From abe18f194202d6e0c868a3d3119dea5aa53403c8 Mon Sep 17 00:00:00 2001 From: DrIOS <58635327+DrIOSX@users.noreply.github.com> Date: Mon, 24 Jun 2024 15:06:04 -0500 Subject: [PATCH] docs: Add wiki help docs --- help/Export-M365SecurityAuditTable.md | 90 +- help/Get-AdminRoleUserLicense.md | 19 +- help/Get-MFAStatus.md | 24 +- help/Invoke-M365SecurityAudit.md | 42 +- help/M365FoundationsCISReport.md | 5 +- help/Remove-RowsWithEmptyCSVStatus.md | 25 +- help/Sync-CISExcelAndCsvData.md | 20 +- .../en-US/M365FoundationsCISReport-help.xml | 2043 +++++++++++++++++ .../about_M365FoundationsCISReport.help.txt | 74 +- 9 files changed, 2261 insertions(+), 81 deletions(-) create mode 100644 source/en-US/M365FoundationsCISReport-help.xml diff --git a/help/Export-M365SecurityAuditTable.md b/help/Export-M365SecurityAuditTable.md index 1d06070..6afe3bf 100644 --- a/help/Export-M365SecurityAuditTable.md +++ b/help/Export-M365SecurityAuditTable.md @@ -1,4 +1,4 @@ ---- +--- external help file: M365FoundationsCISReport-help.xml Module Name: M365FoundationsCISReport online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Export-M365SecurityAuditTable @@ -15,24 +15,25 @@ Exports M365 security audit results to a CSV file or outputs a specific test res ### OutputObjectFromAuditResultsSingle ``` Export-M365SecurityAuditTable [-AuditResults] [-OutputTestNumber] - [] + [-ProgressAction ] [] ``` ### ExportAllResultsFromAuditResults ``` Export-M365SecurityAuditTable [-AuditResults] [-ExportAllTests] -ExportPath - [-ExportOriginalTests] [-ExportToExcel] [] + [-ExportOriginalTests] [-ExportToExcel] [-ProgressAction ] [] ``` ### OutputObjectFromCsvSingle ``` -Export-M365SecurityAuditTable [-CsvPath] [-OutputTestNumber] [] +Export-M365SecurityAuditTable [-CsvPath] [-OutputTestNumber] + [-ProgressAction ] [] ``` ### ExportAllResultsFromCsv ``` Export-M365SecurityAuditTable [-CsvPath] [-ExportAllTests] -ExportPath [-ExportOriginalTests] - [-ExportToExcel] [] + [-ExportToExcel] [-ProgressAction ] [] ``` ## DESCRIPTION @@ -44,44 +45,38 @@ It can export all results to a specified path or output a specific test result a ### EXAMPLE 1 ``` Export-M365SecurityAuditTable -AuditResults $object -OutputTestNumber 6.1.2 -``` - # Output object for a single test number from audit results +``` ### EXAMPLE 2 ``` Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp" -``` - # Export all results from audit results to the specified path +``` ### EXAMPLE 3 ``` Export-M365SecurityAuditTable -CsvPath "C:\temp\auditresultstoday1.csv" -OutputTestNumber 6.1.2 -``` - # Output object for a single test number from CSV +``` ### EXAMPLE 4 ``` Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp" -``` - # Export all results from CSV to the specified path +``` ### EXAMPLE 5 ``` Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp" -ExportOriginalTests -``` - # Export all results from audit results to the specified path along with the original tests +``` ### EXAMPLE 6 ``` Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp" -ExportOriginalTests -``` - # Export all results from CSV to the specified path along with the original tests +``` ## PARAMETERS @@ -115,6 +110,22 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -OutputTestNumber +The test number to output as an object. +Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". + +```yaml +Type: String +Parameter Sets: OutputObjectFromAuditResultsSingle, OutputObjectFromCsvSingle +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -ExportAllTests Switch to export all test results. @@ -130,21 +141,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -ExportOriginalTests -Switch to export the original audit results to a CSV file. - -```yaml -Type: SwitchParameter -Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv -Aliases: - -Required: False -Position: Named -Default value: False -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -ExportPath The path where the CSV files will be exported. @@ -160,6 +156,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ExportOriginalTests +Switch to export the original audit results to a CSV file. + +```yaml +Type: SwitchParameter +Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv +Aliases: + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -ExportToExcel Switch to export the results to an Excel file. @@ -175,17 +186,16 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -OutputTestNumber -The test number to output as an object. -Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". +### -ProgressAction +{{ Fill ProgressAction Description }} ```yaml -Type: String -Parameter Sets: OutputObjectFromAuditResultsSingle, OutputObjectFromCsvSingle -Aliases: +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga -Required: True -Position: 2 +Required: False +Position: Named Default value: None Accept pipeline input: False Accept wildcard characters: False diff --git a/help/Get-AdminRoleUserLicense.md b/help/Get-AdminRoleUserLicense.md index 0100860..629903e 100644 --- a/help/Get-AdminRoleUserLicense.md +++ b/help/Get-AdminRoleUserLicense.md @@ -1,4 +1,4 @@ ---- +--- external help file: M365FoundationsCISReport-help.xml Module Name: M365FoundationsCISReport online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense @@ -13,7 +13,7 @@ Retrieves user licenses and roles for administrative accounts from Microsoft 365 ## SYNTAX ``` -Get-AdminRoleUserLicense [-SkipGraphConnection] [] +Get-AdminRoleUserLicense [-SkipGraphConnection] [-ProgressAction ] [] ``` ## DESCRIPTION @@ -54,6 +54,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ProgressAction +{{ Fill ProgressAction Description }} + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/help/Get-MFAStatus.md b/help/Get-MFAStatus.md index 5e1750e..e5accc3 100644 --- a/help/Get-MFAStatus.md +++ b/help/Get-MFAStatus.md @@ -13,7 +13,8 @@ Retrieves the MFA (Multi-Factor Authentication) status for Azure Active Director ## SYNTAX ``` -Get-MFAStatus [[-UserId] ] [-SkipMSOLConnectionChecks] [] +Get-MFAStatus [[-UserId] ] [-SkipMSOLConnectionChecks] [-ProgressAction ] + [] ``` ## DESCRIPTION @@ -25,16 +26,14 @@ Optionally, you can specify a single user by their User Principal Name (UPN) to ### EXAMPLE 1 ``` Get-MFAStatus -``` - Retrieves the MFA status for all Azure Active Directory users. +``` ### EXAMPLE 2 ``` Get-MFAStatus -UserId "example@domain.com" -``` - Retrieves the MFA status for the specified user with the UPN "example@domain.com". +``` ## PARAMETERS @@ -69,6 +68,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ProgressAction +{{ Fill ProgressAction Description }} + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/help/Invoke-M365SecurityAudit.md b/help/Invoke-M365SecurityAudit.md index 06150e6..1ee9ffc 100644 --- a/help/Invoke-M365SecurityAudit.md +++ b/help/Invoke-M365SecurityAudit.md @@ -15,49 +15,50 @@ Invokes a security audit for Microsoft 365 environments. ### Default (Default) ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] [-DoNotConnect] - [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm] [] + [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-ProgressAction ] [-WhatIf] + [-Confirm] [] ``` ### ELevelFilter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] -ELevel -ProfileLevel [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] - [-WhatIf] [-Confirm] [] + [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ### IG1Filter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] [-IncludeIG1] - [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm] - [] + [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] + [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ### IG2Filter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] [-IncludeIG2] - [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm] - [] + [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] + [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ### IG3Filter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] [-IncludeIG3] - [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm] - [] + [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] + [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ### RecFilter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] -IncludeRecommendation [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] - [-DoNotConfirmConnections] [-WhatIf] [-Confirm] [] + [-DoNotConfirmConnections] [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ### SkipRecFilter ``` Invoke-M365SecurityAudit [-TenantAdminUrl ] [-M365DomainForPWPolicyTest ] -SkipRecommendation [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] - [-WhatIf] [-Confirm] [] + [-ProgressAction ] [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION @@ -126,8 +127,6 @@ FailureReason: Non-Compliant Accounts: 2 ### EXAMPLE 4 ``` Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -SkipRecommendation '1.1.3', '2.1.1' -``` - Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1. Output: Status : Fail @@ -141,14 +140,14 @@ Details : Non-compliant accounts: user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 FailureReason: Non-Compliant Accounts: 2 +``` ### EXAMPLE 5 ``` $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" +PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation ``` -PS\> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation - Captures the audit results into a variable