	NaN
CCE-1379-7	The "Disable access to updates, add-ins, and patches on the Office Online website" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable access to updates, add-ins, and patches on the Office Online website (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1379	Table 1.85. Disable access to updates, add-ins, and patches on the Office Online website	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable access to updates, add-ins, and patches on the Office Online website	NaN	NaN	STIG ID: DTOO177 - Office Rule ID: SV-18714r3_rule Vuln ID: V-17588: Disable access to updates, add-ins, and patches on the Office Online Website - Office.
CCE-1401-9	The "Prevents users from uploading document templates to the Office Online community." setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Prevents users from uploading document templates to the Office Online community. (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1401	Table 1.188. Prevents users from uploading document templates to the Office Online community	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Prevents users from uploading document templates to the Office Online community.	NaN	NaN	STIG ID: DTOO178 - Office Rule ID: SV-18972r3_rule Vuln ID: V-17767: Prevent upload of document templates to Office Online.
CCE-1528-9	The "Disable training practice downloads from the Office Online website" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable training practice downloads from the Office Online website (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1528	Table 1.119. Disable training practice downloads from the Office Online website	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable training practice downloads from the Office Online website	NaN	NaN	NaN
CCE-1533-9	The "Disable customer-submitted templates downloads from Office Online" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable customer-submitted templates downloads from Office Online (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1533	Table 1.95. Disable customer-submitted templates downloads from Office Online	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Disable customer-submitted templates downloads from Office Online	NaN	NaN	NaN
CCE-646-0	The "Open Office documents as read/write while browsing" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Files\Open Office documents as read/write while browsing (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-646	Table 1.180. Open Office documents as read/write while browsing	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Files\Open Office documents as read/write while browsing	NaN	NaN	STIG ID: DTOO179 - Office Rule ID: SV-18956r3_rule Vuln ID: V-17759: Disable "Open documents as Read Write when browsing" feature. - Office
CCE-1438-1	The "Rely on VML for displaying graphics in browsers" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Browsers\Rely on VML for displaying graphics in browsers (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1438	Table 1.195. Rely on VML for displaying graphics in browsers	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Browsers\Rely on VML for displaying graphics in browsers	NaN	NaN	STIG ID: DTOO180 - Office Rule ID: SV-18983r3_rule Vuln ID: V-17773: Do Not rely on Vector markup Language (VML) for displaying graphics in browsers.
CCE-711-2	The "Allow PNG as an output format" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Browsers\Allow PNG as an output format (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-711	Table 1.9. Allow PNG as an output format	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| General \| Web Options...\Browsers\Allow PNG as an output format	NaN	NaN	STIG ID: DTOO181 - Office Rule ID: SV-18661r3_rule Vuln ID: V-17561: Do not allow choice of output to include PNG (Portable Network Graphics)
CCE-1292-2	The "Improve Proofing Tools" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| Spelling\Proofing Data Collection\Improve Proofing Tools (2) Software\Policies\Microsoft\Office\12.0\Common\PTWatson	NaN	CCE-1292	Table 1.160. Improve Proofing Tools	User Configuration\Administrative Templates\Microsoft Office 2007 system\Tools \| Options \| Spelling\Proofing Data Collection\Improve Proofing Tools	NaN	NaN	STIG ID: DTOO182 - Office Rule ID: SV-18770r3_rule Vuln ID: V-17627: Configure the Help Improve Proofing Tools feature for Office.
CCE-1615-4	The "Disable Opt-in Wizard on first run" setting should be configured correctly.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office 2007\Privacy \Trust Center\Disable Opt-in Wizard on first run (2) HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Common\QMEnable	NaN	CCE-1615	Table 1.110. Disable Opt-in Wizard on first run	User Configuration\Administrative Templates\Microsoft Office 2007 system\Privacy\Trust Center\Disable Opt-in Wizard on first run	NaN	NaN	STIG ID: DTOO183 - Office Rule ID: SV-18824r1_rule Vuln ID: V-17664: Disable the Opt-In Wizard that enables first time users to opt into Internet–based Microsoft services.
CCE-1191-6	The "Microsoft Office Online" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Help\Microsoft Office Online (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1191	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Help\Microsoft Office Online	NaN	NaN	NaN
CCE-1587-5	The "Disable Password Caching" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable Password Caching (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1587	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable Password Caching	NaN	NaN	NaN
CCE-1486-0	The "Disable all Trust Bar notifications for security issues" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable all Trust Bar notifications for security issues (2) Software\Policies\Microsoft\Office\12.0\Common\TrustCenter	NaN	CCE-1486	Table 1.88. Disable all Trust Bar notifications for security issues	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable all Trust Bar notifications for security issues	NaN	NaN	STIG ID: DTOO186 - Office Rule ID: SV-18717r3_rule Vuln ID: V-17590: Disable the ability for users to Disable Trust Bar notifications for Security messages - Office
CCE-1508-1	The "Protect document metadata for rights managed Office Open XML Files" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Protect document metadata for rights managed Office Open XML Files (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1508	Table 1.191. Protect document metadata for rights managed Office Open XML Files	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Protect document metadata for rights managed Office Open XML Files	NaN	NaN	STIG ID: DTOO187 - Office Rule ID: SV-18976r3_rule Vuln ID: V-17769: Protect document metadata for rights managed Office Open XML fiiles - Office
CCE-1640-2	The "Protect document metadata for password protected files." setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Protect document metadata for password protected files. (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1640	Table 1.190. Protect document metadata for password protected files	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Protect document metadata for password protected files.	NaN	NaN	STIG ID: DTOO188 - Office Rule ID: SV-18974r3_rule Vuln ID: V-17768: Protect document metadata for password protected files - Office
CCE-1539-6	The "Encryption type for password protected Office Open XML files" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Encryption type for password protected Office Open XML files (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1539	Table 1.153. Encryption type for password protected Office Open XML files	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Encryption type for password protected Office Open XML files	NaN	NaN	STIG ID: DTOO189 - Office 2007 Rule ID: SV-18758r5_rule Vuln ID: V-17619: Encryption type for password protected Open XML files - Office
CCE-1561-0	The "Encryption type for password protected Office 97-2003 files" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Encryption type for password protected Office 97-2003 files (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1561	Table 1.152. Encryption type for password protected Office 97-2003 files	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Encryption type for password protected Office 97-2003 files	NaN	NaN	STIG ID: DTOO190 - Office 2007 Rule ID: SV-18755r6_rule Vuln ID: V-17617: Set encryption type for password protected Office 97 thru Office 2003 files - Office
CCE-1068-6	The "Load Controls in Forms3 (1 \| 2 \| 3 \| 4)" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Load Controls in Forms3 (1 \| 2 \| 3 \| 4) (2) Software\Policies\Microsoft\VBA\Security	NaN	CCE-1068	Table 1.168. Load Controls in Forms3	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Load Controls in Forms3 (1 \| 2 \| 3 \| 4)	NaN	NaN	STIG ID: DTOO192 - Office Rule ID: SV-18939r3_rule Vuln ID: V-17750: Enable Load controls in forms3 - Office
CCE-1574-3	The "Automation Security (Disable macros by default \| Use application macro security level \| Macros enabled)" setting should be configured correctly	(1) enabled/disabled	2007: (1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Automation Security (Disable macros by default \| Use application macro security level \| Macros enabled) (2) Software\Policies\Microsoft\Office\Common\Security 2003: (1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Automation Security (2) HKLM\Software\Policies\Microsoft\Office\11.0\Common\Security - AutomationSecurity	NaN	CCE-1574	Table 1.24. Automation Security	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Automation Security (Disable macros by default \| Use application macro security level \| Macros enabled)	NaN	NaN	STIG ID: DTOO193 - Office Rule ID: SV-18924r3_rule Vuln ID: V-17741: Enable Automation Security to enforce macro level security in Office documents
CCE-1239-3	The "Prevent Word and Excel from loading managed code extensions" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Prevent Word and Excel from loading managed code extensions (2) Software\Policies\Microsoft\Office\Common\Smart Tag	NaN	CCE-1239	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Prevent Word and Excel from loading managed code extensions	NaN	NaN	NaN
CCE-1623-8	The "Disable hyperlink warnings" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable hyperlink warnings (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1623	Table 1.103. Disable hyperlink warnings	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable hyperlink warnings	NaN	NaN	STIG ID: DTOO194 - Office Rule ID: SV-18814r3_rule Vuln ID: V-17659: Configure the "disable hyperlink warnings" for Office to Disable.
CCE-1083-5	The "Disable password to open UI" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable password to open UI (2) Software\Policies\Microsoft\Office\12.0\Common\Security	NaN	CCE-1083	Table 1.111. Disable password to open UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable password to open UI	NaN	NaN	STIG ID: DTOO195 - Office Rule ID: SV-18826r3_rule Vuln ID: V-17665: Configure the "Disable Password to Open UI" for password secured documents.
CCE-1343-3	The "Download Office Controls" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Download Office Controls (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1343	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Download Office Controls	NaN	NaN	NaN
CCE-1242-7	The "Disable All ActiveX" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable All ActiveX (2) Software\Policies\Microsoft\Office\Common\Security	NaN	CCE-1242	Table 1.86. Disable All ActiveX	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Disable All ActiveX	NaN	NaN	NaN
CCE-770-8	The "Allow mix of policy and user locations" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Trust Center\Allow mix of policy and user locations (2) Software\Policies\Microsoft\Office\12.0\Common\Security\Trusted Locations	NaN	CCE-770	Table 1.8. Allow mix of policy and user locations	User Configuration\Administrative Templates\Microsoft Office 2007 system\Security Settings\Trust Center\Allow mix of policy and user locations	NaN	NaN	STIG ID: DTOO196 - Office Rule ID: SV-18659r3_rule Vuln ID: V-17560: Do not allow a mix of policy and user locations for Office Products.
CCE-903-5	The "Disable Smart Document's use of manifests" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Smart Documents (Word, Excel)\Disable Smart Document's use of manifests (2) Software\Policies\Microsoft\Office\Common\Smart Tag	NaN	CCE-903	Table 1.116. Disable Smart Document's use of manifests	User Configuration\Administrative Templates\Microsoft Office 2007 system\Smart Documents (Word, Excel)\Disable Smart Document's use of manifests	NaN	NaN	STIG ID: DTOO197 - Office Rule ID: SV-18834r3_rule Vuln ID: V-17669: Disable Smart Documents use of Manifests in Office
CCE-1555-2	The "Completely disable the Smart Documents feature in Word and Excel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Smart Documents (Word, Excel)\Completely disable the Smart Documents feature in Word and Excel (2) Software\Policies\Microsoft\Office\Common\Smart Tag	NaN	CCE-1555	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Smart Documents (Word, Excel)\Completely disable the Smart Documents feature in Word and Excel	NaN	NaN	NaN
CCE-1061-1	The "Disable Internet Fax feature" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Services\Fax\Disable Internet Fax feature (2) Software\Policies\Microsoft\Office\12.0\Common\Services\Fax	NaN	CCE-1061	Table 1.107. Disable Internet Fax feature	User Configuration\Administrative Templates\Microsoft Office 2007 system\Services\Fax\Disable Internet Fax feature	NaN	NaN	STIG ID: DTOO198 - Office Rule ID: SV-18818r3_rule Vuln ID: V-17661: Disable the ability for Office users to use the Internet Fax Feature.
CCE-1603-0	The "Prevent users from changing permissions on rights managed content" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Prevent users from changing permissions on rights managed content (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1603	Table 1.187. Prevent users from changing permissions on rights managed content	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Prevent users from changing permissions on rights managed content	NaN	NaN	STIG ID: DTOO199 - Office Rule ID: SV-18968r3_rule Vuln ID: V-17765: Prevent permissions change on 'rights managed' content - Office
CCE-1612-1	The "Allow users with earlier versions of Office to read with browsers..." setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Allow users with earlier versions of Office to read with browsers... (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1612	Table 1.13. Allow users with earlier versions of Office to read with browsers…	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Allow users with earlier versions of Office to read with browsers...	NaN	NaN	STIG ID: DTOO200 - Office 2007 Rule ID: SV-18782r3_rule Vuln ID: V-17583: Allow users with earlier versions of Office to read with browsers - System
CCE-1493-6	The "Always require users to connect to verify permission" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Always require users to connect to verify permission (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1493	Table 1.15. Always require users to connect to verify permission	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Always require users to connect to verify permission	NaN	NaN	STIG ID: DTOO201 - Office Rule ID: SV-18906r3_rule Vuln ID: V-17731: Always require users to connect to verify permissions - Office.
