add: refactor of object initialization
This commit is contained in:
DrIOS
@@ -4,6 +4,8 @@ The format is based on and uses the types of changes according to [Keep a Change
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
## [0.1.2] - 2024-04-29
|
||||
|
||||
### Added
|
||||
|
||||
- Automated and organized CSV testing and added test 1.1.1.
|
||||
|
||||
@@ -13,16 +13,7 @@ function Initialize-CISAuditResult {
|
||||
[string]$Details,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]$FailureReason,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]$RecDescription,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]$CISControl,
|
||||
|
||||
[Parameter(Mandatory = $true)]
|
||||
[string]$CISDescription
|
||||
[string]$FailureReason
|
||||
)
|
||||
|
||||
# Import the test definitions CSV file
|
||||
@@ -40,9 +31,9 @@ function Initialize-CISAuditResult {
|
||||
$auditResult.IG1 = [bool]::Parse($testDefinition.IG1)
|
||||
$auditResult.IG2 = [bool]::Parse($testDefinition.IG2)
|
||||
$auditResult.IG3 = [bool]::Parse($testDefinition.IG3)
|
||||
$auditResult.RecDescription = $RecDescription
|
||||
$auditResult.CISControl = $CISControl
|
||||
$auditResult.CISDescription = $CISDescription
|
||||
$auditResult.RecDescription = $testDefinition.RecDescription
|
||||
$auditResult.CISControl = $testDefinition.CISControl
|
||||
$auditResult.CISDescription = $testDefinition.CISDescription
|
||||
$auditResult.Automated = [bool]::Parse($testDefinition.Automated)
|
||||
$auditResult.Connection = $testDefinition.Connection
|
||||
$auditResult.CISControlVer = 'v8'
|
||||
|
||||
@@ -71,9 +71,6 @@ function Test-AdministrativeAccountCompliance {
|
||||
Status = $status
|
||||
Details = $details
|
||||
FailureReason = $failureReason
|
||||
RecDescription = "Ensure Administrative accounts are separate and cloud-only"
|
||||
CISControl = "5.4"
|
||||
CISDescription = "Restrict Administrator Privileges to Dedicated Administrator Accounts"
|
||||
}
|
||||
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
|
||||
@@ -66,9 +66,6 @@ function Test-AntiPhishingPolicy {
|
||||
Status = if ($isCompliant) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure that an anti-phishing policy has been created"
|
||||
CISControl = "9.7"
|
||||
CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections"
|
||||
}
|
||||
|
||||
# Create and populate the CISAuditResult object
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-AuditDisabledFalse {
|
||||
Status = if ($auditNotDisabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure 'AuditDisabled' organizationally is set to 'False'"
|
||||
CISControl = "8.2"
|
||||
CISDescription = "Collect Audit Logs"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-AuditLogSearch {
|
||||
Status = if ($auditLogResult) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Microsoft 365 audit log search is Enabled"
|
||||
CISControl = "8.2"
|
||||
CISDescription = "Collect Audit Logs"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-BlockChannelEmails {
|
||||
Status = if (-not $allowEmailIntoChannel) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure users can't send emails to a channel email address"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-BlockMailForwarding {
|
||||
Status = if ($forwardingBlocked) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure all forms of mail forwarding are blocked and/or disabled"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -42,9 +42,6 @@ function Test-BlockSharedMailboxSignIn {
|
||||
Status = if ($allBlocked) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure sign-in to shared mailboxes is blocked"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-CommonAttachmentFilter {
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure the Common Attachment Types Filter is enabled"
|
||||
CISControl = "9.6"
|
||||
CISDescription = "Block Unnecessary File Types"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-CustomerLockbox {
|
||||
Status = if ($customerLockboxEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure the customer lockbox feature is enabled"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-DialInBypassLobby {
|
||||
Status = if ($PSTNBypassDisabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure users dialing in can't bypass the lobby"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-DisallowInfectedFilesDownload {
|
||||
Status = if ($isDisallowInfectedFileDownloadEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Office 365 SharePoint infected files are disallowed for download"
|
||||
CISControl = "10.1"
|
||||
CISDescription = "Deploy and Maintain Anti-Malware Software"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-EnableDKIM {