and exports them to a CSV file. Output: CISAuditResult\[\] @@ -397,6 +396,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ProgressAction +{{ Fill ProgressAction Description }} + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/help/M365FoundationsCISReport.md b/help/M365FoundationsCISReport.md index 27043e8..267b0ab 100644 --- a/help/M365FoundationsCISReport.md +++ b/help/M365FoundationsCISReport.md @@ -1,4 +1,4 @@ ---- +--- Module Name: M365FoundationsCISReport Module Guid: 0d064bfb-d1ce-484b-a173-993b55984dc9 Download Help Link: {{Please enter Link manually}} @@ -11,6 +11,9 @@ Locale: en-US The `M365FoundationsCISReport` module provides a set of cmdlets to audit and report on the security compliance of Microsoft 365 environments based on CIS (Center for Internet Security) benchmarks. It enables administrators to generate detailed reports, sync data with CIS Excel sheets, and perform security audits to ensure compliance. ## M365FoundationsCISReport Cmdlets +### [Export-M365SecurityAuditTable](Export-M365SecurityAuditTable.md) +Exports M365 security audit results to a CSV file or outputs a specific test result as an object. + ### [Get-AdminRoleUserLicense](Get-AdminRoleUserLicense.md) Retrieves user licenses and roles for administrative accounts from Microsoft 365 via the Graph API. diff --git a/help/Remove-RowsWithEmptyCSVStatus.md b/help/Remove-RowsWithEmptyCSVStatus.md index 368981c..8582a86 100644 --- a/help/Remove-RowsWithEmptyCSVStatus.md +++ b/help/Remove-RowsWithEmptyCSVStatus.md @@ -1,7 +1,7 @@ ---- +--- external help file: M365FoundationsCISReport-help.xml Module Name: M365FoundationsCISReport -online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Invoke-M365SecurityAudit +online version: schema: 2.0.0 --- @@ -13,7 +13,8 @@ Removes rows from an Excel worksheet where the 'CSV_Status' column is empty and ## SYNTAX ``` -Remove-RowsWithEmptyCSVStatus [-FilePath] [-WorksheetName] [] +Remove-RowsWithEmptyCSVStatus [-FilePath] [-WorksheetName] + [-ProgressAction ] [] ``` ## DESCRIPTION @@ -25,9 +26,8 @@ The filtered data is then exported to a new Excel file with a '-Filtered' suffix ### EXAMPLE 1 ``` Remove-RowsWithEmptyCSVStatus -FilePath "C:\Reports\Report.xlsx" -WorksheetName "Sheet1" -``` - This command imports data from the "Sheet1" worksheet in the "Report.xlsx" file, removes rows where the 'CSV_Status' column is empty, and saves the filtered data to a new file named "Report-Filtered.xlsx" in the same directory. +``` ## PARAMETERS @@ -61,6 +61,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ProgressAction +{{ Fill ProgressAction Description }} + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/help/Sync-CISExcelAndCsvData.md b/help/Sync-CISExcelAndCsvData.md index 96a2155..e412199 100644 --- a/help/Sync-CISExcelAndCsvData.md +++ b/help/Sync-CISExcelAndCsvData.md @@ -14,7 +14,7 @@ Synchronizes and updates data in an Excel worksheet with new information from a ``` Sync-CISExcelAndCsvData [[-ExcelPath] ] [[-CsvPath] ] [[-SheetName] ] - [] + [-ProgressAction ] [] ``` ## DESCRIPTION @@ -27,9 +27,8 @@ It's designed to ensure that the Excel document maintains a running log of chang ### EXAMPLE 1 ``` Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -CsvPath "path\to\data.csv" -SheetName "AuditData" -``` - Updates the 'AuditData' worksheet in 'excel.xlsx' with data from 'data.csv', adding new information and the date of the update. +``` ## PARAMETERS @@ -81,6 +80,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ProgressAction +{{ Fill ProgressAction Description }} + +```yaml +Type: ActionPreference +Parameter Sets: (All) +Aliases: proga + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/source/en-US/M365FoundationsCISReport-help.xml b/source/en-US/M365FoundationsCISReport-help.xml new file mode 100644 index 0000000..9b00f7e --- /dev/null +++ b/source/en-US/M365FoundationsCISReport-help.xml @@ -0,0 +1,2043 @@ + + + + + Export-M365SecurityAuditTable + Export + M365SecurityAuditTable + + Exports M365 security audit results to a CSV file or outputs a specific test result as an object. + + + + This function exports M365 security audit results from either an array of CISAuditResult objects or a CSV file. It can export all results to a specified path or output a specific test result as an object. + + + + Export-M365SecurityAuditTable + + OutputTestNumber + + The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". + + String + + String + + + None + + + AuditResults + + An array of CISAuditResult objects containing the audit results. + + CISAuditResult[] + + CISAuditResult[] + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Export-M365SecurityAuditTable + + ExportAllTests + + Switch to export all test results. + + + SwitchParameter + + + False + + + AuditResults + + An array of CISAuditResult objects containing the audit results. + + CISAuditResult[] + + CISAuditResult[] + + + None + + + ExportPath + + The path where the CSV files will be exported. + + String + + String + + + None + + + ExportOriginalTests + + Switch to export the original audit results to a CSV file. + + + SwitchParameter + + + False + + + ExportToExcel + + Switch to export the results to an Excel file. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Export-M365SecurityAuditTable + + OutputTestNumber + + The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". + + String + + String + + + None + + + CsvPath + + The path to a CSV file containing the audit results. + + String + + String + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Export-M365SecurityAuditTable + + ExportAllTests + + Switch to export all test results. + + + SwitchParameter + + + False + + + CsvPath + + The path to a CSV file containing the audit results. + + String + + String + + + None + + + ExportPath + + The path where the CSV files will be exported. + + String + + String + + + None + + + ExportOriginalTests + + Switch to export the original audit results to a CSV file. + + + SwitchParameter + + + False + + + ExportToExcel + + Switch to export the results to an Excel file. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + AuditResults + + An array of CISAuditResult objects containing the audit results. + + CISAuditResult[] + + CISAuditResult[] + + + None + + + CsvPath + + The path to a CSV file containing the audit results. + + String + + String + + + None + + + OutputTestNumber + + The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". + + String + + String + + + None + + + ExportAllTests + + Switch to export all test results. + + SwitchParameter + + SwitchParameter + + + False + + + ExportPath + + The path where the CSV files will be exported. + + String + + String + + + None + + + ExportOriginalTests + + Switch to export the original audit results to a CSV file. + + SwitchParameter + + SwitchParameter + + + False + + + ExportToExcel + + Switch to export the results to an Excel file. + + SwitchParameter + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + [CISAuditResult[]], [string] + + + + + + + + + + [PSCustomObject] + + + + + + + + + + + + + + -------------------------- EXAMPLE 1 -------------------------- + Export-M365SecurityAuditTable -AuditResults $object -OutputTestNumber 6.1.2 +# Output object for a single test number from audit results + + + + + + -------------------------- EXAMPLE 2 -------------------------- + Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp" +# Export all results from audit results to the specified path + + + + + + -------------------------- EXAMPLE 3 -------------------------- + Export-M365SecurityAuditTable -CsvPath "C:\temp\auditresultstoday1.csv" -OutputTestNumber 6.1.2 +# Output object for a single test number from CSV + + + + + + -------------------------- EXAMPLE 4 -------------------------- + Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp" +# Export all results from CSV to the specified path + + + + + + -------------------------- EXAMPLE 5 -------------------------- + Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp" -ExportOriginalTests +# Export all results from audit results to the specified path along with the original tests + + + + + + -------------------------- EXAMPLE 6 -------------------------- + Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp" -ExportOriginalTests +# Export all results from CSV to the specified path along with the original tests + + + + + + + + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Export-M365SecurityAuditTable + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Export-M365SecurityAuditTable + + + + + + Get-AdminRoleUserLicense + Get + AdminRoleUserLicense + + Retrieves user licenses and roles for administrative accounts from Microsoft 365 via the Graph API. + + + + The Get-AdminRoleUserLicense function connects to Microsoft Graph and retrieves all users who are assigned administrative roles along with their user details and licenses. This function is useful for auditing and compliance checks to ensure that administrators have appropriate licenses and role assignments. + + + + Get-AdminRoleUserLicense + + SkipGraphConnection + + A switch parameter that, when set, skips the connection to Microsoft Graph if already established. This is useful for batch processing or when used within scripts where multiple calls are made and the connection is managed externally. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + SkipGraphConnection + + A switch parameter that, when set, skips the connection to Microsoft Graph if already established. This is useful for batch processing or when used within scripts where multiple calls are made and the connection is managed externally. + + SwitchParameter + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + None. You cannot pipe objects to Get-AdminRoleUserLicense. + + + + + + + + + + PSCustomObject + + + + + + + + Returns a custom object for each user with administrative roles that includes the following properties: RoleName, UserName, UserPrincipalName, UserId, HybridUser, and Licenses. + + + + + + + + + Creation Date: 2024-04-15 Purpose/Change: Initial function development to support Microsoft 365 administrative role auditing. + + + + + -------------------------- EXAMPLE 1 -------------------------- + Get-AdminRoleUserLicense + + This example retrieves all administrative role users along with their licenses by connecting to Microsoft Graph using the default scopes. + + + + -------------------------- EXAMPLE 2 -------------------------- + Get-AdminRoleUserLicense -SkipGraphConnection + + This example retrieves all administrative role users along with their licenses without attempting to connect to Microsoft Graph, assuming that the connection is already established. + + + + + + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense + + + + + + Get-MFAStatus + Get + MFAStatus + + Retrieves the MFA (Multi-Factor Authentication) status for Azure Active Directory users. + + + + The Get-MFAStatus function connects to Microsoft Online Service and retrieves the MFA status for all Azure Active Directory users, excluding guest accounts. Optionally, you can specify a single user by their User Principal Name (UPN) to get their MFA status. + + + + Get-MFAStatus + + UserId + + The User Principal Name (UPN) of a specific user to retrieve MFA status for. If not provided, the function retrieves MFA status for all users. + + String + + String + + + None + + + SkipMSOLConnectionChecks + + {{ Fill SkipMSOLConnectionChecks Description }} + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + UserId + + The User Principal Name (UPN) of a specific user to retrieve MFA status for. If not provided, the function retrieves MFA status for all users. + + String + + String + + + None + + + SkipMSOLConnectionChecks + + {{ Fill SkipMSOLConnectionChecks Description }} + + SwitchParameter + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + + System.Object + + + + + + + + Returns a sorted list of custom objects containing the following properties: + + + + + + + + - UserPrincipalName + + + + + + + + - DisplayName + + + + + + + + - MFAState + + + + + + + + - MFADefaultMethod + + + + + + + + - MFAPhoneNumber + + + + + + + + - PrimarySMTP + + + + + + + + - Aliases + + + + + + + + + The function requires the MSOL module to be installed and connected to your tenant. Ensure that you have the necessary permissions to read user and MFA status information. + + + + + -------------------------- EXAMPLE 1 -------------------------- + Get-MFAStatus +Retrieves the MFA status for all Azure Active Directory users. + + + + + + -------------------------- EXAMPLE 2 -------------------------- + Get-MFAStatus -UserId "example@domain.com" +Retrieves the MFA status for the specified user with the UPN "example@domain.com". + + + + + + + + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-MFAStatus + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-MFAStatus + + + + + + Invoke-M365SecurityAudit + Invoke + M365SecurityAudit + + Invokes a security audit for Microsoft 365 environments. + + + + The Invoke-M365SecurityAudit cmdlet performs a comprehensive security audit based on the specified parameters. It allows auditing of various configurations and settings within a Microsoft 365 environment, such as compliance with CIS benchmarks. + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + ELevel + + Specifies the E-Level (E3 or E5) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. + + String + + String + + + None + + + ProfileLevel + + Specifies the profile level (L1 or L2) for the audit. This parameter is optional and can be combined with the ELevel parameter. + + String + + String + + + None + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + IncludeIG1 + + If specified, includes tests where IG1 is true. + + + SwitchParameter + + + False + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + IncludeIG2 + + If specified, includes tests where IG2 is true. + + + SwitchParameter + + + False + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + IncludeIG3 + + If specified, includes tests where IG3 is true. + + + SwitchParameter + + + False + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + IncludeRecommendation + + Specifies specific recommendations to include in the audit. Accepts an array of recommendation numbers. + + String[] + + String[] + + + None + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + Invoke-M365SecurityAudit + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + SkipRecommendation + + Specifies specific recommendations to exclude from the audit. Accepts an array of recommendation numbers. + + String[] + + String[] + + + None + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + TenantAdminUrl + + The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. + + String + + String + + + None + + + M365DomainForPWPolicyTest + + The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified. + + String + + String + + + None + + + ELevel + + Specifies the E-Level (E3 or E5) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. + + String + + String + + + None + + + ProfileLevel + + Specifies the profile level (L1 or L2) for the audit. This parameter is optional and can be combined with the ELevel parameter. + + String + + String + + + None + + + IncludeIG1 + + If specified, includes tests where IG1 is true. + + SwitchParameter + + SwitchParameter + + + False + + + IncludeIG2 + + If specified, includes tests where IG2 is true. + + SwitchParameter + + SwitchParameter + + + False + + + IncludeIG3 + + If specified, includes tests where IG3 is true. + + SwitchParameter + + SwitchParameter + + + False + + + IncludeRecommendation + + Specifies specific recommendations to include in the audit. Accepts an array of recommendation numbers. + + String[] + + String[] + + + None + + + SkipRecommendation + + Specifies specific recommendations to exclude from the audit. Accepts an array of recommendation numbers. + + String[] + + String[] + + + None + + + DoNotConnect + + If specified, the cmdlet will not establish a connection to Microsoft 365 services. + + SwitchParameter + + SwitchParameter + + + False + + + DoNotDisconnect + + If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. + + SwitchParameter + + SwitchParameter + + + False + + + NoModuleCheck + + If specified, the cmdlet will not check for the presence of required modules. + + SwitchParameter + + SwitchParameter + + + False + + + DoNotConfirmConnections + + If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. + + SwitchParameter + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + None. You cannot pipe objects to Invoke-M365SecurityAudit. + + + + + + + + + + CISAuditResult[] + + + + + + + + The cmdlet returns an array of CISAuditResult objects representing the results of the security audit. + + + + + + + + + - This module is based on CIS benchmarks. + - Governed by the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. + - Commercial use is not permitted. This module cannot be sold or used for commercial purposes. + - Modifications and sharing are allowed under the same license. + - For full license details, visit: https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en + - Register for CIS Benchmarks at: https://www.cisecurity.org/cis-benchmarks + + + + + -------------------------- EXAMPLE 1 -------------------------- + Invoke-M365SecurityAudit + + Performs a security audit using default parameters. Output: Status : Fail ELevel : E3 ProfileLevel: L1 Connection : Microsoft Graph Rec : 1.1.1 Result : False Details : Non-compliant accounts: Username | Roles | HybridStatus | Missing Licence user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 FailureReason: Non-Compliant Accounts: 2 + + + + -------------------------- EXAMPLE 2 -------------------------- + Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -ELevel "E5" -ProfileLevel "L1" + + Performs a security audit for the E5 level and L1 profile in the specified Microsoft 365 environment. Output: Status : Fail ELevel : E5 ProfileLevel: L1 Connection : Microsoft Graph Rec : 1.1.1 Result : False Details : Non-compliant accounts: Username | Roles | HybridStatus | Missing Licence user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 FailureReason: Non-Compliant Accounts: 2 + + + + -------------------------- EXAMPLE 3 -------------------------- + Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -IncludeIG1 + + Performs an audit including all tests where IG1 is true. Output: Status : Fail ELevel : E3 ProfileLevel: L1 Connection : Microsoft Graph Rec : 1.1.1 Result : False Details : Non-compliant accounts: Username | Roles | HybridStatus | Missing Licence user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 FailureReason: Non-Compliant Accounts: 2 + + + + -------------------------- EXAMPLE 