CCE-1409-2	The "Always expand groups in Office when restricting permission for documents" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Always expand groups in Office when restricting permission for documents (2) Software\Policies\Microsoft\Office\12.0\Common\DRM\AutoExpandDls	NaN	CCE-1409	Table 1.14. Always expand groups in Office when restricting permission for documents	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Always expand groups in Office when restricting permission for documents	NaN	NaN	NaN
CCE-1589-1	The "Never allow users to specify groups when restricting permission for documents" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Never allow users to specify groups when restricting permission for documents (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1589	Table 1.177. Never allow users to specify groups when restricting permission for documents	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Never allow users to specify groups when restricting permission for documents	NaN	NaN	NaN
CCE-1237-7	The "Disable Microsoft Passport service for content with restricted permission" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Disable Microsoft Passport service for content with restricted permission (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1237	Table 1.108. Disable Microsoft Passport service for content with restricted permission	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Disable Microsoft Passport service for content with restricted permission	NaN	NaN	STIG ID: DTOO202 - Office Rule ID: SV-18820r3_rule Vuln ID: V-17662: Disable Microsoft passport Service for content with restricted permissions - Office.
CCE-1404-3	The "Do not allow users to upgrade Information Rights Management configuration" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Do not allow users to upgrade Information Rights Management configuration (2) Software\Policies\Microsoft\Office\12.0\Common\DRM	NaN	CCE-1404	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Manage Restricted Permissions\Do not allow users to upgrade Information Rights Management configuration	NaN	NaN	NaN
CCE-1396-1	The "Key Usage Filtering" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Key Usage Filtering (2) Software\Policies\Microsoft\Office\12.0\Common\General	NaN	CCE-1396	Table 1.166. Key Usage Filtering	User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Key Usage Filtering	NaN	NaN	NaN
CCE-1167-6	The "EKU filtering" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\EKU filtering (2) Software\Policies\Microsoft\Office\12.0\Common\Signatures	NaN	CCE-1167	Table 1.146. EKU filtering	User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\EKU filtering	NaN	NaN	NaN
CCE-1585-9	The "Legacy format signatures" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Legacy format signatures (2) Software\Policies\Microsoft\Office\12.0\Common\Signatures	NaN	CCE-1585	Table 1.167. Legacy format signatures	User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Legacy format signatures	NaN	NaN	STIG ID: DTOO203 - Office Rule ID: SV-18937r3_rule Vuln ID: V-17749: Legacy format signatures should be enabled - Office
CCE-1572-7	The "Suppress Office Signing Providers (Enable Western and East Asian \| Suppress default Western \| Suppress default East Asian \| Suppress both Western and East Asian)" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Suppress Office Signing Providers (Enable Western and East Asian \| Suppress default Western \| Suppress default East Asian \| Suppress both Western and East Asian) (2) Software\Policies\Microsoft\Office\12.0\Common\Signatures	NaN	CCE-1572	Table 1.223. Suppress Office Signing Providers	User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Suppress Office Signing Providers (Enable Western and East Asian \| Suppress default Western \| Suppress default East Asian \| Suppress both Western and East Asian)	NaN	NaN	NaN
CCE-1220-3	The "Suppress external signature services menu item" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Suppress external signature services menu item (2) Software\Policies\Microsoft\Office\12.0\Common\Signatures	NaN	CCE-1220	Table 1.222. Suppress external signature services menu item	User Configuration\Administrative Templates\Microsoft Office 2007 system\Signing\Suppress external signature services menu item	NaN	NaN	STIG ID: DTOO204 - Office Rule ID: SV-19036r3_rule Vuln ID: V-17805: Enable the feature to suppress external Signature Services Menu for Office.
CCE-1634-5	The "Disable Check For Solutions" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Office Diagnostics\Disable Check For Solutions (2) Software\Policies\Microsoft\Office\Common\OffDiag	NaN	CCE-1634	Table 1.92. Disable Check For Solutions	User Configuration\Administrative Templates\Microsoft Office 2007 system\Office Diagnostics\Disable Check For Solutions	NaN	NaN	STIG ID: DTOO205 - Office 2007 Rule ID: SV-18802r3_rule Vuln ID: V-17653: Enable the "Disable Check for Solutions" in Office.
CCE-1643-6	The "Disable inclusion of document properties in PDF and XPS output" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Microsoft Save As PDF and XPS add-ins\Disable inclusion of document properties in PDF and XPS output (2) Software\Policies\Microsoft\Office\12.0\Common\FixedFormat	NaN	CCE-1643	Table 1.105. Disable inclusion of document properties in PDF and XPS output	User Configuration\Administrative Templates\Microsoft Office 2007 system\Microsoft Save As PDF and XPS add-ins\Disable inclusion of document properties in PDF and XPS output	NaN	NaN	STIG ID: DTOO206 - Office Rule ID: SV-18816r3_rule Vuln ID: V-17660: Disable inclusion of document properties for PDF and XPS output - Office.
CCE-1546-1	The "Disable Document Information Panel" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Document Information Panel\Disable Document Information Panel (2) Software\Policies\Microsoft\Office\12.0\Common\DocumentInformationPanel	NaN	CCE-1546	Table 1.96. Disable Document Information Panel	User Configuration\Administrative Templates\Microsoft Office 2007 system\Document Information Panel\Disable Document Information Panel	NaN	NaN	NaN
CCE-1505-7	The "Document Information Panel Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone)" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Document Information Panel\Document Information Panel Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone) (2) Software\Policies\Microsoft\Office\12.0\Common\DocumentInformationPanel	NaN	CCE-1505	Table 1.144. Document Information Panel Beaconing UI	User Configuration\Administrative Templates\Microsoft Office 2007 system\Document Information Panel\Document Information Panel Beaconing UI (Never show UI \| Always show UI \| Show UI if XSN is in Internet Zone)	NaN	NaN	STIG ID: DTOO207 - Office 2007 Rule ID: SV-18740r3_rule Vuln ID: V-17605: Always show Document Information Panel Beaconing UI - Office
CCE-1545-3	The "Disable the Office client from polling the Office server for published links" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Server Settings\Disable the Office client from polling the Office server for published links (2) Software\Policies\Microsoft\Office\12.0\Common\Portal	NaN	CCE-1545	Table 1.118. Disable the Office client from polling the Office server for published links	User Configuration\Administrative Templates\Microsoft Office 2007 system\Server Settings\Disable the Office client from polling the Office server for published links	NaN	NaN	STIG ID: DTOO208 - Office Rule ID: SV-18836r3_rule Vuln ID: V-17670: Disable the Office client from polling the Sharepoint server for published links.
CCE-1549-5	The "Block opening of pre-release versions of file formats new to Word 2007 through the Compatibility Pack for the 2007 Office system and Word 2007 Open XML/Word 97-2003 Format Converter" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to Word 2007 through the Compatibility Pack for the 2007 Office system and Word 2007 Open XML/Word 97-2003 Format Converter (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1549	Table 1.44. Block opening of pre-release versions of file formats new to Word 2007 through the Compatibility Pack for the 2007 Office system and Word 2007 Open XML/Word 97-2003 Format Converter	User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to Word 2007 through the Compatibility Pack for the 2007 Office system and Word 2007 Open XML/Word 97-2003 Format Converter	NaN	NaN	NaN
CCE-1431-6	The "Block opening of pre-release versions of file formats new to Excel 2007 through the Compatibility Pack for the 2007 Office system and Excel 2007 Converter" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to Excel 2007 through the Compatibility Pack for the 2007 Office system and Excel 2007 Converter (2) Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock	NaN	CCE-1431	Table 1.40. Block opening of pre-release versions of file formats new to Excel 2007 through the Compatibility Pack for the 2007 Office system and Excel 2007 Converter	User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to Excel 2007 through the Compatibility Pack for the 2007 Office system and Excel 2007 Converter	NaN	NaN	NaN
CCE-1594-1	The "Block opening of pre-release versions of file formats new to PowerPoint 2007 through the Compatibility Pack for the 2007 Office system and PowerPoint 2007 Converter" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to PowerPoint 2007 through the Compatibility Pack for the 2007 Office system and PowerPoint 2007 Converter (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1594	Table 1.42. Block opening of pre-release versions of file formats new to PowerPoint 2007 through the Compatibility Pack for the 2007 Office system and PowerPoint 2007 Converter	User Configuration\Administrative Templates\Microsoft Office 2007 system\Office 2007 Converters\Block opening of pre-release versions of file formats new to PowerPoint 2007 through the Compatibility Pack for the 2007 Office system and PowerPoint 2007 Converter	NaN	NaN	NaN
CCE-1241-9	The "Control Blogging (Enabled \| Only SharePoint blogs allowed \| All blogging disabled)" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Control Blogging (Enabled \| Only SharePoint blogs allowed \| All blogging disabled) (2) Software\Policies\Microsoft\Office\12.0\Common\Blog	NaN	CCE-1241	Table 1.78. Control blogging	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Control Blogging (Enabled \| Only SharePoint blogs allowed \| All blogging disabled)	NaN	NaN	STIG ID: DTOO212 - Office Rule ID: SV-18701r3_rule Vuln ID: V-17581: Control Blogging entries created from inside Office products.
CCE-1607-1	The "Enable Smart Resume" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Enable Smart Resume (2) Software\Policies\Microsoft\Office\12.0\Common\Restore Workspace	NaN	CCE-1607	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Enable Smart Resume	NaN	NaN	NaN
CCE-752-6	The "Do not upload media files" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Do not upload media files (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-752	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Do not upload media files	NaN	NaN	NaN
CCE-1166-8	The "Disable hyperlinks to web templates in File \| New and task panes" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Disable hyperlinks to web templates in File \| New and task panes (2) Software\Policies\Microsoft\Office\12.0\Common\Internet	NaN	CCE-1166	Table 1.104. Disable hyperlinks to web templates from the client and from Office Online website	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Disable hyperlinks to web templates in File \| New and task panes	NaN	NaN	NaN
CCE-654-4	The "Prevent access to Web-based file storage" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Prevent access to Web-based file storage (2) Software\Policies\Microsoft\Office\12.0\Common\WebServices	NaN	CCE-654	NaN	User Configuration\Administrative Templates\Microsoft Office 2007 system\Miscellaneous\Prevent access to Web-based file storage	NaN	NaN	NaN
CCE-1192-4	The "Do not allow attachment previewing in Outlook" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Do not allow attachment previewing in Outlook (2) Software\Policies\Microsoft\Office\12.0\Outlook\Preferences	NaN	CCE-1192	Table 1.128. Do not allow attachment previewing in Outlook	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Do not allow attachment previewing in Outlook	NaN	NaN	NaN
CCE-791-4	The "Read e-mail as plain text" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Read e-mail as plain text (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-791	Table 1.192. Read e-mail as plain text	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Read e-mail as plain text	NaN	NaN	NaN
CCE-1456-3	The "Read signed e-mail as plain text" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Read signed e-mail as plain text (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1456	Table 1.193. Read signed e-mail as plain text	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\E-mail Options\Read signed e-mail as plain text	NaN	NaN	NaN
CCE-1478-7	The "Prevent publishing to Office Online" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServicePrevent publishing to Office Online (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\PubCal	NaN	CCE-1478	Table 1.185. Prevent publishing to Office Online	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServicePrevent publishing to Office Online	NaN	NaN	NaN
CCE-1368-0	The "Prevent publishing to a DAV server" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServicePrevent publishing to a DAV server (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\PubCal	NaN	CCE-1368	Table 1.184. Prevent publishing to a DAV server	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServicePrevent publishing to a DAV server	NaN	NaN	NaN
CCE-1641-0	The "Restrict level of calendar details users can publish (All options are available \| Disables 'Full details' \| Disables 'Full details' and 'Limited details')" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceRestrict level of calendar details users can publish (All options are available \| Disables 'Full details' \| Disables 'Full details' and 'Limited details') (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\PubCal	NaN	CCE-1641	Table 1.202. Restrict level of calendar details users can publish	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceRestrict level of calendar details users can publish (All options are available \| Disables 'Full details' \| Disables 'Full details' and 'Limited details')	NaN	NaN	NaN
CCE-1266-6	The "Access to published calendars" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceAccess to published calendars (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\PubCal	NaN	CCE-1266	Table 1.1. Access to published calendars	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceAccess to published calendars	NaN	NaN	NaN
CCE-1399-5	The "Restrict upload method" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceRestrict upload method (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\PubCal	NaN	CCE-1399	Table 1.203. Restrict upload method	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Calendar Options\Microsoft Office Online Sharing ServiceRestrict upload method	NaN	NaN	NaN
CCE-1187-4	The "Hide Junk Mail UI" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Hide Junk Mail UI (2) Software\Policies\Microsoft\Office\12.0\Outlook	NaN	CCE-1187	Table 1.158. Hide Junk Mail UI	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Hide Junk Mail UI	NaN	NaN	NaN
CCE-1588-3	The "Junk E-mail protection level (No Protection, Low, High, Trusted Lists Only)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Junk E-mail protection level (No Protection, Low, High, Trusted Lists Only) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1588	Table 1.165. Junk E-mail protection level	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Junk E-mail protection level (No Protection, Low, High, Trusted Lists Only)	NaN	NaN	NaN
CCE-1117-1	The "Trust E-mail from Contacts" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Trust E-mail from Contacts (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1117	Table 1.226. Trust E-mail from Contacts	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Trust E-mail from Contacts	NaN	NaN	NaN
CCE-1130-4	The "Add e-mail recipients to users' Safe Senders Lists" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Add e-mail recipients to users' Safe Senders Lists (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1130	Table 1.4. Add e-mail recipients to users' Safe Senders Lists	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Preferences\Junk E-mail\Add e-mail recipients to users' Safe Senders Lists	NaN	NaN	NaN
CCE-1093-4	The "Dial-up options" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1093	Table 1.84. Dial-up options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options	NaN	NaN	NaN
CCE-1599-0	The "Dial-up options - Warn before switching dial-up connection" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Warn before switching dial-up connection (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1599	Table 1.84. Dial-up options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Warn before switching dial-up connection	NaN	NaN	NaN
CCE-1621-2	The "Dial-up options - Hang up when finished sending, receiving, or updating" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Hang up when finished sending, receiving, or updating (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1621	Table 1.84. Dial-up options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Hang up when finished sending, receiving, or updating	NaN	NaN	NaN
CCE-1269-0	The "Dial-up options - Automatically dial during a background Send/Receive" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Automatically dial during a background Send/Receive (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1269	Table 1.84. Dial-up options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Setup\Dial-up options - Automatically dial during a background Send/Receive	NaN	NaN	NaN
CCE-1419-1	The "Do not allow creating, replying, or forwarding signatures for e-mail messages" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Do not allow creating, replying, or forwarding signatures for e-mail messages (2) Software\Policies\Microsoft\Office\12.0\Common\MailSettings	NaN	CCE-1419	Table 1.129. Do not allow creating, replying, or forwarding signatures for e-mail messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Do not allow creating, replying, or forwarding signatures for e-mail messages	NaN	NaN	NaN
CCE-1551-1	The "Send copy of pictures with HTML messages instead of reference to Internet location" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Send copy of pictures with HTML messages instead of reference to Internet location (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1551	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Send copy of pictures with HTML messages instead of reference to Internet location	NaN	NaN	NaN
CCE-655-1	The "Outlook Rich Text options (Convert to HTML \| Convert to Plain Text format \| Send Using Outlook Rich Text format)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Outlook Rich Text options (Convert to HTML \| Convert to Plain Text format \| Send Using Outlook Rich Text format) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-655	Table 1.181. Outlook Rich Text options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Outlook Rich Text options (Convert to HTML \| Convert to Plain Text format \| Send Using Outlook Rich Text format)	NaN	NaN	NaN
CCE-1592-5	The "Plain text options" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Plain text options (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1592	Table 1.183. Plain text options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Plain text options	NaN	NaN	NaN
CCE-1614-7	The "Plain text options - Encode attachments in UUENCODE format when sending a plain text message" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Plain text options - Encode attachments in UUENCODE format when sending a plain text message (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1614	Table 1.183. Plain text options	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Plain text options - Encode attachments in UUENCODE format when sending a plain text message	NaN	NaN	NaN
CCE-1526-3	The "Set message format (HTML \| Rich Text \| Plain Text)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Message FormatSet message format (HTML \| Rich Text \| Plain Text) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1526	Table 1.217. Set message format	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Mail Format\Internet Formatting\Message FormatSet message format (HTML \| Rich Text \| Plain Text)	NaN	NaN	NaN
CCE-1111-4	The "Make Outlook the default program for E-mail, Contacts, and Calendar" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Make Outlook the default program for E-mail, Contacts, and Calendar (2) software\policies\microsoft\office\12.0\outlook\options\general	NaN	CCE-1111	Table 1.171. Make Outlook the default program for E-mail, Contacts, and Calendar	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Make Outlook the default program for E-mail, Contacts, and Calendar	NaN	NaN	NaN
CCE-1494-4	The "Do not allow folders in non-default stores to be set as folder home pages" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow folders in non-default stores to be set as folder home pages (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1494	Table 1.130. Do not allow folders in non-default stores to be set as folder home pages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow folders in non-default stores to be set as folder home pages	NaN	NaN	NaN
CCE-1287-2	The "Use Unicode format when dragging e-mail message to file system" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Use Unicode format when dragging e-mail message to file system (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\General	NaN	CCE-1287	Table 1.233. Use Unicode format when dragging e-mail message to file system	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Use Unicode format when dragging e-mail message to file system	NaN	NaN	NaN
CCE-1529-7	The "Do not allow Outlook object model scripts to run for shared folders" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow Outlook object model scripts to run for shared folders (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1529	Table 1.132. Do not allow Outlook object model scripts to run for shared folders	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow Outlook object model scripts to run for shared folders	NaN	NaN	NaN
CCE-1560-2	The "Do not allow Outlook object model scripts to run for public folders" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow Outlook object model scripts to run for public folders (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1560	Table 1.131. Do not allow Outlook object model scripts to run for public folders	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Advanced\Do not allow Outlook object model scripts to run for public folders	NaN	NaN	NaN
CCE-1596-6	The "Set maximum level of online status on a person name (Do not allow \| Allow everywhere except To and CC field \| Allow everywhere)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Set maximum level of online status on a person name (Do not allow \| Allow everywhere except To and CC field \| Allow everywhere) (2) Software\Policies\Microsoft\Office\12.0\Outlook\IM	NaN	CCE-1596	Table 1.216. Set maximum level of online status on a person name	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Set maximum level of online status on a person name (Do not allow \| Allow everywhere except To and CC field \| Allow everywhere)	NaN	NaN	NaN
CCE-1604-8	The "Display online status on a person name (Never \| Everywhere except To and CC field \| Everywhere)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Display online status on a person name (Never \| Everywhere except To and CC field \| Everywhere) (2) Software\Policies\Microsoft\Office\12.0\Outlook\IM	NaN	CCE-1604	Table 1.126. Display online status on a person name	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Display online status on a person name (Never \| Everywhere except To and CC field \| Everywhere)	NaN	NaN	NaN
CCE-1648-5	The "Turn off Enable the Person Names Smart Tag option" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Turn off Enable the Person Names Smart Tag option (2) Software\Policies\Microsoft\Office\12.0\Outlook\IM	NaN	CCE-1648	Table 1.227. Turn off Enable the Person Names Smart Tag option	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Options...\Other\Person Names\Turn off Enable the Person Names Smart Tag option	NaN	NaN	NaN
CCE-1516-4	The "Outlook Security Mode (Outlook Default Security \| Use Security Form from 'Outlook Security Settings' Public Folder \| Use Security Form from 'Outlook 10 Security Settings' Public Folder \| Use Outlook Security Group Policy)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Outlook Security Mode (Outlook Default Security \| Use Security Form from 'Outlook Security Settings' Public Folder \| Use Security Form from 'Outlook 10 Security Settings' Public Folder \| Use Outlook Security Group Policy) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1516	Table 1.182. Outlook Security Mode	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Outlook Security Mode (Outlook Default Security \| Use Security Form from 'Outlook Security Settings' Public Folder \| Use Security Form from 'Outlook 10 Security Settings' Public Folder \| Use Outlook Security Group Policy)	NaN	NaN	NaN
CCE-1296-3	The "Display Level 1 attachments" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Display Level 1 attachments (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1296	Table 1.125. Display Level 1 attachments	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Display Level 1 attachments	NaN	NaN	NaN
CCE-1388-8	The "Allow users to demote attachments to Level 2" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Allow users to demote attachments to Level 2 (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1388	Table 1.12. Allow users to demote attachments to Level 2	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Allow users to demote attachments to Level 2	NaN	NaN	NaN
CCE-1652-7	The "Do not prompt about Level 1 attachments when sending an item" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Do not prompt about Level 1 attachments when sending an item (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1652	Table 1.140. Do not prompt about Level 1 attachments when sending an item	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Do not prompt about Level 1 attachments when sending an item	NaN	NaN	NaN
CCE-1569-3	The "Do not prompt about Level 1 attachments when closing an item" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Do not prompt about Level 1 attachments when closing an item (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1569	Table 1.139. Do not prompt about Level 1 attachments when closing an item	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Do not prompt about Level 1 attachments when closing an item	NaN	NaN	NaN
