docs: Comment conditions on each test

2024-06-12 12:24:25 -05:00
parent cf7fbadbe7
commit 10471b4683
21 changed files with 370 additions and 75 deletions
--- a/source/tests/Test-OrgOnlyBypassLobby.ps1
+++ b/source/tests/Test-OrgOnlyBypassLobby.ps1
@@ -16,6 +16,20 @@ function Test-OrgOnlyBypassLobby {
    process {
        try {
            # 8.5.3 (L1) Ensure only people in my org can bypass the lobby
+            #
+            # Validate test for a pass:
+            # - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark.
+            # - Specific conditions to check:
+            #   - Condition A: The `AutoAdmittedUsers` setting in the Teams meeting policy is set to `EveryoneInCompanyExcludingGuests`.
+            #   - Condition B: The setting for "Who can bypass the lobby" is configured to "People in my org" using the UI.
+            #   - Condition C: Verification using the Microsoft Teams admin center confirms that the meeting join & lobby settings are configured as recommended.
+            #
+            # Validate test for a fail:
+            # - Confirm that the failure conditions in the automated test are consistent with the manual audit results.
+            # - Specific conditions to check:
+            #   - Condition A: The `AutoAdmittedUsers` setting in the Teams meeting policy is not set to `EveryoneInCompanyExcludingGuests`.
+            #   - Condition B: The setting for "Who can bypass the lobby" is not configured to "People in my org" using the UI.
+            #   - Condition C: Verification using the Microsoft Teams admin center indicates that the meeting join & lobby settings are not configured as recommended.

            # Connect to Teams PowerShell using Connect-MicrosoftTeams

@@ -25,6 +39,7 @@ function Test-OrgOnlyBypassLobby {

            # Prepare failure reasons and details based on compliance
            $failureReasons = if (-not $lobbyBypassRestricted) {
+                # Condition A: The `AutoAdmittedUsers` setting in the Teams meeting policy is not set to `EveryoneInCompanyExcludingGuests`.
                "External participants can bypass the lobby"
            }
            else {
@@ -32,9 +47,11 @@ function Test-OrgOnlyBypassLobby {
            }

            $details = if ($lobbyBypassRestricted) {
+                # Condition B: The setting for "Who can bypass the lobby" is configured to "People in my org" using the UI.
                "Only people in the organization can bypass the lobby."
            }
            else {
+                # Condition C: Verification using the Microsoft Teams admin center indicates that the meeting join & lobby settings are not configured as recommended.
                "AutoAdmittedUsers is set to $($CsTeamsMeetingPolicyLobby.AutoAdmittedUsers)"
            }