|
||||
Status = if ($dkimResult) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure that DKIM is enabled for all Exchange Online Domains"
|
||||
CISControl = "9.5"
|
||||
CISDescription = "Implement DMARC"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-ExternalNoControl {
|
||||
Status = if ($externalControlRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure external participants can't give or request control"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -50,9 +50,6 @@ function Test-ExternalSharingCalendars {
|
||||
Status = if ($isExternalSharingDisabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure 'External sharing' of calendars is not available"
|
||||
CISControl = "4.8"
|
||||
CISDescription = "Uninstall or Disable Unnecessary Services on Enterprise Assets and Software"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-GlobalAdminsCount {
|
||||
Status = if ($globalAdminCount -ge 2 -and $globalAdminCount -le 4) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure that between two and four global admins are designated"
|
||||
CISControl = "5.1"
|
||||
CISDescription = "Establish and Maintain an Inventory of Accounts"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-GuestAccessExpiration {
|
||||
Status = if ($isGuestAccessExpirationConfiguredCorrectly) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure guest access to a site or OneDrive will expire automatically"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -43,9 +43,6 @@ function Test-GuestUsersBiweeklyReview {
|
||||
Status = if ($guestUsers) { "Fail" } else { "Pass" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Guest Users are reviewed at least biweekly"
|
||||
CISControl = "5.1, 5.3"
|
||||
CISDescription = "Establish and Maintain an Inventory of Accounts, Disable Dormant Accounts"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-IdentifyExternalEmail {
|
||||
Status = if ($externalTaggingEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure email from external senders is identified"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-LinkSharingRestrictions {
|
||||
Status = if ($isLinkSharingRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure link sharing is restricted in SharePoint and OneDrive"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -43,9 +43,6 @@ function Test-MailTipsEnabled {
|
||||
Status = if ($allTipsEnabled -and $externalRecipientsTipsEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure MailTips are enabled for end users"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -77,9 +77,6 @@ function Test-MailboxAuditingE3 {
|
||||
Status = if ($allFailures.Count -eq 0) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure mailbox auditing for Office E3 users is Enabled"
|
||||
CISControl = "8.2"
|
||||
CISDescription = "Collect audit logs."
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -83,9 +83,6 @@ function Test-MailboxAuditingE5 {
|
||||
Status = if ($allFailures.Count -eq 0) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure mailbox auditing for Office E5 users is Enabled"
|
||||
CISControl = "8.2"
|
||||
CISDescription = "Collect audit logs."
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -41,9 +41,6 @@ function Test-ManagedApprovedPublicGroups {
|
||||
Status = if ($null -eq $allGroups -or $allGroups.Count -eq 0) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure that only organizationally managed/approved public groups exist"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -37,9 +37,6 @@ function Test-MeetingChatNoAnonymous {
|
||||
Status = if ($chatAnonDisabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure meeting chat does not allow anonymous users"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -35,9 +35,6 @@ function Test-ModernAuthExchangeOnline {
|
||||
Status = if ($orgConfig.OAuth2ClientProfileEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure modern authentication for Exchange Online is enabled (Automated)"
|
||||
CISControl = "3.10"
|
||||
CISDescription = "Encrypt Sensitive Data in Transit"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
|
||||
|
||||
@@ -33,9 +33,6 @@ function Test-ModernAuthSharePoint {
|
||||
Status = if ($modernAuthForSPRequired) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Modern Authentication for SharePoint Applications"
|
||||
CISControl = "3.10"
|
||||
CISDescription = "Encrypt Sensitive Data in Transit"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-NoAnonymousMeetingJoin {
|
||||
Status = if (-not $allowAnonymousUsersToJoinMeeting) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure anonymous users can't join a meeting"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-NoAnonymousMeetingStart {