CCE-1459-7	The "Allow in-place activation of embedded OLE objects" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Allow in-place activation of embedded OLE objects (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1459	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Allow in-place activation of embedded OLE objects	NaN	NaN	NaN
CCE-1608-9	The "Display OLE package objects" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Display OLE package objects (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1608	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Display OLE package objects	NaN	NaN	NaN
CCE-1617-0	The "Add file extensions to block as Level 1" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Add file extensions to block as Level 1 (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1617	Table 1.5. Add file extensions to block as Level 1	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Add file extensions to block as Level 1	NaN	NaN	NaN
CCE-1631-1	The "Remove file extensions blocked as Level 1" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Remove file extensions blocked as Level 1 (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1631	Table 1.196. Remove file extensions blocked as Level 1	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Remove file extensions blocked as Level 1	NaN	NaN	NaN
CCE-1155-1	The "Add file extensions to block as Level 2" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Add file extensions to block as Level 2 (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1155	Table 1.6. Add file extensions to block as Level 2	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Add file extensions to block as Level 2	NaN	NaN	NaN
CCE-1556-0	The "Remove file extensions blocked as Level 2" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Remove file extensions blocked as Level 2 (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1556	Table 1.197. Remove file extensions blocked as Level 2	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Attachment Security\Remove file extensions blocked as Level 2	NaN	NaN	NaN
CCE-1595-8	The "Allow scripts in one-off Outlook forms" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Allow scripts in one-off Outlook forms (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1595	Table 1.10. Allow scripts in one-off Outlook forms	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Allow scripts in one-off Outlook forms	NaN	NaN	NaN
CCE-1436-5	The "Set Outlook object model Custom Actions execution prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Set Outlook object model Custom Actions execution prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1436	Table 1.218. Set Outlook object model Custom Actions execution prompt	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Set Outlook object model Custom Actions execution prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1586-7	The "Set control ItemProperty prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Set control ItemProperty prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1586	Table 1.215. Set control ItemProperty prompt	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Custom Form Security\Set control ItemProperty prompt (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1590-9	The "Configure Outlook object model prompt when sending mail (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when sending mail (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1590	Table 1.71. Configure Outlook object model prompt when sending mail	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when sending mail (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1004-1	The "Configure Outlook object model prompt when accessing an address book (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when accessing an address book (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1004	Table 1.65. Configure Outlook object model prompt when accessing an address book	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when accessing an address book (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1273-2	The "Configure Outlook object model prompt when reading address information (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when reading address information (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1273	Table 1.69. Configure Outlook object model prompt when reading address information	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when reading address information (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1172-6	The "Configure Outlook object model prompt when responding to meeting and task requests (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when responding to meeting and task requests (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1172	Table 1.70. Configure Outlook object model prompt when responding to meeting and task requests	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when responding to meeting and task requests (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1568-5	The "Configure Outlook object model prompt when executing Save As (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when executing Save As (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1568	Table 1.68. Configure Outlook object model prompt when executing Save As	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when executing Save As (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1573-5	The "Configure Outlook object model prompt When accessing the Formula property of a UserProperty object (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt When accessing the Formula property of a UserProperty object (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1573	Table 1.67. Configure Outlook object model prompt When accessing the Formula property of a UserProperty object	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt When accessing the Formula property of a UserProperty object (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1454-8	The "Configure Outlook object model prompt when accessing address information via UserProperties.Find (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when accessing address information via UserProperties.Find (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1454	Table 1.66. Configure Outlook object model prompt when accessing address information via UserProperties.Find	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Configure Outlook object model prompt when accessing address information via UserProperties.Find (Prompt User \| Automatically Approve \| Automatically Deny \| Prompt user based on computer security)	NaN	NaN	NaN
CCE-1498-5	The "Required Certificate Authority" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Required Certificate Authority (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1498	Table 1.201. Required Certificate Authority	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Required Certificate Authority	NaN	NaN	NaN
CCE-1630-3	The "S/MIME interoperability with external clients: (Handle internally \| Handle externally \| Handle if possible)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME interoperability with external clients: (Handle internally \| Handle externally \| Handle if possible) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1630	Table 1.207. S/MIME interoperability with external clients:	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME interoperability with external clients: (Handle internally \| Handle externally \| Handle if possible)	NaN	NaN	NaN
CCE-1626-1	The "Always use Rich Text formatting in S/MIME messages" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Always use Rich Text formatting in S/MIME messages (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1626	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Always use Rich Text formatting in S/MIME messages	NaN	NaN	NaN
CCE-1163-5	The "S/MIME password settings" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings (2) Software\Policies\Microsoft\Cryptography\Defaults\Provider\Microsoft Exchange Cryptographic Provider v1.0	NaN	CCE-1163	Table 1.208. S/MIME password settings	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings	NaN	NaN	NaN
CCE-1445-6	The "S/MIME password settings - Default S/MIME password time (minutes): (0 - 2147483647)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings - Default S/MIME password time (minutes): (0 - 2147483647) (2) Software\Policies\Microsoft\Cryptography\Defaults\Provider\Microsoft Exchange Cryptographic Provider v1.0	NaN	CCE-1445	Table 1.208. S/MIME password settings	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings - Default S/MIME password time (minutes): (0 - 2147483647)	NaN	NaN	NaN
CCE-1582-6	The "S/MIME password settings - Maximum S/MIME password time (minutes): (0 - 2147483647)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings - Maximum S/MIME password time (minutes): (0 - 2147483647) (2) Software\Policies\Microsoft\Cryptography\Defaults\Provider\Microsoft Exchange Cryptographic Provider v1.0	NaN	CCE-1582	Table 1.208. S/MIME password settings	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME password settings - Maximum S/MIME password time (minutes): (0 - 2147483647)	NaN	NaN	NaN
CCE-1357-3	The "Message Formats" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Message Formats (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1357	Table 1.172. Message Formats	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Message Formats	NaN	NaN	NaN
CCE-1132-0	The "Message Formats - Support the following message formats: (S/MIME \| Exchange \| Fortezza \| S/MIME and Exchange \| S/MIME and Fortezza \| Exchange and Fortezza \| S/MIME, Exchange, and Fortezza)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Message Formats - Support the following message formats: (S/MIME \| Exchange \| Fortezza \| S/MIME and Exchange \| S/MIME and Fortezza \| Exchange and Fortezza \| S/MIME, Exchange, and Fortezza) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1132	Table 1.172. Message Formats	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Message Formats - Support the following message formats: (S/MIME \| Exchange \| Fortezza \| S/MIME and Exchange \| S/MIME and Fortezza \| Exchange and Fortezza \| S/MIME, Exchange, and Fortezza)	NaN	NaN	NaN
CCE-1511-5	2007: The "Do not provide Continue option on Encryption warning dialog boxes" setting should be configured correctly for Outlook 2007. 2003: The "Disable Continue button on all Encryption warning dialogs" setting should be configured correctly.	(1) enabled/disabled	(1) 2007: User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Do not provide Continue option on Encryption warning dialog boxes (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security 2003: (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Disable Continue button on all Encryption warning dialogs (4) HKCU\Software\Policies\Microsoft\office\11.0\outlook\Security - DisableContinue	NaN	CCE-1511	Table 1.142. Do not provide Continue option on Encryption warning dialog boxes	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Do not provide Continue option on Encryption warning dialog boxes	NaN	NaN	NaN
CCE-1018-1	The "Run in FIPS compliant mode" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Run in FIPS compliant mode (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1018	Table 1.205. Run in FIPS compliant mode	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Run in FIPS compliant mode	NaN	NaN	NaN
CCE-1181-7	The "Encrypt all e-mail messages" setting should be configured correctly for Outlook 2007 and 2003.	(1) enabled/disabled	2007: (1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Encrypt all e-mail messages (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security 2003: (1) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\Encrypt all e-mail messages (2) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - AlwaysEncrypt	NaN	CCE-1181	Table 1.151. Encrypt all e-mail messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Encrypt all e-mail messages	NaN	NaN	NaN
CCE-1639-4	The "Sign all e-mail messages" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Sign all e-mail messages (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1639	Table 1.219. Sign all e-mail messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Sign all e-mail messages	NaN	NaN	NaN
CCE-677-5	The "URL for S/MIME certificates" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\URL for S/MIME certificates (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-677	Table 1.232. URL for S/MIME certificates	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\URL for S/MIME certificates	NaN	NaN	NaN
CCE-687-4	The "Ensure all S/MIME signed messages have a label" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Ensure all S/MIME signed messages have a label (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-687	Table 1.154. Ensure all S/MIME signed messages have a label	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Ensure all S/MIME signed messages have a label	NaN	NaN	NaN
CCE-1613-9	The "S/MIME receipt requests (Open message if receipt can't be sent \| Don't open message if receipt can't be sent \| Always prompt before sending receipt \| Never send S/MIME )" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME receipt requests (Open message if receipt can't be sent \| Don't open message if receipt can't be sent \| Always prompt before sending receipt \| Never send S/MIME ) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1613	Table 1.209. S/MIME receipt requests	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\S/MIME receipt requests (Open message if receipt can't be sent \| Don't open message if receipt can't be sent \| Always prompt before sending receipt \| Never send S/MIME )	NaN	NaN	NaN
CCE-1402-7	The "Fortezza certificate policies" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Fortezza certificate policies (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1402	Table 1.156. Fortezza certificate policies	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Fortezza certificate policies	NaN	NaN	NaN
CCE-1658-4	The "Require SuiteB algorithms for S/MIME operations" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Require SuiteB algorithms for S/MIME operations (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1658	Table 1.199. Require SuiteB algorithms for S/MIME operations	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Require SuiteB algorithms for S/MIME operations	NaN	NaN	NaN
CCE-1662-6	The "Missing CRLs" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing CRLs (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1662	Table 1.174. Missing CRLs	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing CRLs	NaN	NaN	NaN
CCE-1080-1	The "Missing CRLs - Indicate a missing CRL as a(n): (warning \| error)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing CRLs - Indicate a missing CRL as a(n): (warning \| error) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1080	Table 1.174. Missing CRLs	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing CRLs - Indicate a missing CRL as a(n): (warning \| error)	NaN	NaN	NaN
CCE-1076-9	The "Missing root certificates" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing root certificates (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1076	Table 1.175. Missing root certificates	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing root certificates	NaN	NaN	NaN
CCE-1636-0	The "Missing root certificates - Indicate a missing root certificate as a(n): (neither error nor warning \| warning \| error)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing root certificates - Indicate a missing root certificate as a(n): (neither error nor warning \| warning \| error) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1636	Table 1.175. Missing root certificates	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Missing root certificates - Indicate a missing root certificate as a(n): (neither error nor warning \| warning \| error)	NaN	NaN	NaN
CCE-943-1	The "Promote Level 2 errors as errors, not warnings" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Promote Level 2 errors as errors, not warnings (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-943	Table 1.189. Promote Level 2 errors as errors, not warnings	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Promote Level 2 errors as errors, not warnings	NaN	NaN	NaN
CCE-1591-7	The "Attachment Secure Temporary Folder" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Attachment Secure Temporary Folder (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1591	Table 1.18. Attachment Secure Temporary Folder	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Cryptography\Signature Status dialog box\Attachment Secure Temporary Folder	NaN	NaN	NaN