4 -------------------------- + Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -SkipRecommendation '1.1.3', '2.1.1' +Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1. +Output: +Status : Fail +ELevel : E3 +ProfileLevel: L1 +Connection : Microsoft Graph +Rec : 1.1.1 +Result : False +Details : Non-compliant accounts: + Username | Roles | HybridStatus | Missing Licence + user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM + user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 +FailureReason: Non-Compliant Accounts: 2 + + + + + + -------------------------- EXAMPLE 5 -------------------------- + $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" +PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation + + Captures the audit results into a variable and exports them to a CSV file. Output: CISAuditResult[] auditResults.csv + + + + -------------------------- EXAMPLE 6 -------------------------- + Invoke-M365SecurityAudit -WhatIf + + Displays what would happen if the cmdlet is run without actually performing the audit. Output: What if: Performing the operation "Invoke-M365SecurityAudit" on target "Microsoft 365 environment". + + + + + + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Invoke-M365SecurityAudit + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Invoke-M365SecurityAudit + + + + + + Remove-RowsWithEmptyCSVStatus + Remove + RowsWithEmptyCSVStatus + + Removes rows from an Excel worksheet where the 'CSV_Status' column is empty and saves the result to a new file. + + + + The Remove-RowsWithEmptyCSVStatus function imports data from a specified worksheet in an Excel file, checks for the presence of the 'CSV_Status' column, and filters out rows where the 'CSV_Status' column is empty. The filtered data is then exported to a new Excel file with a '-Filtered' suffix added to the original file name. + + + + Remove-RowsWithEmptyCSVStatus + + FilePath + + The path to the Excel file to be processed. + + String + + String + + + None + + + WorksheetName + + The name of the worksheet within the Excel file to be processed. + + String + + String + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + FilePath + + The path to the Excel file to be processed. + + String + + String + + + None + + + WorksheetName + + The name of the worksheet within the Excel file to be processed. + + String + + String + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + + This function requires the ImportExcel module to be installed. + + + + + -------------------------- EXAMPLE 1 -------------------------- + Remove-RowsWithEmptyCSVStatus -FilePath "C:\Reports\Report.xlsx" -WorksheetName "Sheet1" +This command imports data from the "Sheet1" worksheet in the "Report.xlsx" file, removes rows where the 'CSV_Status' column is empty, and saves the filtered data to a new file named "Report-Filtered.xlsx" in the same directory. + + + + + + + + + + Sync-CISExcelAndCsvData + Sync + CISExcelAndCsvData + + Synchronizes and updates data in an Excel worksheet with new information from a CSV file, including audit dates. + + + + The Sync-CISExcelAndCsvData function merges and updates data in a specified Excel worksheet from a CSV file. This includes adding or updating fields for connection status, details, failure reasons, and the date of the update. It's designed to ensure that the Excel document maintains a running log of changes over time, ideal for tracking remediation status and audit history. + + + + Sync-CISExcelAndCsvData + + ExcelPath + + Specifies the path to the Excel file to be updated. This parameter is mandatory. + + String + + String + + + None + + + CsvPath + + Specifies the path to the CSV file containing new data. This parameter is mandatory. + + String + + String + + + None + + + SheetName + + Specifies the name of the worksheet in the Excel file where data will be merged and updated. This parameter is mandatory. + + String + + String + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + ExcelPath + + Specifies the path to the Excel file to be updated. This parameter is mandatory. + + String + + String + + + None + + + CsvPath + + Specifies the path to the CSV file containing new data. This parameter is mandatory. + + String + + String + + + None + + + SheetName + + Specifies the name of the worksheet in the Excel file where data will be merged and updated. This parameter is mandatory. + + String + + String + + + None + + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + + + + + + System.String + + + + + + + + The function accepts strings for file paths and worksheet names. + + + + + + + + + + None + + + + + + + + The function directly updates the Excel file and does not output any