vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Add wiki help docs

Browse Source
This commit is contained in:
DrIOS
2024-06-24 15:06:04 -05:00
parent 95da5a3822
commit abe18f1942
9 changed files with 2261 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
help/Export-M365SecurityAuditTable.md
View File

@@ -1,4 +1,4 @@
---
---
external help file: M365FoundationsCISReport-help.xml
Module Name: M365FoundationsCISReport
online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Export-M365SecurityAuditTable
@@ -15,24 +15,25 @@ Exports M365 security audit results to a CSV file or outputs a specific test res
### OutputObjectFromAuditResultsSingle
```
Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [-OutputTestNumber] <String>
[<CommonParameters>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
```
### ExportAllResultsFromAuditResults
```
Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [-ExportAllTests] -ExportPath <String>
[-ExportOriginalTests] [-ExportToExcel] [<CommonParameters>]
[-ExportOriginalTests] [-ExportToExcel] [-ProgressAction <ActionPreference>] [<CommonParameters>]
```
### OutputObjectFromCsvSingle
```
Export-M365SecurityAuditTable [-CsvPath] <String> [-OutputTestNumber] <String> [<CommonParameters>]
Export-M365SecurityAuditTable [-CsvPath] <String> [-OutputTestNumber] <String>
[-ProgressAction <ActionPreference>] [<CommonParameters>]
```
### ExportAllResultsFromCsv
```
Export-M365SecurityAuditTable [-CsvPath] <String> [-ExportAllTests] -ExportPath <String> [-ExportOriginalTests]
[-ExportToExcel] [<CommonParameters>]
[-ExportToExcel] [-ProgressAction <ActionPreference>] [<CommonParameters>]
```
## DESCRIPTION
@@ -44,44 +45,38 @@ It can export all results to a specified path or output a specific test result a
### EXAMPLE 1
```
Export-M365SecurityAuditTable -AuditResults $object -OutputTestNumber 6.1.2
```
# Output object for a single test number from audit results
```
### EXAMPLE 2
```
Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp"
```
# Export all results from audit results to the specified path
```
### EXAMPLE 3
```
Export-M365SecurityAuditTable -CsvPath "C:\temp\auditresultstoday1.csv" -OutputTestNumber 6.1.2
```
# Output object for a single test number from CSV
```
### EXAMPLE 4
```
Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp"
```
# Export all results from CSV to the specified path
```
### EXAMPLE 5
```
Export-M365SecurityAuditTable -ExportAllTests -AuditResults $object -ExportPath "C:\temp" -ExportOriginalTests
```
# Export all results from audit results to the specified path along with the original tests
```
### EXAMPLE 6
```
Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoday1.csv" -ExportPath "C:\temp" -ExportOriginalTests
```
# Export all results from CSV to the specified path along with the original tests
```
## PARAMETERS
@@ -115,6 +110,22 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -OutputTestNumber
The test number to output as an object.
Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".
```yaml
Type: String
Parameter Sets: OutputObjectFromAuditResultsSingle, OutputObjectFromCsvSingle
Aliases:
Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### -ExportAllTests
Switch to export all test results.
@@ -130,21 +141,6 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ExportOriginalTests
Switch to export the original audit results to a CSV file.
```yaml
Type: SwitchParameter
Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
```
### -ExportPath
The path where the CSV files will be exported.
@@ -160,6 +156,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ExportOriginalTests
Switch to export the original audit results to a CSV file.
```yaml
Type: SwitchParameter
Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
```
### -ExportToExcel
Switch to export the results to an Excel file.
@@ -175,17 +186,16 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -OutputTestNumber
The test number to output as an object.
Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: String
Parameter Sets: OutputObjectFromAuditResultsSingle, OutputObjectFromCsvSingle
Aliases:
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: True
Position: 2
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

19
help/Get-AdminRoleUserLicense.md
View File

@@ -1,4 +1,4 @@
---
---
external help file: M365FoundationsCISReport-help.xml
Module Name: M365FoundationsCISReport
online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense
@@ -13,7 +13,7 @@ Retrieves user licenses and roles for administrative accounts from Microsoft 365
## SYNTAX
```
Get-AdminRoleUserLicense [-SkipGraphConnection] [<CommonParameters>]
Get-AdminRoleUserLicense [-SkipGraphConnection] [-ProgressAction <ActionPreference>] [<CommonParameters>]
```
## DESCRIPTION
@@ -54,6 +54,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

24
help/Get-MFAStatus.md
View File

@@ -13,7 +13,8 @@ Retrieves the MFA (Multi-Factor Authentication) status for Azure Active Director
## SYNTAX
```
Get-MFAStatus [[-UserId] <String>] [-SkipMSOLConnectionChecks] [<CommonParameters>]
Get-MFAStatus [[-UserId] <String>] [-SkipMSOLConnectionChecks] [-ProgressAction <ActionPreference>]
[<CommonParameters>]
```
## DESCRIPTION
@@ -25,16 +26,14 @@ Optionally, you can specify a single user by their User Principal Name (UPN) to
### EXAMPLE 1
```
Get-MFAStatus
```
Retrieves the MFA status for all Azure Active Directory users.