CCE-1133-8	The "Display pictures and external content in HTML e-mail" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Display pictures and external content in HTML e-mail (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1133	Table 1.127. Display pictures and external content in HTML e-mail	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Display pictures and external content in HTML e-mail	NaN	NaN	NaN
CCE-725-2	The "Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-725	Table 1.22. Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists	NaN	NaN	NaN
CCE-1347-4	The "Do not permit download of content from safe zones" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Do not permit download of content from safe zones (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1347	Table 1.138. Do not permit download of content from safe zones	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Do not permit download of content from safe zones	NaN	NaN	NaN
CCE-1475-3	The "Block Trusted Zones" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Block Trusted Zones (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1475	Table 1.63. Block Trusted Zones	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Block Trusted Zones	NaN	NaN	NaN
CCE-1497-7	The "Include Internet in Safe Zones for Automatic Picture Download" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Include Internet in Safe Zones for Automatic Picture Download (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1497	Table 1.161. Include Internet in Safe Zones for Automatic Picture Download	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Include Internet in Safe Zones for Automatic Picture Download	NaN	NaN	NaN
CCE-1501-6	The "Include Intranet in Safe Zones for Automatic Picture Download" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Include Intranet in Safe Zones for Automatic Picture Download (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1501	Table 1.162. Include Intranet in Safe Zones for Automatic Picture Download	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Automatic Picture Download Settings\Include Intranet in Safe Zones for Automatic Picture Download	NaN	NaN	NaN
CCE-1030-6	The "Security setting for macros (Always warn \| Never warn, disable all \| Warn for signed, disable unsigned \| No security check)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Security setting for macros (Always warn \| Never warn, disable all \| Warn for signed, disable unsigned \| No security check) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1030	Table 1.213. Security setting for macros	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Security setting for macros (Always warn \| Never warn, disable all \| Warn for signed, disable unsigned \| No security check)	NaN	NaN	NaN
CCE-1052-0	The "Enable links in e-mail messages" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Enable links in e-mail messages (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1052	Table 1.149. Enable links in e-mail messages	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Enable links in e-mail messages	NaN	NaN	NaN
CCE-1462-1	The "Apply macro security settings to macros, add-ins, and SmartTags" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Apply macro security settings to macros, add-ins, and SmartTags (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1462	Table 1.16. Apply macro security settings to macros, add-ins, and SmartTags	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Trust Center\Apply macro security settings to macros, add-ins, and SmartTags	NaN	NaN	NaN
CCE-1281-5	The "Automatically configure profile based on Active Directory Primary SMTP address" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Automatically configure profile based on Active Directory Primary SMTP address (2) Software\Policies\Microsoft\Office\12.0\Outlook\AutoDiscover	NaN	CCE-1281	Table 1.20. Automatically configure profile based on Active Directory Primary SMTP address	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Automatically configure profile based on Active Directory Primary SMTP address	NaN	NaN	NaN
CCE-1303-7	The "Do not allow users to change permissions on folders" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Do not allow users to change permissions on folders (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Folders	NaN	CCE-1303	Table 1.133. Do not allow users to change permissions on folders	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Do not allow users to change permissions on folders	NaN	NaN	NaN
CCE-1082-7	The "Enable RPC encryption" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Enable RPC encryption (2) Software\Policies\Microsoft\Office\12.0\Outlook\RPC	NaN	CCE-1082	Table 1.150. Enable RPC encryption	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Enable RPC encryption	NaN	NaN	NaN
CCE-1712-9	The "Authentication with Exchange Server (Kerberos/NTLM Password Authentication \| Kerberos Password Authentication \| NTLM Password Authentication)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Authentication with Exchange Server (Kerberos/NTLM Password Authentication \| Kerberos Password Authentication \| NTLM Password Authentication) (2) Software\Policies\Microsoft\Office\12.0\Outlook\Security	NaN	CCE-1712	Table 1.19. Authentication with Exchange Server	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Exchange\Authentication with Exchange Server (Kerberos/NTLM Password Authentication \| Kerberos Password Authentication \| NTLM Password Authentication)	NaN	NaN	NaN
CCE-1131-2	The "Synchronize Outlook RSS Feeds with Common Feed List" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Synchronize Outlook RSS Feeds with Common Feed List (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\RSS	NaN	CCE-1131	Table 1.224. Synchronize Outlook RSS Feeds with Common Feed List	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Synchronize Outlook RSS Feeds with Common Feed List	NaN	NaN	NaN
CCE-1620-4	The "Turn off RSS feature" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Turn off RSS feature (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\RSS	NaN	CCE-1620	Table 1.228. Turn off RSS feature	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Turn off RSS feature	NaN	NaN	NaN
CCE-1541-2	The "Automatically download enclosures" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Automatically download enclosures (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\RSS	NaN	CCE-1541	NaN	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Automatically download enclosures	NaN	NaN	NaN
CCE-1311-0	The "Download full text of articles as HTML attachments" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Download full text of articles as HTML attachments (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\RSS	NaN	CCE-1311	Table 1.145. Download full text of articles as HTML attachments	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\RSS Feeds\Download full text of articles as HTML attachments	NaN	NaN	NaN
CCE-1682-4	The "Automatically download attachments" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Internet Calendars\Automatically download attachments (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\WebCal	NaN	CCE-1682	Table 1.21. Automatically download attachments	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Internet Calendars\Automatically download attachments	NaN	NaN	NaN
CCE-1461-3	The "Do not include Internet Calendar integration in Outlook" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Internet Calendars\Do not include Internet Calendar integration in Outlook (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\WebCal	NaN	CCE-1461	Table 1.137. Do not include Internet Calendar integration in Outlook	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Tools \| Account Settings\Internet Calendars\Do not include Internet Calendar integration in Outlook	NaN	NaN	NaN
CCE-1041-3	The "Disable user entries to server list (Publish default, allow others \| Publish default, disallow others)" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Meeting Workspace\Disable user entries to server list (Publish default, allow others \| Publish default, disallow others) (2) Software\Policies\Microsoft\Office\12.0\Meetings\Profile	NaN	CCE-1041	Table 1.123. Disable user entries to server list	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Meeting Workspace\Disable user entries to server list (Publish default, allow others \| Publish default, disallow others)	NaN	NaN	NaN
CCE-1565-1	The "Do not expand distribution lists" setting should be configured correctly for Outlook 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Miscellaneous\Do not expand distribution lists (2) Software\Policies\Microsoft\Office\12.0\Outlook\Options\Mail	NaN	CCE-1565	Table 1.136. Do not expand distribution lists	User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Miscellaneous\Do not expand distribution lists	NaN	NaN	NaN
CCE-1719-4	The "Save files in this format (PowerPoint Presentation (.pptx) \| PowerPoint Macro-Enabled Presentation (.pptm) \| PowerPoint 97-2003 Presentation (*.ppt))" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Save\Save files in this format (PowerPoint Presentation (.pptx) \| PowerPoint Macro-Enabled Presentation (.pptm) \| PowerPoint 97-2003 Presentation (*.ppt)) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Options	NaN	CCE-1719	Table 1.212. Save files in this format	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Save\Save files in this format (PowerPoint Presentation (.pptx) \| PowerPoint Macro-Enabled Presentation (.pptm) \| PowerPoint 97-2003 Presentation (*.ppt))	NaN	NaN	NaN
CCE-1477-9	The "Number of documents in the Recent Documents list (0 - 50)" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Advanced\Number of documents in the Recent Documents list (0 - 50) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\File MRU	NaN	CCE-1477	NaN	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Advanced\Number of documents in the Recent Documents list (0 - 50)	NaN	NaN	NaN
CCE-1142-9	The "Determine whether to force encrypted macros to be scanned in Microsoft PowerPoint Open XML presentations" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Determine whether to force encrypted macros to be scanned in Microsoft PowerPoint Open XML presentations (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1142	Table 1.82. Determine whether to force encrypted macros to be scanned in Microsoft PowerPoint Open XML presentations	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Determine whether to force encrypted macros to be scanned in Microsoft PowerPoint Open XML presentations	NaN	NaN	NaN
CCE-1649-3	The "Run Programs (disable (don't run any programs) \| enable (prompt user before running) \| enable all (run without prompting))" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Run Programs (disable (don't run any programs) \| enable (prompt user before running) \| enable all (run without prompting)) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1649	Table 1.206. Run Programs	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Run Programs (disable (don't run any programs) \| enable (prompt user before running) \| enable all (run without prompting))	NaN	NaN	NaN
CCE-1279-9	The "Make hidden markup visible" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Make hidden markup visible (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1279	Table 1.170. Make hidden markup visible	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Make hidden markup visible	NaN	NaN	NaN
CCE-1451-4	The "Unblock automatic download of linked images" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Unblock automatic download of linked images (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1451	Table 1.229. Unblock automatic download of linked images	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Unblock automatic download of linked images	NaN	NaN	NaN
CCE-1204-7	The "Disable all application add-ins" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Disable all application add-ins (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1204	Table 1.87. Disable all application add-ins	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Disable all application add-ins	NaN	NaN	NaN
CCE-1107-2	The "Require that application add-ins are signed by Trusted Publisher" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-1107	Table 1.200. Require that application add-ins are signed by Trusted Publisher	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher	NaN	NaN	NaN
CCE-743-5	The "Disable Trust Bar Notification for unsigned application add-ins" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security	NaN	CCE-743	Table 1.120. Disable Trust Bar Notification for unsigned application add-ins	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins	NaN	NaN	NaN
CCE-747-6	The "Allow Trusted Locations not on the computer" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations	NaN	CCE-747	Table 1.11. Allow Trusted Locations not on the computer	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer	NaN	NaN	NaN
CCE-782-3	The "Disable all trusted locations" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Trusted LocationsDisable all trusted locations (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations	NaN	CCE-782	Table 1.89. Disable all trusted locations	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\PowerPoint Options\Security\Trust Center\Trusted LocationsDisable all trusted locations	NaN	NaN	NaN
CCE-1327-6	The "Disable commands" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1327	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands	NaN	NaN	NaN
CCE-1723-6	The "Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Web Page Preview" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Web Page Preview (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1723	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Web Page Preview	NaN	NaN	NaN
CCE-1366-4	The "Disable commands - Office Button \| Send \| Email" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1366	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email	NaN	NaN	NaN
CCE-1679-0	The "Disable commands - Insert \| Links \| Hyperlink" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1679	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink	NaN	NaN	NaN
CCE-1173-4	The "Disable commands - Review \| Proofing \| Language" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Review \| Proofing \| Language (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1173	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Review \| Proofing \| Language	NaN	NaN	NaN
CCE-1714-5	The "Disable commands - View \| Macros \| Macros" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1714	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros	NaN	NaN	NaN
CCE-1485-2	The "Disable commands - Developer \| Code \| Macros" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1485	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros	NaN	NaN	NaN
CCE-1687-3	The "Disable commands - Developer \| Code \| Macro Security" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1687	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security	NaN	NaN	NaN
CCE-1709-5	The "Disable commands - Developer \| Code \| Visual Basic" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1709	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic	NaN	NaN	NaN
CCE-1463-9	The "Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Document Location" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Document Location (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1463	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| PowerPoint Options \| Customize \| All Commands \| Document Location	NaN	NaN	NaN
CCE-1467-0	The "Disable commands - Disable shortcut keys" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Disable shortcut keys (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledShortcutKeysCheckBoxes	NaN	CCE-1467	Table 1.94. Disable commands, Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Disable shortcut keys	NaN	NaN	NaN
CCE-1740-0	The "Disable commands - Ctrl+K (Insert \| Links \| Hyperlink)" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Ctrl+K (Insert \| Links \| Hyperlink) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledShortcutKeysCheckBoxes	NaN	CCE-1740	Table 1.94. Disable commands, Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Ctrl+K (Insert \| Links \| Hyperlink)	NaN	NaN	NaN
CCE-1780-6	The "Disable commands - Alt+F8 (Developer \| Code \| Macros)" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Alt+F8 (Developer \| Code \| Macros) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledShortcutKeysCheckBoxes	NaN	CCE-1780	Table 1.94. Disable commands, Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Alt+F8 (Developer \| Code \| Macros)	NaN	NaN	NaN