objects. + + + + + + + + + - Ensure that the 'ImportExcel' module is installed and up to date to handle Excel file manipulations. + - It is recommended to back up the Excel file before running this function to avoid accidental data loss. + - The CSV file should have columns that match expected headers like 'Connection', 'Details', 'FailureReason', and 'Status' for correct data mapping. + + + + + -------------------------- EXAMPLE 1 -------------------------- + Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -CsvPath "path\to\data.csv" -SheetName "AuditData" +Updates the 'AuditData' worksheet in 'excel.xlsx' with data from 'data.csv', adding new information and the date of the update. + + + + + + + + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Sync-CISExcelAndCsvData + https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Sync-CISExcelAndCsvData + + + + \ No newline at end of file diff --git a/source/en-US/about_M365FoundationsCISReport.help.txt b/source/en-US/about_M365FoundationsCISReport.help.txt index 505bf21..a2c3532 100644 --- a/source/en-US/about_M365FoundationsCISReport.help.txt +++ b/source/en-US/about_M365FoundationsCISReport.help.txt @@ -1,24 +1,76 @@ -TOPIC - about_M365FoundationsCISReport +TOPIC + about_m365foundationscisreport SHORT DESCRIPTION - Automated assessment of 50 CIS 365 Foundations v3.0.0 benchmark. + The `M365FoundationsCISReport` module provides cmdlets for auditing and + reporting on the security compliance of Microsoft 365 environments based on + CIS benchmarks. LONG DESCRIPTION - Automated assessment of 50 CIS 365 Foundations v3.0.0 benchmark. + The `M365FoundationsCISReport` module is designed to help administrators + ensure that their Microsoft 365 environments adhere to the security best + practices outlined by the Center for Internet Security (CIS). The module + includes cmdlets for performing comprehensive security audits, generating + detailed reports, and synchronizing audit results with CIS benchmark Excel + sheets. It aims to streamline the process of maintaining security compliance + and improving the overall security posture of Microsoft 365 environments. + +Optional Subtopics + AUDITING AND REPORTING + The module provides cmdlets that allow for the auditing of various security + aspects of Microsoft 365 environments, including user MFA status, + administrative role licenses, and more. The results can be exported and + analyzed to ensure compliance with CIS benchmarks. + + DATA SYNCHRONIZATION + The module includes functionality to synchronize audit results with CIS + benchmark data stored in Excel sheets. This ensures that the documentation + is always up-to-date with the latest audit findings. EXAMPLES - PS C:\> {{ add examples here }} + # Example 1: Exporting a security audit table to a CSV file + Export-M365SecurityAuditTable -OutputPath "C:\AuditReports\SecurityAudit.csv" + + # Example 2: Retrieving licenses for users in administrative roles + Get-AdminRoleUserLicense -RoleName "Global Administrator" + + # Example 3: Getting MFA status of users + Get-MFAStatus -UserPrincipalName "user@domain.com" + + # Example 4: Performing a security audit based on CIS benchmarks + Invoke-M365SecurityAudit -OutputPath "C:\AuditReports\AuditResults.xlsx" + + # Example 5: Removing rows with empty status values from a CSV file + Remove-RowsWithEmptyCSVStatus -InputPath "C:\AuditReports\AuditResults.csv" -OutputPath "C:\AuditReports\CleanedResults.csv" + + # Example 6: Synchronizing CIS benchmark data with audit results + Sync-CISExcelAndCsvData -ExcelPath "C:\CISBenchmarks\CISBenchmark.xlsx" -CsvPath "C:\AuditReports\AuditResults.csv" -NOTE: - Thank you to all those who contributed to this module, by writing code, sharing opinions, and provided feedback. +NOTE + Ensure that you have the necessary permissions and administrative roles in + your Microsoft 365 environment to run these cmdlets. Proper configuration + and setup are required for accurate audit results. -TROUBLESHOOTING NOTE: - Look out on the Github repository for issues and new releases. +TROUBLESHOOTING NOTE + If you encounter any issues while using the cmdlets, ensure that your + environment meets the module prerequisites. Check for any updates or patches + that may address known bugs. For issues related to specific cmdlets, refer + to the individual help files for troubleshooting tips. SEE ALSO - - {{ Please add Project URI such as github }}} + - + CIS Benchmarks + - + Microsoft 365 Security Documentation + - + PowerShell Documentation KEYWORDS - {{ Add comma separated keywords here }} + - Microsoft 365 + - Security Audit + - CIS Benchmarks + - Compliance + - MFA + - User Licenses + - Security Reporting