diff --git a/source/tests/Test-AntiPhishingPolicy.ps1 b/source/tests/Test-AntiPhishingPolicy.ps1 index cd2fbac..61901c6 100644 --- a/source/tests/Test-AntiPhishingPolicy.ps1 +++ b/source/tests/Test-AntiPhishingPolicy.ps1 @@ -2,7 +2,6 @@ function Test-AntiPhishingPolicy { [CmdletBinding()] [OutputType([CISAuditResult])] param () - begin { $recnum = "2.1.7" Write-Verbose "Running Test-AntiPhishingPolicy for $recnum..." @@ -22,14 +21,12 @@ function Test-AntiPhishingPolicy { - Condition B: Critical security features like Spoof Intelligence or Mailbox Intelligence are disabled in the relevant policies. #> } - process { try { # Step 1: Retrieve all anti-phishing policies #$VerbosePreference = "Continue" Write-Verbose "Retrieving all anti-phishing policies..." $antiPhishPolicies = Get-CISExoOutput -Rec $recnum - # