vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Update Formatting

Browse Source
This commit is contained in:
DrIOS
2024-06-23 14:34:26 -05:00
parent 9a299d4bac
commit a90df5bef4
1 changed files with 0 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
source/Private/Get-ExoOutput.ps1
View File

@@ -1,16 +1,12 @@
<# <#
.SYNOPSIS .SYNOPSIS
This is a sample Private function only visible within the module. This is a sample Private function only visible within the module.
.DESCRIPTION .DESCRIPTION
This sample function is not exported to the module and only return the data passed as parameter. This sample function is not exported to the module and only return the data passed as parameter.
.EXAMPLE .EXAMPLE
$null = Get-ExoOutput -PrivateData 'NOTHING TO SEE HERE' $null = Get-ExoOutput -PrivateData 'NOTHING TO SEE HERE'
.PARAMETER PrivateData .PARAMETER PrivateData
The PrivateData parameter is what will be returned without transformation. The PrivateData parameter is what will be returned without transformation.
#> #>
function Get-ExoOutput { function Get-ExoOutput {
[cmdletBinding()] [cmdletBinding()]
@@ -20,7 +16,6 @@ function Get-ExoOutput {
[String] [String]
$Rec $Rec
) )
begin { begin {
# Begin Block # # Begin Block #
<# <#
@@ -82,11 +77,9 @@ function Get-ExoOutput {
$policies = Get-SafeLinksPolicy $policies = Get-SafeLinksPolicy
# Initialize the details collection # Initialize the details collection
$misconfiguredDetails = @() $misconfiguredDetails = @()
foreach ($policy in $policies) { foreach ($policy in $policies) {
# Get the detailed configuration of each policy # Get the detailed configuration of each policy
$policyDetails = Get-SafeLinksPolicy -Identity $policy.Name $policyDetails = Get-SafeLinksPolicy -Identity $policy.Name
# Check each required property and record failures # Check each required property and record failures
# Condition A: Checking policy settings # Condition A: Checking policy settings
$failures = @() $failures = @()
@@ -95,7 +88,6 @@ function Get-ExoOutput {
if ($policyDetails.EnableSafeLinksForOffice -ne $true) { $failures += "EnableSafeLinksForOffice: False" } # Office 365 Apps: On if ($policyDetails.EnableSafeLinksForOffice -ne $true) { $failures += "EnableSafeLinksForOffice: False" } # Office 365 Apps: On
if ($policyDetails.TrackClicks -ne $true) { $failures += "TrackClicks: False" } # Click protection settings: On if ($policyDetails.TrackClicks -ne $true) { $failures += "TrackClicks: False" } # Click protection settings: On
if ($policyDetails.AllowClickThrough -ne $false) { $failures += "AllowClickThrough: True" } # Do not track when users click safe links: Off if ($policyDetails.AllowClickThrough -ne $false) { $failures += "AllowClickThrough: True" } # Do not track when users click safe links: Off
# Only add details for policies that have misconfigurations # Only add details for policies that have misconfigurations
if ($failures.Count -gt 0) { if ($failures.Count -gt 0) {
$misconfiguredDetails += "Policy: $($policy.Name); Failures: $($failures -join ', ')" $misconfiguredDetails += "Policy: $($policy.Name); Failures: $($failures -join ', ')"
@@ -107,14 +99,12 @@ function Get-ExoOutput {
else { else {
return 1 return 1
} }
} }
'2.1.2' { '2.1.2' {
# Test-CommonAttachmentFilter.ps1 # Test-CommonAttachmentFilter.ps1
# 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled # 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled
# Condition A: The Common Attachment Types Filter is enabled in the Microsoft 365 Security & Compliance Center. # Condition A: The Common Attachment Types Filter is enabled in the Microsoft 365 Security & Compliance Center.
# Condition B: Using Exchange Online PowerShell, verify that the `EnableFileFilter` property of the default malware filter policy is set to `True`. # Condition B: Using Exchange Online PowerShell, verify that the `EnableFileFilter` property of the default malware filter policy is set to `True`.
# Retrieve the attachment filter policy # Retrieve the attachment filter policy
$attachmentFilter = Get-MalwareFilterPolicy -Identity Default | Select-Object EnableFileFilter $attachmentFilter = Get-MalwareFilterPolicy -Identity Default | Select-Object EnableFileFilter
$result = $attachmentFilter.EnableFileFilter $result = $attachmentFilter.EnableFileFilter
@@ -124,7 +114,6 @@ function Get-ExoOutput {
'2.1.3' { '2.1.3' {
# Test-NotifyMalwareInternal.ps1 # Test-NotifyMalwareInternal.ps1
# 2.1.3 Ensure notifications for internal users sending malware is Enabled # 2.1.3 Ensure notifications for internal users sending malware is Enabled
# Retrieve all 'Custom' malware filter policies and check notification settings # Retrieve all 'Custom' malware filter policies and check notification settings
$malwareNotifications = Get-MalwareFilterPolicy | Where-Object { $_.RecommendedPolicyType -eq 'Custom' } $malwareNotifications = Get-MalwareFilterPolicy | Where-Object { $_.RecommendedPolicyType -eq 'Custom' }
# [object[]] # [object[]]
@@ -167,7 +156,6 @@ function Get-ExoOutput {
# Retrieve the default hosted outbound spam filter policy # Retrieve the default hosted outbound spam filter policy
$hostedOutboundSpamFilterPolicy = Get-HostedOutboundSpamFilterPolicy | Where-Object { $_.IsDefault -eq $true } $hostedOutboundSpamFilterPolicy = Get-HostedOutboundSpamFilterPolicy | Where-Object { $_.IsDefault -eq $true }
return $hostedOutboundSpamFilterPolicy return $hostedOutboundSpamFilterPolicy
} }
'2.1.7' { '2.1.7' {
# Test-AntiPhishingPolicy.ps1 # Test-AntiPhishingPolicy.ps1
@@ -178,7 +166,6 @@ function Get-ExoOutput {
'2.1.9' { '2.1.9' {
# Test-EnableDKIM.ps1 # Test-EnableDKIM.ps1
# 2.1.9 (L1) Ensure DKIM is enabled for all Exchange Online Domains # 2.1.9 (L1) Ensure DKIM is enabled for all Exchange Online Domains
# Retrieve DKIM configuration for all domains # Retrieve DKIM configuration for all domains
$dkimConfig = Get-DkimSigningConfig | Select-Object Domain, Enabled $dkimConfig = Get-DkimSigningConfig | Select-Object Domain, Enabled
# [object[]] # [object[]]
@@ -187,7 +174,6 @@ function Get-ExoOutput {
'3.1.1' { '3.1.1' {
# Test-AuditLogSearch.ps1 # Test-AuditLogSearch.ps1
# 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled # 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled
# Retrieve the audit log configuration # Retrieve the audit log configuration
$auditLogConfig = Get-AdminAuditLogConfig | Select-Object UnifiedAuditLogIngestionEnabled $auditLogConfig = Get-AdminAuditLogConfig | Select-Object UnifiedAuditLogIngestionEnabled
# #
@@ -198,7 +184,6 @@ function Get-ExoOutput {
'6.1.1' { '6.1.1' {
# Test-AuditDisabledFalse.ps1 # Test-AuditDisabledFalse.ps1
# 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False' # 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False'
# Retrieve the AuditDisabled configuration (Condition B) # Retrieve the AuditDisabled configuration (Condition B)
$auditDisabledConfig = Get-OrganizationConfig | Select-Object AuditDisabled $auditDisabledConfig = Get-OrganizationConfig | Select-Object AuditDisabled
# [bool] # [bool]
@@ -229,12 +214,10 @@ function Get-ExoOutput {
$outboundSpamPolicies = Get-HostedOutboundSpamFilterPolicy $outboundSpamPolicies = Get-HostedOutboundSpamFilterPolicy
$nonCompliantSpamPolicies = $outboundSpamPolicies | Where-Object { $_.AutoForwardingMode -ne 'Off' } $nonCompliantSpamPolicies = $outboundSpamPolicies | Where-Object { $_.AutoForwardingMode -ne 'Off' }
return $transportRules, $nonCompliantSpamPolicies return $transportRules, $nonCompliantSpamPolicies
} }
'6.2.2' { '6.2.2' {
# Test-NoWhitelistDomains.ps1 # Test-NoWhitelistDomains.ps1
# 6.2.2 (L1) Ensure mail transport rules do not whitelist specific domains # 6.2.2 (L1) Ensure mail transport rules do not whitelist specific domains
# Retrieve transport rules that whitelist specific domains # Retrieve transport rules that whitelist specific domains
# Condition A: Checking for transport rules that whitelist specific domains # Condition A: Checking for transport rules that whitelist specific domains
# [object[]] # [object[]]
@@ -244,7 +227,6 @@ function Get-ExoOutput {