CCE-1661-8	The "Disable commands - Alt+F11 (Developer \| Code \| Visual Basic)" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Alt+F11 (Developer \| Code \| Visual Basic) (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\DisabledShortcutKeysCheckBoxes	NaN	CCE-1661	Table 1.94. Disable commands, Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Disable items in user interface\Predefined\Disable commands - Alt+F11 (Developer \| Code \| Visual Basic)	NaN	NaN	NaN
CCE-1688-1	The "Block opening of pre-release versions of file formats new to PowerPoint 2007" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to PowerPoint 2007 (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1688	Table 1.41. Block opening of pre-release versions of file formats new to PowerPoint 2007	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to PowerPoint 2007	NaN	NaN	NaN
CCE-1701-2	The "Block opening of Open Xml files types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Open Xml files types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1701	Table 1.38. Block opening of Open XML file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Open Xml files types	NaN	NaN	NaN
CCE-1348-2	The "Block opening of Binary file types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Binary file types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1348	Table 1.30. Block opening of Binary file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Binary file types	NaN	NaN	NaN
CCE-1644-4	The "Block opening of Html file types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Html file types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1644	Table 1.36. Block opening of HTML file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Html file types	NaN	NaN	NaN
CCE-1194-0	The "Block opening of Outlines" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Outlines (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1194	Table 1.39. Block opening of Outlines	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Outlines	NaN	NaN	NaN
CCE-1216-1	The "Block opening of Converters" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Converters (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock	NaN	CCE-1216	Table 1.31. Block opening of Converters	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Open\Block opening of Converters	NaN	NaN	NaN
CCE-1506-5	The "Block saving of Open Xml file types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Open Xml file types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock	NaN	CCE-1506	Table 1.57. Block saving of Open Xml file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Open Xml file types	NaN	NaN	NaN
CCE-1136-1	The "Block saving of Binary file types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Binary file types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock	NaN	CCE-1136	Table 1.51. Block saving of Binary file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Binary file types	NaN	NaN	NaN
CCE-1766-5	The "Block saving of Html file types" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Html file types (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock	NaN	CCE-1766	Table 1.56. Block saving of HTML file types	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Html file types	NaN	NaN	NaN
CCE-1180-9	The "Block saving of Outlines" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Outlines (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock	NaN	CCE-1180	Table 1.58. Block saving of Outlines	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of Outlines	NaN	NaN	NaN
CCE-1722-8	The "Block saving of GraphicFilters" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of GraphicFilters (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock	NaN	CCE-1722	Table 1.54. Block saving of GraphicFilters	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Save\Block saving of GraphicFilters	NaN	NaN	NaN
CCE-1731-9	The "Disable Slide Update" setting should be configured correctly for PowerPoint 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Miscellaneous\Disable Slide Update (2) Software\Policies\Microsoft\Office\12.0\PowerPoint\slide libraries	NaN	CCE-1731	Table 1.115. Disable Slide Update	User Configuration\Administrative Templates\Microsoft Office PowerPoint 2007\Block file formats\Miscellaneous\Disable Slide Update	NaN	NaN	NaN
CCE-885-4	The "Hidden text" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Display\Hidden text (2) Software\Policies\Microsoft\Office\12.0\Word\Options\vpref	NaN	CCE-885	Table 1.157. Hidden text	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Display\Hidden text	NaN	NaN	NaN
CCE-1656-8	The "Save files in this format (Word document (.docx) \| Single Files Web Page (.mht) \| Web Page (.htm; .html) \| Web Page, Filtered (.htm, .html) \| Rich Text Format (.rtf) \| Plain Text (.txt) \| Word 6.0/95 (.doc) \| Word 6.0/95 - Chinese (Simplified) (.doc) \| Word 6.0/95 - Chinese (Traditional) (.doc) \| Word 6.0/95 - Japanese (.doc) \| Word 6.0/95 - Korean (.doc) \| Word 97-2002 & 6.0/95 - RTF \| Word 5.1 for Macintosh (.mcw) \| Word 5.0 for Macintosh (.mcw) \| Word 2.x for Windows (.doc) \| Works 4.0 for Windows (.wps) \| WordPerfect 5.x for Windows (.doc) \| WordPerfect 5.1 for DOS (.doc) \| Word 2007 Macro Enabled Document (.docm) \| Word 2007 Macro Free Template (.dotx) \| Word 2007 Macro Enabled Template (.dotm) \| Word 97 - 2003 Document (.doc) \| Word 97 - 2003 Template (.dot) \| Flat XML Document (*.xml))" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Save\Save files in this format (Word document (.docx) \| Single Files Web Page (.mht) \| Web Page (.htm; .html) \| Web Page, Filtered (.htm, .html) \| Rich Text Format (.rtf) \| Plain Text (.txt) \| Word 6.0/95 (.doc) \| Word 6.0/95 - Chinese (Simplified) (.doc) \| Word 6.0/95 - Chinese (Traditional) (.doc) \| Word 6.0/95 - Japanese (.doc) \| Word 6.0/95 - Korean (.doc) \| Word 97-2002 & 6.0/95 - RTF \| Word 5.1 for Macintosh (.mcw) \| Word 5.0 for Macintosh (.mcw) \| Word 2.x for Windows (.doc) \| Works 4.0 for Windows (.wps) \| WordPerfect 5.x for Windows (.doc) \| WordPerfect 5.1 for DOS (.doc) \| Word 2007 Macro Enabled Document (.docm) \| Word 2007 Macro Free Template (.dotx) \| Word 2007 Macro Enabled Template (.dotm) \| Word 97 - 2003 Document (.doc) \| Word 97 - 2003 Template (.dot) \| Flat XML Document (*.xml)) (2) Software\Policies\Microsoft\Office\12.0\Word\Options	NaN	CCE-1656	Table 1.212. Save files in this format	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Save\Save files in this format (Word document (.docx) \| Single Files Web Page (.mht) \| Web Page (.htm; .html) \| Web Page, Filtered (.htm, .html) \| Rich Text Format (.rtf) \| Plain Text (.txt) \| Word 6.0/95 (.doc) \| Word 6.0/95 - Chinese (Simplified) (.doc) \| Word 6.0/95 - Chinese (Traditional) (.doc) \| Word 6.0/95 - Japanese (.doc) \| Word 6.0/95 - Korean (.doc) \| Word 97-2002 & 6.0/95 - RTF \| Word 5.1 for Macintosh (.mcw) \| Word 5.0 for Macintosh (.mcw) \| Word 2.x for Windows (.doc) \| Works 4.0 for Windows (.wps) \| WordPerfect 5.x for Windows (.doc) \| WordPerfect 5.1 for DOS (.doc) \| Word 2007 Macro Enabled Document (.docm) \| Word 2007 Macro Free Template (.dotx) \| Word 2007 Macro Enabled Template (.dotm) \| Word 97 - 2003 Document (.doc) \| Word 97 - 2003 Template (.dot) \| Flat XML Document (*.xml))	NaN	NaN	NaN
CCE-1537-0	The "Number of documents in the Recent Documents list (0-50)" setting should be configured correctly for Word 2007.	enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\Number of documents in the Recent Documents list (0-50) (2) Software\Policies\Microsoft\Office\12.0\Word\File MRU	NaN	CCE-1537	NaN	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\Number of documents in the Recent Documents list (0-50)	NaN	NaN	NaN
CCE-1249-2	The "Update automatic links at Open" setting should be configured correctly for Word 2007.	enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\Update automatic links at Open (2) Software\Policies\Microsoft\Office\12.0\Word\Options	NaN	CCE-1249	Table 1.231. Update automatic links at Open	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\Update automatic links at Open	NaN	NaN	NaN
CCE-1509-9	The "Save smart tags in e-mail" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\E-mail Options\Save smart tags in e-mail (2) Software\Policies\Microsoft\Office\12.0\Word\Options\vpref	NaN	CCE-1509	NaN	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Advanced\E-mail Options\Save smart tags in e-mail	NaN	NaN	NaN
CCE-1280-7	The "Determine whether to force encrypted macros to be scanned in Microsoft Word Open XML documents" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Determine whether to force encrypted macros to be scanned in Microsoft Word Open XML documents (2) Software\Policies\Microsoft\Office\12.0\Word\Security	NaN	CCE-1280	Table 1.83. Determine whether to force encrypted macros to be scanned in Microsoft Word Open XML documents	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Determine whether to force encrypted macros to be scanned in Microsoft Word Open XML documents	NaN	NaN	NaN
CCE-1681-6	The "Disable all application add-ins" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Disable all application add-ins (2) Software\Policies\Microsoft\Office\12.0\Word\Security	NaN	CCE-1681	Table 1.87. Disable all application add-ins	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Disable all application add-ins	NaN	NaN	NaN
CCE-1562-8	The "Require that application add-ins are signed by Trusted Publisher" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher (2) Software\Policies\Microsoft\Office\12.0\Word\Security	NaN	CCE-1562	Table 1.200. Require that application add-ins are signed by Trusted Publisher	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Require that application add-ins are signed by Trusted Publisher	NaN	NaN	NaN
CCE-1333-4	The "Disable Trust Bar Notification for unsigned application add-ins" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins (2) Software\Policies\Microsoft\Office\12.0\Word\Security	NaN	CCE-1333	Table 1.120. Disable Trust Bar Notification for unsigned application add-ins	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Disable Trust Bar Notification for unsigned application add-ins	NaN	NaN	NaN
CCE-1355-7	The "Allow Trusted Locations not on the computer" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer (2) Software\Policies\Microsoft\Office\12.0\Word\Security\Trusted Locations	NaN	CCE-1355	Table 1.11. Allow Trusted Locations not on the computer	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Trusted LocationsAllow Trusted Locations not on the computer	NaN	NaN	NaN
CCE-1637-8	The "Disable all trusted locations" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Trusted LocationsDisable all trusted locations (2) Software\Policies\Microsoft\Office\12.0\Word\Security\Trusted Locations	NaN	CCE-1637	Table 1.89. Disable all trusted locations	User Configuration\Administrative Templates\Microsoft Office Word 2007\Word Options\Security\Trust Center\Trusted LocationsDisable all trusted locations	NaN	NaN	NaN
CCE-1659-2	The "Disable commands" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1659	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands	NaN	NaN	NaN
CCE-1329-2	The "Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Save As Web Page" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Save As Web Page (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1329	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Save As Web Page	NaN	NaN	NaN
CCE-1632-9	The "Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Web Page Preview" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Web Page Preview (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1632	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Word Options \| Customize \| All Commands \| Web Page Preview	NaN	NaN	NaN
CCE-1425-8	The "Disable commands - Office Button \| Send \| Email" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1425	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Office Button \| Send \| Email	NaN	NaN	NaN
CCE-1196-5	The "Disable commands - Insert \| Links \| Hyperlink" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1196	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Insert \| Links \| Hyperlink	NaN	NaN	NaN
CCE-936-5	The "Disable commands - Review \| Protect \| Protect Document" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Review \| Protect \| Protect Document (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-936	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Review \| Protect \| Protect Document	NaN	NaN	NaN
CCE-1354-0	The "Disable commands - View \| Macros \| Macros" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1354	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - View \| Macros \| Macros	NaN	NaN	NaN
CCE-1125-4	The "Disable commands - Developer \| Code \| Macros" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1125	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macros	NaN	NaN	NaN
CCE-1742-6	The "Disable commands - Developer \| Code \| Record Macro" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Record Macro (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1742	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Record Macro	NaN	NaN	NaN
CCE-1782-2	The "Disable commands - Developer \| Code \| Macro Security" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1782	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Macro Security	NaN	NaN	NaN
CCE-1306-0	The "Disable commands - Developer \| Code \| Visual Basic" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1306	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Code \| Visual Basic	NaN	NaN	NaN
CCE-1548-7	The "Disable commands - Developer \| Templates \| Document Template" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Templates \| Document Template (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledCmdBarItemsCheckBoxes	NaN	CCE-1548	Table 1.94. Disable commands	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable commands - Developer \| Templates \| Document Template	NaN	NaN	NaN
CCE-1716-0	The "Disable shortcut keys" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledShortcutKeysCheckBoxes	NaN	CCE-1716	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys	NaN	NaN	NaN
CCE-1597-4	The "Disable shortcut keys - Ctrl+F (Home \| Editing \| Find)" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+F (Home \| Editing \| Find) (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledShortcutKeysCheckBoxes	NaN	CCE-1597	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+F (Home \| Editing \| Find)	NaN	NaN	NaN
CCE-1689-9	The "Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink)" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink) (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledShortcutKeysCheckBoxes	NaN	CCE-1689	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Ctrl+K (Insert \| Links \| Hyperlink)	NaN	NaN	NaN
CCE-1570-1	The "Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros)" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros) (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledShortcutKeysCheckBoxes	NaN	CCE-1570	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F8 (Developer \| Code \| Macros)	NaN	NaN	NaN
CCE-1720-2	The "Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic)" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic) (2) Software\Policies\Microsoft\Office\12.0\Word\DisabledShortcutKeysCheckBoxes	NaN	CCE-1720	Table 1.114. Disable shortcut keys	User Configuration\Administrative Templates\Microsoft Office Word 2007\Disable items in user interface\Predefined\Disable shortcut keys - Alt+F11 (Developer \| Code \| Visual Basic)	NaN	NaN	NaN
CCE-1746-7	The "Block opening of pre-release versions of file formats new to Word 2007" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to Word 2007 (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1746	Table 1.43. Block opening of pre-release versions of file formats new to Word 2007	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of pre-release versions of file formats new to Word 2007	NaN	NaN	NaN
CCE-1504-0	The "Block opening of Open XML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Open XML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1504	Table 1.38. Block opening of Open XML file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Open XML file types	NaN	NaN	NaN
CCE-1654-3	The "Block opening of Binary file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Binary file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1654	Table 1.30. Block opening of Binary file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Binary file types	NaN	NaN	NaN
CCE-1160-1	The "Block opening of HTML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of HTML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1160	Table 1.36. Block opening of HTML file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of HTML file types	NaN	NaN	NaN