|
||||
Status = if ($anonymousStartDisabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure anonymous users and dial-in callers can't start a meeting"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-NoWhitelistDomains {
|
||||
Status = if ($whitelistedRules) { "Fail" } else { "Pass" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure mail transport rules do not whitelist specific domains"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -49,9 +49,6 @@ function Test-NotifyMalwareInternal {
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure notifications for internal users sending malware is Enabled"
|
||||
CISControl = "17.5"
|
||||
CISDescription = "Assign Key Roles and Responsibilities"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-OneDriveContentRestrictions {
|
||||
Status = if ($isOneDriveSharingRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure OneDrive content sharing is restricted"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-OneDriveSyncRestrictions {
|
||||
Status = if ($isSyncRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure OneDrive sync is restricted for unmanaged devices"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -42,9 +42,6 @@ function Test-OrgOnlyBypassLobby {
|
||||
Status = if ($lobbyBypassRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure only people in my org can bypass the lobby"
|
||||
CISControl = "6.8"
|
||||
CISDescription = "Define and Maintain Role-Based Access Control"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -42,9 +42,6 @@ function Test-OrganizersPresent {
|
||||
Status = if ($presenterRoleRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure only organizers and co-organizers can present"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-PasswordHashSync {
|
||||
Status = if ($hashSyncResult) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure password hash sync is enabled for hybrid deployments"
|
||||
CISControl = "6.7"
|
||||
CISDescription = "Centralize Access Control"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -36,9 +36,6 @@ function Test-PasswordNeverExpirePolicy {
|
||||
Status = if ($passwordPolicy -eq 0) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure the 'Password expiration policy' is set to 'Set passwords to never expire'"
|
||||
CISControl = "5.2"
|
||||
CISDescription = "Use Unique Passwords"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -35,9 +35,6 @@ function Test-ReauthWithCode {
|
||||
Status = if ($isReauthenticationRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure reauthentication with verification code is restricted"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -45,9 +45,6 @@ function Test-ReportSecurityInTeams {
|
||||
Status = if ($securityReportEnabled) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure users can report security concerns in Teams"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -50,9 +50,6 @@ function Test-RestrictCustomScripts {
|
||||
Status = if ($complianceResult) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure custom script execution is restricted on site collections"
|
||||
CISControl = "2.7"
|
||||
CISDescription = "Allowlist Authorized Scripts"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -35,9 +35,6 @@ function Test-RestrictExternalSharing {
|
||||
Status = if ($isRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure external content sharing is restricted"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -67,9 +67,6 @@ function Test-RestrictOutlookAddins {
|
||||
Status = if ($isCompliant) { "Pass" } else { "Fail" }
|
||||
Details = $detailsString
|
||||
FailureReason = if ($isCompliant) { "N/A" } else { "Unauthorized Outlook add-ins found in custom or default policies." }
|
||||
RecDescription = "Ensure users installing Outlook add-ins is not allowed"
|
||||
CISControl = "9.4"
|
||||
CISDescription = "Restrict Unnecessary or Unauthorized Browser and Email Client Extensions"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -43,9 +43,6 @@ function Test-RestrictStorageProvidersOutlook {
|
||||
Status = if ($allPoliciesRestricted) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure additional storage providers are restricted in Outlook on the web"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -35,9 +35,6 @@ function Test-RestrictTenantCreation {
|
||||
Status = if ($tenantCreationResult) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure 'Restrict non-admin users from creating tenants' is set to 'Yes'"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-SafeAttachmentsPolicy {
