fix: 8.6.1 test logic and output
This commit is contained in:
DrIOS
@@ -284,7 +284,7 @@ function Get-CISExoOutput {
|
|||||||
# Retrieve the necessary settings for Teams and Exchange Online
|
# Retrieve the necessary settings for Teams and Exchange Online
|
||||||
# Condition B: Verify that 'Monitor reported messages in Microsoft Teams' is checked in the Microsoft 365 Defender portal.
|
# Condition B: Verify that 'Monitor reported messages in Microsoft Teams' is checked in the Microsoft 365 Defender portal.
|
||||||
# Condition C: Ensure the 'Send reported messages to' setting in the Microsoft 365 Defender portal is set to 'My reporting mailbox only' with the correct report email addresses.
|
# Condition C: Ensure the 'Send reported messages to' setting in the Microsoft 365 Defender portal is set to 'My reporting mailbox only' with the correct report email addresses.
|
||||||
$ReportSubmissionPolicy = Get-ReportSubmissionPolicy | Select-Object -Property ReportJunkToCustomizedAddress, ReportNotJunkToCustomizedAddress, ReportPhishToCustomizedAddress, ReportChatMessageToCustomizedAddressEnabled
|
$ReportSubmissionPolicy = Get-ReportSubmissionPolicy | Select-Object -Property ReportJunkToCustomizedAddress, ReportNotJunkToCustomizedAddress, ReportPhishToCustomizedAddress,ReportJunkAddresses,ReportNotJunkAddresses,ReportPhishAddresses,ReportChatMessageEnabled,ReportChatMessageToCustomizedAddressEnabled
|
||||||
return $ReportSubmissionPolicy
|
return $ReportSubmissionPolicy
|
||||||
}
|
}
|
||||||
default { throw "No match found for test: $Rec" }
|
default { throw "No match found for test: $Rec" }
|
||||||
|
|||||||
@@ -30,21 +30,51 @@ function Test-ReportSecurityInTeams {
|
|||||||
$ReportSubmissionPolicy.ReportJunkToCustomizedAddress -and
|
$ReportSubmissionPolicy.ReportJunkToCustomizedAddress -and
|
||||||
$ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress -and
|
$ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress -and
|
||||||
$ReportSubmissionPolicy.ReportPhishToCustomizedAddress -and
|
$ReportSubmissionPolicy.ReportPhishToCustomizedAddress -and
|
||||||
$ReportSubmissionPolicy.ReportChatMessageToCustomizedAddressEnabled
|
$null -ne $ReportSubmissionPolicy.ReportJunkAddresses -and
|
||||||
|
$null -ne $ReportSubmissionPolicy.ReportNotJunkAddresses -and
|
||||||
|
$null -ne $ReportSubmissionPolicy.ReportPhishAddresses -and
|
||||||
|
$ReportSubmissionPolicy.ReportChatMessageToCustomizedAddressEnabled -and
|
||||||
|
-not $ReportSubmissionPolicy.ReportChatMessageEnabled
|
||||||
|
|
||||||
|
$faildetailstring = @"
|
||||||
|
The following settings are required for users to report security concerns in Teams:
|
||||||
|
|
||||||
|
MS Teams:
|
||||||
|
AllowSecurityEndUserReporting: True
|
||||||
|
|
||||||
|
EXO:
|
||||||
|
ReportJunkToCustomizedAddress : True
|
||||||
|
ReportNotJunkToCustomizedAddress : True
|
||||||
|
ReportPhishToCustomizedAddress : True
|
||||||
|
ReportJunkAddresses : <security@contoso.com>
|
||||||
|
ReportNotJunkAddresses : <security@contoso.com>
|
||||||
|
ReportPhishAddresses : <security@contoso.com>
|
||||||
|
ReportChatMessageEnabled : False
|
||||||
|
ReportChatMessageToCustomizedAddressEnabled : True
|
||||||
|
"@
|
||||||
|
$detailsString = "Users cannot report security concerns in Teams due to one or more incorrect settings:`n`n" +
|
||||||
|
"MSTeams: AllowSecurityEndUserReporting: $($CsTeamsMessagingPolicy.AllowSecurityEndUserReporting); `n" +
|
||||||
|
"EXO: ReportJunkToCustomizedAddress: $($ReportSubmissionPolicy.ReportJunkToCustomizedAddress); `n" +
|
||||||
|
"EXO: ReportNotJunkToCustomizedAddress: $($ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress); `n" +
|
||||||
|
"EXO: ReportPhishToCustomizedAddress: $($ReportSubmissionPolicy.ReportPhishToCustomizedAddress); `n" +
|
||||||
|
"EXO: ReportJunkAddresses: $($ReportSubmissionPolicy.ReportJunkAddresses -join ', '); `n" +
|
||||||
|
"EXO: ReportNotJunkAddresses: $($ReportSubmissionPolicy.ReportNotJunkAddresses -join ', '); `n" +
|
||||||
|
"EXO: ReportPhishAddresses: $($ReportSubmissionPolicy.ReportPhishAddresses -join ', '); `n" +
|
||||||
|
"EXO: ReportChatMessageEnabled: $($ReportSubmissionPolicy.ReportChatMessageEnabled); `n" +
|
||||||
|
"EXO: ReportChatMessageToCustomizedAddressEnabled: $($ReportSubmissionPolicy.ReportChatMessageToCustomizedAddressEnabled); "
|
||||||
# Prepare failure reasons and details based on compliance
|
# Prepare failure reasons and details based on compliance
|
||||||
$failureReasons = if (-not $securityReportEnabled) {
|
$failureReasons = if (-not $securityReportEnabled) {
|
||||||
"Users cannot report security concerns in Teams due to one or more incorrect settings"
|
$detailsString
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
"N/A"
|
"N/A"
|
||||||
}
|
}
|
||||||
|
$details = if ($securityReportEnabled) {
|
||||||
$details = "AllowSecurityEndUserReporting: $($CsTeamsMessagingPolicy.AllowSecurityEndUserReporting); " +
|
"Users can report security concerns in Teams."
|
||||||
"ReportJunkToCustomizedAddress: $($ReportSubmissionPolicy.ReportJunkToCustomizedAddress); " +
|
}
|
||||||
"ReportNotJunkToCustomizedAddress: $($ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress); " +
|
else {
|
||||||
"ReportPhishToCustomizedAddress: $($ReportSubmissionPolicy.ReportPhishToCustomizedAddress); " +
|
$faildetailstring
|
||||||
"ReportChatMessageToCustomizedAddressEnabled: $($ReportSubmissionPolicy.ReportChatMessageToCustomizedAddressEnabled)"
|
}
|
||||||
|
|
||||||
# Create and populate the CISAuditResult object
|
# Create and populate the CISAuditResult object
|
||||||
$params = @{
|
$params = @{
|
||||||
|
|||||||
Reference in New Issue
Block a user