vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: AntiPhishingPolicy aligned with template

Browse Source
This commit is contained in:
DrIOS
2024-05-26 15:53:57 -05:00
parent 4bc75db1dc
commit 71736bfb43
1 changed files with 47 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
source/tests/Test-AntiPhishingPolicy.ps1
View File

@@ -5,9 +5,10 @@ function Test-AntiPhishingPolicy {
) )
begin { begin {
# Dot source the class script # Dot source the class script if necessary
$auditResults = @() # Initialization code, if needed
#$auditResults = @()
} }
process { process {
@@ -24,37 +25,59 @@ function Test-AntiPhishingPolicy {
} }
# Check if there is at least one policy that meets the requirements # Check if there is at least one policy that meets the requirements
$isCompliant = $validatedPolicies.Count -gt 0 $nonCompliantItems = $antiPhishPolicies | Where-Object {
$_.Enabled -ne $true -or
$_.PhishThresholdLevel -lt 2 -or
$_.EnableMailboxIntelligenceProtection -ne $true -or
$_.EnableMailboxIntelligence -ne $true -or
$_.EnableSpoofIntelligence -ne $true
}
$compliantItems = $validatedPolicies
$isCompliant = $compliantItems.Count -gt 0
# Prepare failure details if policies are not compliant # Prepare failure reasons for non-compliant items
$failureDetails = if (-not $isCompliant) { $nonCompliantNames = $nonCompliantItems | ForEach-Object { $_.Name }
"No anti-phishing policy is fully compliant with CIS benchmark requirements." $failureReasons = if ($nonCompliantNames.Count -gt 0) {
"Reason: Does not meet one or more compliance criteria.`nNon-compliant Policies:`n" + ($nonCompliantNames -join "`n")
} else { } else {
"Compliant Anti-Phish Policy Names: " + ($validatedPolicies.Name -join ', ') "N/A"
} }
# Create an instance of CISAuditResult and populate it # Prepare details for non-compliant items
$nonCompliantDetails = $nonCompliantItems | ForEach-Object {
"Policy: $($_.Name)"
}
$nonCompliantDetails = $nonCompliantDetails -join "`n"
# Prepare details based on compliance
$details = if ($nonCompliantItems) {
"Non-Compliant Items: $($nonCompliantItems.Count)`nDetails:`n$nonCompliantDetails"
}
else {
"Compliant Items: $($compliantItems.Count)"
}
# Create and populate the CISAuditResult object
$auditResult = [CISAuditResult]::new() $auditResult = [CISAuditResult]::new()
$auditResult.Status = if ($isCompliant) { "Pass" } else { "Fail" } $auditResult.Status = if ($isCompliant) { "Pass" } else { "Fail" }
$auditResult.ELevel = "E5" $auditResult.ELevel = 'E5' # Modify as needed
$auditResult.ProfileLevel = "L1" $auditResult.ProfileLevel = 'L1' # Modify as needed
$auditResult.Rec = "2.1.7" $auditResult.Rec = '2.1.7' # Modify as needed
$auditResult.RecDescription = "Ensure that an anti-phishing policy has been created" $auditResult.RecDescription = "Ensure that an anti-phishing policy has been created" # Modify as needed
$auditResult.CISControlVer = "v8" $auditResult.CISControlVer = 'v8' # Modify as needed
$auditResult.CISControl = "9.7" $auditResult.CISControl = "9.7" # Modify as needed
$auditResult.CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections" $auditResult.CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections" # Modify as needed
$auditResult.IG1 = $false $auditResult.IG1 = $false # Modify as needed
$auditResult.IG2 = $false $auditResult.IG2 = $false # Modify as needed
$auditResult.IG3 = $true $auditResult.IG3 = $true # Modify as needed
$auditResult.Result = $isCompliant $auditResult.Result = $nonCompliantItems.Count -eq 0
$auditResult.Details = $failureDetails $auditResult.Details = $details
$auditResult.FailureReason = if (-not $isCompliant) { "Anti-phishing policies do not meet CIS benchmark requirements." } else { "N/A" } $auditResult.FailureReason = $failureReasons
$auditResults += $auditResult
} }
end { end {
# Return auditResults # Return auditResults
return $auditResults return $auditResult
} }
} }