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Safe Attachments policy is enabled"
|
||||
CISControl = "9.7"
|
||||
CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -47,9 +47,6 @@ function Test-SafeAttachmentsTeams {
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled"
|
||||
CISControl = "9.7, 10.1"
|
||||
CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections, Deploy and Maintain Anti-Malware Software"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -54,9 +54,6 @@ function Test-SafeLinksOfficeApps {
|
||||
Status = if ($result) { "Pass" } else { "Fail" }
|
||||
Details = $details
|
||||
FailureReason = $failureReasons
|
||||
RecDescription = "Ensure Safe Links for Office Applications is Enabled"
|
||||
CISControl = "10.1"
|
||||
CISDescription = "Deploy and Maintain Anti-Malware Software"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -24,9 +24,6 @@ function Test-SharePointAADB2B {
|
||||
Status = if ($SPOTenantAzureADB2B.EnableAzureADB2BIntegration) { "Pass" } else { "Fail" }
|
||||
Details = "EnableAzureADB2BIntegration: $($SPOTenantAzureADB2B.EnableAzureADB2BIntegration)"
|
||||
FailureReason = if (-not $SPOTenantAzureADB2B.EnableAzureADB2BIntegration) { "Azure AD B2B integration is not enabled" } else { "N/A" }
|
||||
RecDescription = "Ensure SharePoint and OneDrive integration with Azure AD B2B is enabled"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -25,9 +25,6 @@ function Test-SharePointExternalSharingDomains {
|
||||
Status = if ($isDomainRestrictionConfigured) { "Pass" } else { "Fail" }
|
||||
Details = "SharingDomainRestrictionMode: $($SPOTenant.SharingDomainRestrictionMode); SharingAllowedDomainList: $($SPOTenant.SharingAllowedDomainList)"
|
||||
FailureReason = if (-not $isDomainRestrictionConfigured) { "Domain restrictions for SharePoint external sharing are not configured to 'AllowList'. Current setting: $($SPOTenant.SharingDomainRestrictionMode)" } else { "N/A" }
|
||||
RecDescription = "Ensure SharePoint external sharing is managed through domain whitelist/blacklists"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -25,9 +25,6 @@ function Test-SharePointGuestsItemSharing {
|
||||
Status = if ($isGuestResharingPrevented) { "Pass" } else { "Fail" }
|
||||
Details = "PreventExternalUsersFromResharing: $isGuestResharingPrevented"
|
||||
FailureReason = if (-not $isGuestResharingPrevented) { "Guest users can reshare items they don't own." } else { "N/A" }
|
||||
RecDescription = "Ensure that SharePoint guest users cannot share items they don't own"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -40,9 +40,6 @@ function Test-SpamPolicyAdminNotify {
|
||||
Status = if ($areSettingsEnabled) { "Pass" } else { "Fail" }
|
||||
Details = if ($areSettingsEnabled) { "Both BccSuspiciousOutboundMail and NotifyOutboundSpam are enabled." } else { $failureDetails -join ' ' }
|
||||
FailureReason = if (-not $areSettingsEnabled) { "One or both spam policies are not set to notify administrators." } else { "N/A" }
|
||||
RecDescription = "Ensure Exchange Online Spam Policies are set to notify administrators"
|
||||
CISControl = "17.5"
|
||||
CISDescription = "Assign Key Roles and Responsibilities"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -35,9 +35,6 @@ function Test-TeamsExternalAccess {
|
||||
Status = if ($isCompliant) { "Pass" } else { "Fail" }
|
||||
Details = "AllowTeamsConsumer: $($externalAccessConfig.AllowTeamsConsumer); AllowPublicUsers: $($externalAccessConfig.AllowPublicUsers); AllowFederatedUsers: $($externalAccessConfig.AllowFederatedUsers); AllowedDomains limited: $allowedDomainsLimited"
|
||||
FailureReason = if (-not $isCompliant) { "One or more external access configurations are not compliant." } else { "N/A" }
|
||||
RecDescription = "Ensure 'external access' is restricted in the Teams admin center"
|
||||
CISControl = "0.0"
|
||||
CISDescription = "Explicitly Not Mapped"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
@@ -39,9 +39,6 @@ function Test-TeamsExternalFileSharing {
|
||||
Status = if ($isCompliant) { "Pass" } else { "Fail" }
|
||||
Details = if (-not $isCompliant) { "Non-approved providers enabled: $($nonCompliantProviders -join ', ')" } else { "All cloud storage services are approved providers" }
|
||||
FailureReason = if (-not $isCompliant) { "The following non-approved providers are enabled: $($nonCompliantProviders -join ', ')" } else { "N/A" }
|
||||
RecDescription = "Ensure external file sharing in Teams is enabled for only approved cloud storage services"
|
||||
CISControl = "3.3"
|
||||
CISDescription = "Configure Data Access Control Lists"
|
||||
}
|
||||
$auditResult = Initialize-CISAuditResult @params
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user