CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 4 of 4 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-223351	CAT II	MONT-WS-92040	Microsoft Office 365 ProPlus Security Te...	The junk email protection level must be set to No ...		Documented Pending Review
Check Text Note: If the Outlook client application is not used to access Office 365 email (i.e., email is only accessed via Outlook Web Access [OWA]), this is not applicable. Verify Outlook Junk E-mail protection is set to "No Automatic Filtering". In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Verify Junk E-mail protection is set to "No Automatic Filtering". If the system being inspected is not behind EEMSG, CBII, or O365 EOP, the Junk E-mail protection level must be set to "High". Otherwise, "Low" is acceptable. If Junk E-mail protection is not set to "No Automatic Filtering", this is a finding. If the system is not behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP and the Junk E-mail protection is not set to "High", this is a finding. If the system is behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP, and the Junk E-mail protection is not at least "Low", this is a finding. Fix Text In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Set the Junk E-mail protection level to "No Automatic Filtering". Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be OPEN on 10/23/2025 Username: MONTFORD-POINT\W.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1106 ResultHash: B559D6629C7F0F5A167B784C458B03694ECDC8F1 ~~~~~ 'Junk E-mail protection level' is NOT Configured Registry Path: HKCU:\software\policies\microsoft\office\16.0\outlook\options\mail Value Name: junkmailprotection (Not found) Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl Scan Date: 2026-01-14T12:57:25.987513 Technology Area: Windows Operating System
V-223351	CAT II	MONT-WS-92010	Microsoft Office 365 ProPlus Security Te...	The junk email protection level must be set to No ...		Documented Pending Review
Check Text Note: If the Outlook client application is not used to access Office 365 email (i.e., email is only accessed via Outlook Web Access [OWA]), this is not applicable. Verify Outlook Junk E-mail protection is set to "No Automatic Filtering". In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Verify Junk E-mail protection is set to "No Automatic Filtering". If the system being inspected is not behind EEMSG, CBII, or O365 EOP, the Junk E-mail protection level must be set to "High". Otherwise, "Low" is acceptable. If Junk E-mail protection is not set to "No Automatic Filtering", this is a finding. If the system is not behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP and the Junk E-mail protection is not set to "High", this is a finding. If the system is behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP, and the Junk E-mail protection is not at least "Low", this is a finding. Fix Text In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Set the Junk E-mail protection level to "No Automatic Filtering". Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be OPEN on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: B559D6629C7F0F5A167B784C458B03694ECDC8F1 ~~~~~ 'Junk E-mail protection level' is NOT Configured Registry Path: HKCU:\software\policies\microsoft\office\16.0\outlook\options\mail Value Name: junkmailprotection (Not found) Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl Scan Date: 2026-01-14T12:57:28.231385 Technology Area: Windows Operating System
V-223351	CAT II	MONT-SW-89108	Microsoft Office 365 ProPlus Security Te...	The junk email protection level must be set to No ...		Documented Pending Review
Check Text Note: If the Outlook client application is not used to access Office 365 email (i.e., email is only accessed via Outlook Web Access [OWA]), this is not applicable. Verify Outlook Junk E-mail protection is set to "No Automatic Filtering". In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Verify Junk E-mail protection is set to "No Automatic Filtering". If the system being inspected is not behind EEMSG, CBII, or O365 EOP, the Junk E-mail protection level must be set to "High". Otherwise, "Low" is acceptable. If Junk E-mail protection is not set to "No Automatic Filtering", this is a finding. If the system is not behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP and the Junk E-mail protection is not set to "High", this is a finding. If the system is behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP, and the Junk E-mail protection is not at least "Low", this is a finding. Fix Text In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Set the Junk E-mail protection level to "No Automatic Filtering". Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: Username: MONT-SW-89108\Scan.Admin UserSID: S-1-5-21-4163428051-2768110797-3591193048-1016 ResultHash: 4ECDFC11B01678DA255D83E3F9F6252837EE5E3B ~~~~~ 'Junk E-mail protection level' is Configured Registry Path: HKCU:\software\policies\microsoft\office\16.0\outlook\options\mail Value Name: junkmailprotection Value: 0x00000003 (3) Type: REG_DWORD Source: MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl Scan Date: 2026-03-04T15:25:16.145630 Technology Area: Windows Operating System
V-223351	CAT II	MONT-SW-89134	Microsoft Office 365 ProPlus Security Te...	The junk email protection level must be set to No ...		Documented Pending Review
Check Text Note: If the Outlook client application is not used to access Office 365 email (i.e., email is only accessed via Outlook Web Access [OWA]), this is not applicable. Verify Outlook Junk E-mail protection is set to "No Automatic Filtering". In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Verify Junk E-mail protection is set to "No Automatic Filtering". If the system being inspected is not behind EEMSG, CBII, or O365 EOP, the Junk E-mail protection level must be set to "High". Otherwise, "Low" is acceptable. If Junk E-mail protection is not set to "No Automatic Filtering", this is a finding. If the system is not behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP and the Junk E-mail protection is not set to "High", this is a finding. If the system is behind enterprise-level capabilities such as EEMSG, CBII, or O365 EOP, and the Junk E-mail protection is not at least "Low", this is a finding. Fix Text In Outlook, click Home tab >> Delete group >> Junk >> Junk E-mail Options. Set the Junk E-mail protection level to "No Automatic Filtering". Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: Username: MONT-SW-89134\dod_admin UserSID: S-1-5-21-4004422625-1934610219-1178763574-1001 ResultHash: 4ECDFC11B01678DA255D83E3F9F6252837EE5E3B ~~~~~ 'Junk E-mail protection level' is Configured Registry Path: HKCU:\software\policies\microsoft\office\16.0\outlook\options\mail Value Name: junkmailprotection Value: 0x00000003 (3) Type: REG_DWORD Source: MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl Scan Date: 2026-03-04T15:25:42.171357 Technology Area: Windows Operating System

CUI