```
### EXAMPLE 2
```
Get-MFAStatus -UserId "example@domain.com"
```
Retrieves the MFA status for the specified user with the UPN "example@domain.com".
```
## PARAMETERS
@@ -69,6 +68,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

42
help/Invoke-M365SecurityAudit.md
View File

@@ -15,49 +15,50 @@ Invokes a security audit for Microsoft 365 environments.
### Default (Default)
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>] [-DoNotConnect]
[-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm] [<CommonParameters>]
[-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-ProgressAction <ActionPreference>] [-WhatIf]
[-Confirm] [<CommonParameters>]
```
### ELevelFilter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>] -ELevel <String>
-ProfileLevel <String> [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
[-WhatIf] [-Confirm] [<CommonParameters>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
### IG1Filter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>] [-IncludeIG1]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm]
[<CommonParameters>]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
### IG2Filter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>] [-IncludeIG2]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm]
[<CommonParameters>]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
### IG3Filter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>] [-IncludeIG3]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-WhatIf] [-Confirm]
[<CommonParameters>]
[-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
### RecFilter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>]
-IncludeRecommendation <String[]> [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck]
[-DoNotConfirmConnections] [-WhatIf] [-Confirm] [<CommonParameters>]
[-DoNotConfirmConnections] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
### SkipRecFilter
```
Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-M365DomainForPWPolicyTest <String>]
-SkipRecommendation <String[]> [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
[-WhatIf] [-Confirm] [<CommonParameters>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
```
## DESCRIPTION
@@ -126,8 +127,6 @@ FailureReason: Non-Compliant Accounts: 2
### EXAMPLE 4
```
Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -SkipRecommendation '1.1.3', '2.1.1'
```
Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1.
Output:
Status : Fail
@@ -141,14 +140,14 @@ Details : Non-compliant accounts:
user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM
user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2
FailureReason: Non-Compliant Accounts: 2
```
### EXAMPLE 5
```
$auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com"
PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
```
PS\> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
Captures the audit results into a variable and exports them to a CSV file.
Output:
CISAuditResult\[\]
@@ -397,6 +396,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

5
help/M365FoundationsCISReport.md
View File

@@ -1,4 +1,4 @@
---
---
Module Name: M365FoundationsCISReport
Module Guid: 0d064bfb-d1ce-484b-a173-993b55984dc9
Download Help Link: {{Please enter Link manually}}
@@ -11,6 +11,9 @@ Locale: en-US
The `M365FoundationsCISReport` module provides a set of cmdlets to audit and report on the security compliance of Microsoft 365 environments based on CIS (Center for Internet Security) benchmarks. It enables administrators to generate detailed reports, sync data with CIS Excel sheets, and perform security audits to ensure compliance.
## M365FoundationsCISReport Cmdlets
### [Export-M365SecurityAuditTable](Export-M365SecurityAuditTable.md)
Exports M365 security audit results to a CSV file or outputs a specific test result as an object.
### [Get-AdminRoleUserLicense](Get-AdminRoleUserLicense.md)
Retrieves user licenses and roles for administrative accounts from Microsoft 365 via the Graph API.

25
help/Remove-RowsWithEmptyCSVStatus.md
View File

@@ -1,7 +1,7 @@
---
---
external help file: M365FoundationsCISReport-help.xml
Module Name: M365FoundationsCISReport
online version: https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Invoke-M365SecurityAudit
online version:
schema: 2.0.0
---
@@ -13,7 +13,8 @@ Removes rows from an Excel worksheet where the 'CSV_Status' column is empty and
## SYNTAX
```
Remove-RowsWithEmptyCSVStatus [-FilePath] <String> [-WorksheetName] <String> [<CommonParameters>]
Remove-RowsWithEmptyCSVStatus [-FilePath] <String> [-WorksheetName] <String>
[-ProgressAction <ActionPreference>] [<CommonParameters>]
```
## DESCRIPTION
@@ -25,9 +26,8 @@ The filtered data is then exported to a new Excel file with a '-Filtered' suffix
### EXAMPLE 1
```
Remove-RowsWithEmptyCSVStatus -FilePath "C:\Reports\Report.xlsx" -WorksheetName "Sheet1"
```
This command imports data from the "Sheet1" worksheet in the "Report.xlsx" file, removes rows where the 'CSV_Status' column is empty, and saves the filtered data to a new file named "Report-Filtered.xlsx" in the same directory.