'6.2.3' { '6.2.3' {
# Test-IdentifyExternalEmail.ps1 # Test-IdentifyExternalEmail.ps1
# 6.2.3 (L1) Ensure email from external senders is identified # 6.2.3 (L1) Ensure email from external senders is identified
# Retrieve external sender tagging configuration # Retrieve external sender tagging configuration
# [object[]] # [object[]]
$externalInOutlook = Get-ExternalInOutlook $externalInOutlook = Get-ExternalInOutlook
@@ -256,13 +238,11 @@ function Get-ExoOutput {
$customPolicyFailures = @() $customPolicyFailures = @()
# Check all mailboxes for custom policies with unallowed add-ins # Check all mailboxes for custom policies with unallowed add-ins
$roleAssignmentPolicies = Get-EXOMailbox | Select-Object -Unique RoleAssignmentPolicy $roleAssignmentPolicies = Get-EXOMailbox | Select-Object -Unique RoleAssignmentPolicy
if ($roleAssignmentPolicies.RoleAssignmentPolicy) { if ($roleAssignmentPolicies.RoleAssignmentPolicy) {
foreach ($policy in $roleAssignmentPolicies) { foreach ($policy in $roleAssignmentPolicies) {
if ($policy.RoleAssignmentPolicy) { if ($policy.RoleAssignmentPolicy) {
$rolePolicyDetails = Get-RoleAssignmentPolicy -Identity $policy.RoleAssignmentPolicy $rolePolicyDetails = Get-RoleAssignmentPolicy -Identity $policy.RoleAssignmentPolicy
$foundRoles = $rolePolicyDetails.AssignedRoles | Where-Object { $_ -in $relevantRoles } $foundRoles = $rolePolicyDetails.AssignedRoles | Where-Object { $_ -in $relevantRoles }
# Condition B: Using PowerShell, verify that MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are not assigned to users. # Condition B: Using PowerShell, verify that MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are not assigned to users.
if ($foundRoles) { if ($foundRoles) {
$customPolicyFailures += "Policy: $($policy.RoleAssignmentPolicy): Roles: $($foundRoles -join ', ')" $customPolicyFailures += "Policy: $($policy.RoleAssignmentPolicy): Roles: $($foundRoles -join ', ')"
@@ -278,7 +258,6 @@ function Get-ExoOutput {
# Test-ModernAuthExchangeOnline.ps1 # Test-ModernAuthExchangeOnline.ps1
# Ensuring the ExchangeOnlineManagement module is available # Ensuring the ExchangeOnlineManagement module is available
# 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled # 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled
# Check modern authentication setting in Exchange Online configuration (Condition A and B) # Check modern authentication setting in Exchange Online configuration (Condition A and B)
$orgConfig = Get-OrganizationConfig | Select-Object -Property Name, OAuth2ClientProfileEnabled $orgConfig = Get-OrganizationConfig | Select-Object -Property Name, OAuth2ClientProfileEnabled
return $orgConfig return $orgConfig
@@ -302,7 +281,6 @@ function Get-ExoOutput {
'8.6.1' { '8.6.1' {
# Test-ReportSecurityInTeams.ps1 # Test-ReportSecurityInTeams.ps1
# 8.6.1 (L1) Ensure users can report security concerns in Teams # 8.6.1 (L1) Ensure users can report security concerns in Teams
# Retrieve the necessary settings for Teams and Exchange Online # Retrieve the necessary settings for Teams and Exchange Online
# Condition B: Verify that 'Monitor reported messages in Microsoft Teams' is checked in the Microsoft 365 Defender portal. # Condition B: Verify that 'Monitor reported messages in Microsoft Teams' is checked in the Microsoft 365 Defender portal.
# Condition C: Ensure the 'Send reported messages to' setting in the Microsoft 365 Defender portal is set to 'My reporting mailbox only' with the correct report email addresses. # Condition C: Ensure the 'Send reported messages to' setting in the Microsoft 365 Defender portal is set to 'My reporting mailbox only' with the correct report email addresses.