change: refactored test output and created new functions
This commit is contained in:
DrIOS
@@ -14,52 +14,58 @@ function Test-NotifyMalwareInternal {
|
||||
|
||||
process {
|
||||
try {
|
||||
# 2.1.3 Ensure notifications for internal users sending malware is Enabled
|
||||
# 2.1.3 Ensure notifications for internal users sending malware is Enabled
|
||||
|
||||
# Retrieve all 'Custom' malware filter policies and check notification settings
|
||||
$malwareNotifications = Get-MalwareFilterPolicy | Where-Object { $_.RecommendedPolicyType -eq 'Custom' }
|
||||
$policiesToReport = @()
|
||||
# Retrieve all 'Custom' malware filter policies and check notification settings
|
||||
$malwareNotifications = Get-MalwareFilterPolicy | Where-Object { $_.RecommendedPolicyType -eq 'Custom' }
|
||||
$policiesToReport = @()
|
||||
|
||||
foreach ($policy in $malwareNotifications) {
|
||||
if ($policy.EnableInternalSenderAdminNotifications -ne $true) {
|
||||
$policiesToReport += "$($policy.Identity): Notifications Disabled"
|
||||
foreach ($policy in $malwareNotifications) {
|
||||
if ($policy.EnableInternalSenderAdminNotifications -ne $true) {
|
||||
$policiesToReport += "$($policy.Identity): Notifications Disabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Determine the result based on the presence of custom policies without notifications
|
||||
$result = $policiesToReport.Count -eq 0
|
||||
# Determine the result based on the presence of custom policies without notifications
|
||||
$result = $policiesToReport.Count -eq 0
|
||||
|
||||
# Prepare failure reasons and details based on compliance
|
||||
$failureReasons = if ($result) {
|
||||
"N/A"
|
||||
}
|
||||
else {
|
||||
"Some custom policies do not have notifications for internal users sending malware enabled."
|
||||
}
|
||||
# Prepare failure reasons and details based on compliance
|
||||
$failureReasons = if ($result) {
|
||||
"N/A"
|
||||
}
|
||||
else {
|
||||
"Some custom policies do not have notifications for internal users sending malware enabled."
|
||||
}
|
||||
|
||||
$details = if ($result) {
|
||||
"All custom malware policies have notifications enabled."
|
||||
}
|
||||
else {
|
||||
"Misconfigured Policies: $($policiesToReport -join ', ')"
|
||||
}
|
||||
$details = if ($result) {
|
||||
"All custom malware policies have notifications enabled."
|
||||
}
|
||||
else {
|
||||
"Misconfigured Policies: $($policiesToReport -join ', ')"
|
||||
}
|
||||
|
||||
# Create and populate the CISAuditResult object
|
||||
$params = @{
|
||||
Rec = $recnum
|
||||
Result = $result
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
# Create and populate the CISAuditResult object
|
||||
$params = @{
|
||||
Rec = $recnum
|
||||
Result = $result
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
catch {
|
||||
Write-Error "An error occurred during the test: $_"
|
||||
catch {
|
||||
Write-Error "An error occurred during the test: $_"
|
||||
|
||||
# Call Initialize-CISAuditResult with error parameters
|
||||
$auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
|
||||
}
|
||||
# Retrieve the description from the test definitions
|
||||
$testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
|
||||
$description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
|
||||
|
||||
$script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
|
||||
|
||||
# Call Initialize-CISAuditResult with error parameters
|
||||
$auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
|
||||
}
|
||||
}
|
||||
|
||||
end {
|
||||
|
||||
Reference in New Issue
Block a user