```
## PARAMETERS
@@ -61,6 +61,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

20
help/Sync-CISExcelAndCsvData.md
View File

@@ -14,7 +14,7 @@ Synchronizes and updates data in an Excel worksheet with new information from a
```
Sync-CISExcelAndCsvData [[-ExcelPath] <String>] [[-CsvPath] <String>] [[-SheetName] <String>]
[<CommonParameters>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
```
## DESCRIPTION
@@ -27,9 +27,8 @@ It's designed to ensure that the Excel document maintains a running log of chang
### EXAMPLE 1
```
Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -CsvPath "path\to\data.csv" -SheetName "AuditData"
```
Updates the 'AuditData' worksheet in 'excel.xlsx' with data from 'data.csv', adding new information and the date of the update.
```
## PARAMETERS
@@ -81,6 +80,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
### -ProgressAction
{{ Fill ProgressAction Description }}
```yaml
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
```
### CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).

2043
source/en-US/M365FoundationsCISReport-help.xml Normal file
View File

File diff suppressed because it is too large Load Diff

74
source/en-US/about_M365FoundationsCISReport.help.txt
View File

@@ -1,24 +1,76 @@
TOPIC
about_M365FoundationsCISReport
TOPIC
about_m365foundationscisreport
SHORT DESCRIPTION
Automated assessment of 50 CIS 365 Foundations v3.0.0 benchmark.
The `M365FoundationsCISReport` module provides cmdlets for auditing and
reporting on the security compliance of Microsoft 365 environments based on
CIS benchmarks.
LONG DESCRIPTION
Automated assessment of 50 CIS 365 Foundations v3.0.0 benchmark.
The `M365FoundationsCISReport` module is designed to help administrators
ensure that their Microsoft 365 environments adhere to the security best
practices outlined by the Center for Internet Security (CIS). The module
includes cmdlets for performing comprehensive security audits, generating
detailed reports, and synchronizing audit results with CIS benchmark Excel
sheets. It aims to streamline the process of maintaining security compliance
and improving the overall security posture of Microsoft 365 environments.
Optional Subtopics
AUDITING AND REPORTING
The module provides cmdlets that allow for the auditing of various security
aspects of Microsoft 365 environments, including user MFA status,
administrative role licenses, and more. The results can be exported and
analyzed to ensure compliance with CIS benchmarks.
DATA SYNCHRONIZATION
The module includes functionality to synchronize audit results with CIS
benchmark data stored in Excel sheets. This ensures that the documentation
is always up-to-date with the latest audit findings.
EXAMPLES
PS C:\> {{ add examples here }}
# Example 1: Exporting a security audit table to a CSV file
Export-M365SecurityAuditTable -OutputPath "C:\AuditReports\SecurityAudit.csv"
# Example 2: Retrieving licenses for users in administrative roles
Get-AdminRoleUserLicense -RoleName "Global Administrator"
# Example 3: Getting MFA status of users
Get-MFAStatus -UserPrincipalName "user@domain.com"
# Example 4: Performing a security audit based on CIS benchmarks
Invoke-M365SecurityAudit -OutputPath "C:\AuditReports\AuditResults.xlsx"
# Example 5: Removing rows with empty status values from a CSV file
Remove-RowsWithEmptyCSVStatus -InputPath "C:\AuditReports\AuditResults.csv" -OutputPath "C:\AuditReports\CleanedResults.csv"
# Example 6: Synchronizing CIS benchmark data with audit results
Sync-CISExcelAndCsvData -ExcelPath "C:\CISBenchmarks\CISBenchmark.xlsx" -CsvPath "C:\AuditReports\AuditResults.csv"
NOTE:
Thank you to all those who contributed to this module, by writing code, sharing opinions, and provided feedback.
NOTE
Ensure that you have the necessary permissions and administrative roles in
your Microsoft 365 environment to run these cmdlets. Proper configuration
and setup are required for accurate audit results.
TROUBLESHOOTING NOTE:
Look out on the Github repository for issues and new releases.
TROUBLESHOOTING NOTE
If you encounter any issues while using the cmdlets, ensure that your
environment meets the module prerequisites. Check for any updates or patches
that may address known bugs. For issues related to specific cmdlets, refer
to the individual help files for troubleshooting tips.
SEE ALSO
- {{ Please add Project URI such as github }}}
-
CIS Benchmarks
-
Microsoft 365 Security Documentation
-
PowerShell Documentation
KEYWORDS
{{ Add comma separated keywords here }}
- Microsoft 365
- Security Audit
- CIS Benchmarks
- Compliance
- MFA
- User Licenses
- Security Reporting