vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: Tests for 2.17

Browse Source
This commit is contained in:
DrIOS
2024-12-27 11:05:28 -06:00
parent 022dcde49b
commit 4e12eae6a9
5 changed files with 218 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
source/Private/Get-CISExoOutput.ps1
View File

@@ -339,7 +339,14 @@ function Get-CISExoOutput {
)
#>
$antiPhishPolicies = Get-AntiPhishPolicy
return $antiPhishPolicies
if ($script:Version400) {
Write-Verbose 'Retrieving associated AntiPhishRules...'
$antiPhishRules = Get-AntiPhishRule
return $antiPhishPolicies, $antiPhishRules
}
else {
return $antiPhishPolicies
}
}
'2.1.9' {
# Test-EnableDKIM.ps1

45
source/Private/Get-PhishPolicyCompliance.ps1 Normal file
View File

@@ -0,0 +1,45 @@
function Get-PhishPolicyCompliance {
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[PSCustomObject]$Policy
)
# Define the compliance criteria for an anti-phishing policy
$complianceCriteria = @{
Enabled = $true # Policy must be enabled
EnableTargetedUserProtection = $true # Targeted user protection must be enabled
EnableOrganizationDomainsProtection = $true # Organization domains protection must be enabled
EnableMailboxIntelligence = $true # Mailbox intelligence must be enabled
EnableMailboxIntelligenceProtection = $true # Mailbox intelligence protection must be enabled
EnableSpoofIntelligence = $true # Spoof intelligence must be enabled
TargetedUserProtectionAction = 'Quarantine' # Actions for targeted user protection must be 'Quarantine'
TargetedDomainProtectionAction = 'Quarantine' # Actions for targeted domain protection must be 'Quarantine'
MailboxIntelligenceProtectionAction = 'Quarantine' # Actions for mailbox intelligence protection must be 'Quarantine'
EnableFirstContactSafetyTips = $true # First contact safety tips must be enabled
EnableSimilarUsersSafetyTips = $true # Similar users safety tips must be enabled
EnableSimilarDomainsSafetyTips = $true # Similar domains safety tips must be enabled
EnableUnusualCharactersSafetyTips = $true # Unusual characters safety tips must be enabled
HonorDmarcPolicy = $true # Honor DMARC policy must be enabled
}
# Initialize compliance state and a list to track non-compliance reasons
$isCompliant = $true
$nonCompliantReasons = @()
# Iterate through the compliance criteria and check each property of the policy
foreach ($key in $complianceCriteria.Keys) {
if ($Policy.PSObject.Properties[$key] -and $Policy.$key -ne $complianceCriteria[$key]) {
$isCompliant = $false # Mark as non-compliant if the value doesn't match
$nonCompliantReasons += "$key`: Expected $($complianceCriteria[$key]), Found $($Policy.$key)" # Record the discrepancy
}
}
# Special case: Ensure PhishThresholdLevel is at least 3
if ($Policy.PSObject.Properties['PhishThresholdLevel'] -and $Policy.PhishThresholdLevel -lt 3) {
$isCompliant = $false # Mark as non-compliant if threshold is below 3
$nonCompliantReasons += "PhishThresholdLevel: Expected at least 3, Found $($Policy.PhishThresholdLevel)" # Record the issue
}
# Log the reasons for non-compliance if the policy is not compliant
if (-not $isCompliant) {
Write-Verbose "Policy $($Policy.Name) is not compliant. Reasons: $($nonCompliantReasons -join '; ')"
}
# Return whether the policy is compliant
return $isCompliant
}

48
source/Private/Get-ScopeOverlap.ps1 Normal file
View File

@@ -0,0 +1,48 @@
function Get-ScopeOverlap {
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[PSCustomObject]$Policy, # The primary policy whose scope we are evaluating
[Parameter(Mandatory = $true)]
[PSCustomObject[]]$OtherPolicies # A list of other policies to compare for scope overlap
)
# Write a verbose message indicating the policy being evaluated for overlap
Write-Verbose "Checking for scope overlap with $($Policy.Name)..."
# Initialize variables to track overlap status and overlapping entities
$overlapDetected = $false # Tracks if any overlap is detected
$overlappingEntities = @() # Stores details of overlapping entities for logging
# Build the scope string of the current policy by concatenating users, groups, and domains
$policyScope = @(
$Policy.Users -join ',', # Users within the policy's scope
$Policy.Groups -join ',', # Groups within the policy's scope
$Policy.Domains -join ',' # Domains within the policy's scope
) -join ',' # Combine all into a single string
# Iterate through each policy in the list of other policies
foreach ($otherPolicy in $OtherPolicies) {
if ($null -ne $otherPolicy) { # Skip null or empty policies
# Build the scope string for the other policy
$otherScope = @(
$otherPolicy.Users -join ',', # Users within the other policy's scope
$otherPolicy.Groups -join ',', # Groups within the other policy's scope
$otherPolicy.Domains -join ',' # Domains within the other policy's scope
) -join ',' # Combine all into a single string
# Check if the current policy's scope matches any part of the other policy's scope
if ($policyScope -match $otherScope) {
$overlapDetected = $true # Mark overlap as detected
# Log overlapping entities for clarity
$overlappingEntities += @(
"Users: $($otherPolicy.Users)",
"Groups: $($otherPolicy.Groups)",
"Domains: $($otherPolicy.Domains)"
)
Write-Verbose "Overlap detected between $($Policy.Name) and $($otherPolicy.Name)." # Log the overlap
}
}
}
# If overlap is detected, log the specific overlapping entities
if ($overlapDetected) {
Write-Verbose "Overlapping entities: $($overlappingEntities -join '; ')" # Log overlapping users, groups, or domains
}
# Return whether overlap was detected (true/false)
return $overlapDetected
}