CCE-958-9	The "Block opening of Word 2003 XML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Word 2003 XML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-958	Table 1.47. Block opening of Word 2003 XML file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Word 2003 XML file types	NaN	NaN	NaN
CCE-1579-2	The "Block opening of RTF file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of RTF file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1579	Table 1.45. Block opening of RTF file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of RTF file types	NaN	NaN	NaN
CCE-984-5	The "Block open Converters" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block open Converters (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-984	Table 1.28. Block open Converters	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block open Converters	NaN	NaN	NaN
CCE-1072-8	The "Block opening of Text file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Text file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1072	Table 1.46. Block opening of Text file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Text file types	NaN	NaN	NaN
CCE-1503-2	The "Block opening of Internal file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Internal file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1503	Table 1.37. Block opening of Internal file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of Internal file types	NaN	NaN	NaN
CCE-1371-4	The "Block opening of files before version" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of files before version (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileOpenBlock	NaN	CCE-1371	Table 1.33. Block opening of files before version	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Open\Block opening of files before version	NaN	NaN	NaN
CCE-1019-9	The "Block saving of Open XML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Open XML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1019	Table 1.57. Block saving of Open Xml file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Open XML file types	NaN	NaN	NaN
CCE-1684-0	The "Block saving of Binary file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Binary file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1684	Table 1.51. Block saving of Binary file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Binary file types	NaN	NaN	NaN
CCE-1675-8	The "Block saving of HTML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of HTML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1675	Table 1.56. Block saving of HTML file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of HTML file types	NaN	NaN	NaN
CCE-1200-5	The "Block saving of Word 2003 XML file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Word 2003 XML file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1200	Table 1.61. Block saving of Word 2003 XML file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Word 2003 XML file types	NaN	NaN	NaN
CCE-1741-8	The "Block saving of RTF file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of RTF file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1741	Table 1.59. Block saving of RTF file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of RTF file types	NaN	NaN	NaN
CCE-1231-0	The "Block saving of Converters" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Converters (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1231	Table 1.53. Block saving of Converters	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Converters	NaN	NaN	NaN
CCE-1755-8	The "Block saving of Text file types" setting should be configured correctly for Word 2007.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Text file types (2) Software\Policies\Microsoft\Office\12.0\Word\Security\FileSaveBlock	NaN	CCE-1755	Table 1.60. Block saving of Text file types	User Configuration\Administrative Templates\Microsoft Office Word 2007\Block file formats\Save\Block saving of Text file types	NaN	NaN	NaN
NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN
CCE-1169-2	The InfoPath APTCA Assembly Whitelist setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\InfoPath APTCA Assembly Whitelist (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security\APTCA	NaN	CCE-1169	Table 2.6. InfoPath APTCA Assembly allowable list	Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\InfoPath APTCA Assembly Whitelist	NaN	NaN	NaN
CCE-1735-0	The Windows Internet Explorer Feature Control Opt-In (None \| InfoPath.exe, Document Information Panel and Workflow forms \| InfoPath.exe, Document Information Panel, Workflow forms and 3rd Party Hosting) setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\Windows Internet Explorer Feature Control Opt-In (None \| InfoPath.exe, Document Information Panel and Workflow forms \| InfoPath.exe, Document Information Panel, Workflow forms and 3rd Party Hosting) (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1735	NaN	Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\Windows Internet Explorer Feature Control Opt-In (None \| InfoPath.exe, Document Information Panel and Workflow forms \| InfoPath.exe, Document Information Panel, Workflow forms and 3rd Party Hosting)	NaN	NaN	NaN
CCE-1739-2	The InfoPath APTCA Assembly Whitelist Enforcement setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\InfoPath APTCA Assembly Whitelist Enforcement (2) Software\Policies\Microsoft\Office\12.0\InfoPath\Security	NaN	CCE-1739	Table 2.7. InfoPath APTCA Assembly Allowable List Enforcement	Computer Configuration\Administrative Templates\Microsoft Office InfoPath 2007 (Machine)\Security\InfoPath APTCA Assembly Whitelist Enforcement	NaN	NaN	NaN
CCE-933-2	The Disable Package Repair setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\Disable Package Repair (2) Software\Policies\Microsoft\Office\12.0\Common\OpenXMLFormat	NaN	CCE-933	Table 2.3. Disable Package Repair	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\Disable Package Repair	NaN	NaN	NaN
CCE-1563-6	The Disable user name and password setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1563	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password	NaN	NaN	NaN
CCE-1215-3	The Disable user name and password - excel.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - excel.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1215	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - excel.exe	NaN	NaN	STIG ID: DTOO104 - Excel Rule ID: SV-18567r3_rule Vuln ID: V-17173: Disable user name and password syntax from being used in URLs.
CCE-1484-5	The Disable user name and password - powerpnt.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - powerpnt.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1484	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - powerpnt.exe	NaN	NaN	STIG ID: DTOO104 - PowerPoint Rule ID: SV-18179r3_rule Vuln ID: V-17173: Disable user name and password syntax from being used in URLs.
CCE-1629-5	The Disable user name and password - pptview.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - pptview.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1629	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - pptview.exe	NaN	NaN	STIG ID: DTOO104 - PowerPoint Rule ID: SV-18179r3_rule Vuln ID: V-17173: Disable user name and password syntax from being used in URLs.
CCE-1762-4	The Disable user name and password - winword.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - winword.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1762	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - winword.exe	NaN	NaN	STIG ID: DTOO104 - Word Rule ID: SV-18180r3_rule Vuln ID: V-17173: Disable user name and password for Word.
CCE-1660-0	The Disable user name and password - outlook.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - outlook.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1660	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - outlook.exe	NaN	NaN	STIG ID: DTOO104 - Outlook Rule ID: SV-18181r3_rule Vuln ID: V-17173 Disable user name and password syntax from being used in URLs
CCE-1057-9	The Disable user name and password - spDesign.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - spDesign.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1057	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - spDesign.exe	NaN	NaN	STIG ID: DTOO104 - InfoPath Rule ID: SV-18182r3_rule Vuln ID: V-17173 Disable user name and password syntax from being used in URLs
CCE-1285-6	The Disable user name and password - msaccess.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - msaccess.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE	NaN	CCE-1285	Table 2.4. Disable user name and password	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Disable user name and password - msaccess.exe	NaN	NaN	STIG ID: DTOO104 - Access Rule ID: SV-19429r3_rule Vuln ID: V-17173: Disable user name and password syntax from being used in URLs
CCE-1669-1	The Bind to object setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1669	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object	NaN	NaN	NaN
CCE-1691-5	The Bind to object - excel.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - excel.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1691	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - excel.exe	NaN	NaN	STIG ID: DTOO111 - Excel Rule ID: SV-18185r3_rule Vuln ID: V-17174: Bind to Object - Excel
CCE-1338-3	The Bind to object - powerpnt.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - powerpnt.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1338	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - powerpnt.exe	NaN	NaN	STIG ID: DTOO111 - PowerPoint Rule ID: SV-18186r3_rule Vuln ID: V-17174: Enable IE Bind to Object functionality for instances of IE launched from PowerPoint.
CCE-1717-8	The Bind to object - pptview.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - pptview.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1717	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - pptview.exe	NaN	NaN	STIG ID: DTOO111 - PowerPoint Rule ID: SV-18186r3_rule Vuln ID: V-17174: Enable IE Bind to Object functionality for instances of IE launched from PowerPoint.
CCE-1488-6	The Bind to object - winword.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - winword.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1488	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - winword.exe	NaN	NaN	STIG ID: DTOO111 - Word Rule ID: SV-18187r3_rule Vuln ID: V-17174: Enable IE Bind to Object functionality for instances of IE launched from Word.
CCE-1638-6	The Bind to object - outlook.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - outlook.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1638	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - outlook.exe	NaN	NaN	STIG ID: DTOO111 - Outlook Rule ID: SV-18188r3_rule Vuln ID: V-17174: Enable IE Bind to Object functionality for instances of IE launched from Outlook
CCE-1647-7	The Bind to object - spDesign.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - spDesign.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1647	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - spDesign.exe	NaN	NaN	STIG ID: DTOO111 - InfoPath Rule ID: SV-18189r3_rule Vuln ID: V-17174: Enable IE Bind to Object functionality for instances of IE launched from InfoPath.
CCE-1294-8	The Bind to object - msaccess.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - msaccess.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT	NaN	CCE-1294	Table 2.1. Bind to object	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Bind to object - msaccess.exe	NaN	NaN	STIG ID: DTOO111 - Access Rule ID: SV-18190r3_rule Vuln ID: V-17174: Bind to Object - Access
CCE-1193-2	The Saved from URL setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1193	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL	NaN	NaN	NaN
CCE-1352-4	The Saved from URL - excel.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - excel.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1352	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - excel.exe	NaN	NaN	STIG ID: DTOO117 - Excel Rule ID: SV-18200r3_rule Vuln ID: V-17175: Evaluate Saved from URL mark when launched from Excel
CCE-928-2	The Saved from URL - powerpnt.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - powerpnt.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-928	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - powerpnt.exe	NaN	NaN	STIG ID: DTOO117 - PowerPoint Rule ID: SV-18201r3_rule Vuln ID: V-17175: Evaluate Saved from URL mark when launched from PowerPoint
CCE-1576-8	The Saved from URL - pptview.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - pptview.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1576	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - pptview.exe	NaN	NaN	STIG ID: DTOO117 - PowerPoint Rule ID: SV-18201r3_rule Vuln ID: V-17175: Evaluate Saved from URL mark when launched from PowerPoint
CCE-1100-7	The Saved from URL - word.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - winword.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1100	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - winword.exe	NaN	NaN	STIG ID: DTOO117 - Word Rule ID: SV-18202r3_rule Vuln ID: V-17175: Saved from URL - Word
CCE-1232-8	The Saved from URL - outlook.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - outlook.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1232	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - outlook.exe	NaN	NaN	STIG ID: DTOO117 - Outlook Rule ID: SV-18203r3_rule Vuln ID: V-17175: Evaluate Saved from URL mark when launched from OutLook
CCE-1774-9	The Saved from URL - spDesign.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - spDesign.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-1774	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - spDesign.exe	NaN	NaN	STIG ID: DTOO117 - InfoPath Rule ID: SV-18204r3_rule Vuln ID: V-17175: Evaluate Saved from URL mark when launched from InfoPath.
CCE-906-8	The Saved from URL - msaccess.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - msaccess.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK	NaN	CCE-906	Table 2.9. Saved from URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Saved from URL - msaccess.exe	NaN	NaN	STIG ID: DTOO117 - Access Rule ID: SV-18205r3_rule Vuln ID: V-17175: Saved from URL - Access
CCE-1034-8	The Navigate URL setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1034	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL	NaN	NaN	NaN
CCE-1435-7	The Navigate URL - excel.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - excel.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1435	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - excel.exe	NaN	NaN	STIG ID: DTOO123 - Excel Rule ID: SV-18207r3_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1708-7	The Navigate URL - powerpnt.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - powerpnt.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1708	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - powerpnt.exe	NaN	NaN	STIG ID: DTOO123 - PowerPoint Rule ID: SV-18208r3_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-808-6	The Navigate URL - pptview.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - pptview.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-808	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - pptview.exe	NaN	NaN	STIG ID: DTOO123 - PowerPoint Rule ID: SV-18208r3_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1650-1	The Navigate URL - winword.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - winword.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1650	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - winword.exe	NaN	NaN	STIG ID: DTOO123 - Word Rule ID: SV-18604r3_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1223-7	The Navigate URL - outlook.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - outlook.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1223	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - outlook.exe	NaN	NaN	STIG ID: DTOO123 - Outlook Rule ID: SV-18602r4_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1764-0	The Navigate URL - spDesign.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - spDesign.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1764	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - spDesign.exe	NaN	NaN	STIG ID: DTOO123 - InfoPath Rule ID: SV-18601r3_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1769-9	The Navigate URL - msaccess.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - msaccess.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL	NaN	CCE-1769	Table 2.8. Navigate URL	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Navigate URL - msaccess.exe	NaN	NaN	STIG ID: DTOO123 - Access Rule ID: SV-18603r4_rule Vuln ID: V-17183: Block navigation to URL embedded in Office products to protect against attack by malformed URL.
CCE-1152-8	The Block popups setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1152	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups	NaN	NaN	NaN
CCE-1566-9	The Block popups - excel.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - excel.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1566	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - excel.exe	NaN	NaN	STIG ID: DTOO129 - Excel Rule ID: SV-18210r3_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within Excel
CCE-1077-7	The Block popups - powerpnt.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - powerpnt.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1077	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - powerpnt.exe	NaN	NaN	STIG ID: DTOO129 - PowerPoint Rule ID: SV-18211r3_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within PowerPoint.
CCE-1606-3	The Block popups - pptview.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - pptview.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1606	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - pptview.exe	NaN	NaN	STIG ID: DTOO129 - PowerPoint Rule ID: SV-18211r3_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within PowerPoint.
CCE-1738-4	The Block popups - winword.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - winword.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1738	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - winword.exe	NaN	NaN	STIG ID: DTOO129 - Word Rule ID: SV-18212r4_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within Word.
CCE-1262-5	The Block popups - outlook.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - outlook.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1262	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - outlook.exe	NaN	NaN	STIG ID: DTOO129 - Outlook Rule ID: SV-18213r3_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within Outlook.
CCE-1663-4	The Block popups - spDesign.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - spDesign.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1663	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - spDesign.exe	NaN	NaN	STIG ID: DTOO129 - InfoPath Rule ID: SV-18214r3_rule Vuln ID: V-17184: Block pop-ups for links that invoke instances of IE from within InfoPath.
CCE-1544-6	The Block popups - msaccess.exe setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - msaccess.exe (2) Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT	NaN	CCE-1544	Table 2.2. Block popups	Computer Configuration\Administrative Templates\Microsoft Office 2007 system (Machine)\Security Settings\IE Security\Block popups - msaccess.exe	NaN	NaN	STIG ID: DTOO129 - Access Rule ID: SV-18215r3_rule Vuln ID: V-17184: No pop-ups - Access
NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN	NaN
CCE-1443-1	The "Prevent users from customizing attachment security settings" setting should be configured correctly.	(1) 1 = Enabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2007\Security\Prevent users from customizing attachment security settings (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook - DisallowAttachmentCustomization	NaN	CCE-1443	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Prevent users from customizing attachment security settings	NaN	NaN	NaN
CCE-1161-9	The "Access: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Access: Macro Security Leve (2) HKLM\Software\Policies\Microsoft\Office\11.0\Access\Security - Level (3) User Configuration\Administrative Templates\Microsoft Office Access 2003\Tools\Macros\Security\Security level (4) HKCU\Software\Policies\Microsoft\Office\11.0\Access\Security - Level	NaN	CCE-1161	NaN	NaN	NaN	NaN	NaN
CCE-1421-7	The "Access: Trust all installed add – ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Access: Trust all installed add – ins and templates (2) HKLM\Software\Policies\Microsoft\Office\11.0\Access\Security - DontTrustInstalledFiles (3) User Configuration\Administrative Templates\Microsoft Office Access 2003\Tools\Macros\Security\Trust all installed add-ins and templates (4) HKCU\Software\Policies\Microsoft\Office\11.0\Access\Security - DontTrustInstalledFiles	NaN	CCE-1421	NaN	NaN	NaN	NaN	NaN
CCE-1571-9	The "Excel: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Excel: Macro Security Level (2) HKLM\Software\Policies\Microsoft\Office\11.0\Excel\Security - Level (3) User Configuration\Administrative Templates\Microsoft Office Excel 2003\Tools\Macros\Security\Security level (4) HKCU\Software\Policies\Microsoft\Office\11.0\Excel\Security - Level	NaN	CCE-1571	NaN	NaN	NaN	NaN	NaN
CCE-1721-0	The "Excel: Trust all installed add – ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Excel: Trust all installed add – ins and templates (2) HKLM\Software\Policies\Microsoft\Office\11.0\Excel\Security - DontTrustInstalledFiles (3) User Configuration\Administrative Templates\Microsoft Office Excel 2003\Tools\Macros\Security\Trust all installed add-ins and templates (4) HKCU\Software\Policies\Microsoft\Office\11.0\Excel\Security - DontTrustInstalledFiles	NaN	CCE-1721	NaN	NaN	NaN	NaN	NaN
CCE-1602-2	The "Outlook: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Outlook: Macro Security Level (2) HKLM\Software\Policies\Microsoft\Office\11.0\Outlook\Security - Level (3) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Macros\Security\Security Level (4) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook - Security\Level	NaN	CCE-1602	NaN	NaN	NaN	NaN	NaN
CCE-1624-6	The "Outlook: Trust all installed add-ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Macros\Security\Outlook: Trust all installed add-ins and templates (2) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - DontTrustInstalledFiles	NaN	CCE-1624	NaN	NaN	NaN	NaN	NaN
CCE-1522-2	The "Outlook virus security settings" setting should be configured correctly.	(1) 0 = Uses default administrative settings \| 1 = Look in the Outlook Security Settings folder \| 2 = Look in the Outlook 10 Security Settings folder	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Outlook virus security settings (2) HKCU\Software\Policies\Microsoft\Security - CheckAdminSettings	NaN	CCE-1522	NaN	NaN	NaN	NaN	NaN
CCE-1183-3	The "S/MIME receipt requests" setting should be configured correctly.	(1) 0 = Open message if receipt can't be sent \| 1 = Always prompt before sending receipt \| 2 = Never send S/MIME receipts \| 3 = Don't open message if receipt can't be sent	(1) User Configuration\Administrative Templates\Microsoft Office Outlook 2003\Tools\Options\Security\Cryptography\S/MIME receipt requests (2) HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security - RespondToReceiptRequests	NaN	CCE-1183	NaN	NaN	NaN	NaN	NaN
CCE-1611-3	The "PowerPoint: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\PowerPoint: Macro Security Level (2) HKLM\Software\Policies\Microsoft\Office\11.0\PowerPoint\Security - Level (3) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2003\Tools\Macro\Security\Security Level (4) HKCU\Software\Policies\Microsoft\Office\11.0\PowerPoint - Security\Level	NaN	CCE-1611	NaN	NaN	NaN	NaN	NaN
CCE-1633-7	The "PowerPoint: Trust all installed add – ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\PowerPoint: Trust all installed add – ins and templates (2) HKLM\Software\Policies\Microsoft\Office\11.0\PowerPoint\Security - DontTrustInstalledFiles (3) User Configuration\Administrative Templates\Microsoft Office PowerPoint 2003\Tools\Macro\Security\Trust all installed add – ins and templates (4) HKCU\Software\Policies\Microsoft\Office\11.0\PowerPoint\Security - DontTrustInstalledFiles	NaN	CCE-1633	NaN	NaN	NaN	NaN	NaN
CCE-822-7	The "Publisher: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Publisher: Macro Security Level (2) HKLM\Software\Policies\Microsoft\Office\11.0\Publisher\Security - Level	NaN	CCE-822	NaN	NaN	NaN	NaN	NaN
CCE-1734-3	The "Publisher: Trust all installed add–ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Publisher: Trust all installed add–ins and templates (2) HKLM\Software\Policies\Microsoft\Office\11.0\Publisher\Security - DontTrustInstalledFiles	NaN	CCE-1734	NaN	NaN	NaN	NaN	NaN
CCE-1628-7	The "Word: Macro Security Level" setting should be configured correctly.	(1) 1 = Enabled - Low \| 2 = Enabled - Medium \| 3 = Enabled - High	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Word: Macro Security Level (2) HKLM\Software\Policies\Microsoft\Office\11.0\Word\Security - Level (3) User Configuration\Administrative Templates\Microsoft Office Word 2003\Tools\Macro\Security\Security Level (4) HKCU\Software\Policies\Microsoft\Office\11.0\Word - Security\Level	NaN	CCE-1628	NaN	NaN	NaN	NaN	NaN
CCE-1761-6	The "Word: Trust all installed add–ins and templates" setting should be configured correctly.	(1) enabled/disabled	(1) Computer Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Word: Trust all installed add–ins and templates (2) HKLM\Software\Policies\Microsoft\Office\11.0\Word\Security - DontTrustInstalledFiles (3) User Configuration\Administrative Templates\Microsoft Office Word 2003\Tools\Macro\Security\Trust all installed add – ins and templates (4) HKCU\Software\Policies\Microsoft\Office\11.0\Word\Security - DontTrustInstalledFiles	NaN	CCE-1761	NaN	NaN	NaN	NaN	NaN
CCE-1302-9	The "Store random number to improve merge accuracy" setting should be configured correctly.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office Word 2003\Tools\Options\Security\Store random number to improve merge accuracy (2) HKCU\Software\Policies\Microsoft\Office\11.0\Word\Options\vpref - fDontSaveRSID_1804_1	NaN	CCE-1302	NaN	NaN	NaN	NaN	NaN
CCE-1307-8	The "Prevent Users from Changing Office Encryption Settings" setting should be configured correctly.	(1) enabled/disabled	(1) User Configuration\Administrative Templates\Microsoft Office 2003\Security Settings\Prevent Users from Changing Office Encryption Settings (2) HKCU\Software\Policies\Microsoft\Office\11.0\Common\Security - DisableCustomEncryption	NaN	CCE-1307	NaN	NaN	NaN	NaN	NaN
CCE-4277-0	The "Disable Update Diagnostics" setting should be configured correctly.	(1) 0 = Disabled \| 1 = Enabled	(1)Computer Configuration\Administrative Templates\Classic Administrative Templates (ADM)\Microsoft Office 2007 system\Office Diagnostics\Disable Update Diagnostics (2) HKLM\Software\Policies\Microsoft\Office\Common\OffDiag\DisableOffDiagnostics	NaN	NaN	NaN	Computer Configuration\Administrative Templates\Classic Administrative Templates (ADM)\Microsoft Office 2007 system\Office Diagnostics\Disable Update Diagnostics	NaN	NaN	NaN
CCE-4280-4	The "Allow Active X One Off Forms" setting should be configured correctly for Outlook 2007.	(1) 0 = Enabled (Load only Outlook Controls) \| 1 = Enabled (Allows only Safe Controls) \| 2 = Enabled (Allows all ActiveX Controls)	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Allow Active X One Off Forms (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\AllowActiveXOneOffForms	NaN	NaN	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Allow Active X One Off Forms	NaN	NaN	NaN
CCE-4283-8	The "Allow access to e-mail attachments" setting should be configured correctly for Outlook 2007.	(1) 0 = Disabled \| 1 = Enabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Allow access to e-mail attachments (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\Level1Add	NaN	NaN	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Allow access to e-mail attachments	NaN	NaN	NaN
CCE-5276-1	The "Do not automatically sign replies" setting should be configured correctly for Outlook 2007.	0 = Disabled \| 1 = Enabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Do not automatically sign replies (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\NoSignOnReply	NaN	NaN	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Do not automatically sign replies	NaN	NaN	NaN
CCE-4440-4	The "Prompt user to choose security settings if default settings fail" setting should be configured correctly for Outlook 2007.	(1) 0 = Disabled \| 1 = Enabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Prompt user to choose security settings if default settings fail (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\ForceDefaultProfile	NaN	NaN	NaN	User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Prompt user to choose security settings if default settings fail	NaN	NaN	NaN
CCE-19659-2	“Configure trusted add-ins” setting should be configured correctly for Outlook 2007.	Enabled \| Disabled	(1) User Configuration\Administrative Templates\Classic Administrative Templates\Microsoft Office Outlook 2007\Security\Security Form Settings\Programmatic Security\Trusted Add-ins (2) HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security\TrustedAddins	NaN	NaN	NaN	NaN	NaN	NaN	STIG ID: DTOO256 - Outlook Rule ID: SV-18689r2_rule Vuln ID: V-17575: Configure trusted add-ins behavior for eMail.