Initial Commit

2024-03-25 08:34:43 -05:00
commit 0226b293b5
137 changed files with 9448 additions and 0 deletions
--- a/Controls/Test-SafeAttachmentsTeams_2.1.5_E5L2_IG1_IG2_IG3.ps1
+++ b/Controls/Test-SafeAttachmentsTeams_2.1.5_E5L2_IG1_IG2_IG3.ps1
@@ -0,0 +1,56 @@
+function Test-SafeAttachmentsTeams_2.1.5_E5L2_IG1_IG2_IG3 {
+    [CmdletBinding()]
+    param (
+        # Parameters can be added if needed
+    )
+
+    begin {
+        . ".\source\Classes\CISAuditResult.ps1"
+        $auditResults = @()
+    }
+
+    process {
+        # Retrieve the ATP policies for Office 365 and check Safe Attachments settings
+        $atpPolicies = Get-AtpPolicyForO365
+
+        # Check if the required ATP policies are enabled
+        $atpPolicyResult = $atpPolicies | Where-Object {
+            $_.EnableATPForSPOTeamsODB -eq $true -and
+            $_.EnableSafeDocs -eq $true -and
+            $_.AllowSafeDocsOpen -eq $false
+        }
+
+        # Determine the result based on the ATP policy settings
+        $result = $null -ne $atpPolicyResult
+        $details = if ($result) {
+            "ATP for SharePoint, OneDrive, and Teams is enabled with correct settings."
+        } else {
+            "ATP for SharePoint, OneDrive, and Teams is not enabled with correct settings."
+        }
+        $failureReason = if ($result) { "N/A" } else { "ATP policy for SharePoint, OneDrive, and Microsoft Teams is not correctly configured." }
+
+        # Create an instance of CISAuditResult and populate it
+        $auditResult = [CISAuditResult]::new()
+        $auditResult.Status = if ($result) { "Pass" } else { "Fail" }
+        $auditResult.ELevel = "E5"
+        $auditResult.Profile = "L2"
+        $auditResult.Rec = "2.1.5"
+        $auditResult.RecDescription = "Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled"
+        $auditResult.CISControlVer = "v8"
+        $auditResult.CISControl = "9.7, 10.1"
+        $auditResult.CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections, Deploy and Maintain Anti-Malware Software"
+        $auditResult.IG1 = $true
+        $auditResult.IG2 = $true
+        $auditResult.IG3 = $true
+        $auditResult.Result = $result
+        $auditResult.Details = $details
+        $auditResult.FailureReason = $failureReason
+
+        $auditResults += $auditResult
+    }
+
+    end {
+        # Return auditResults
+        return $auditResults
+    }
+}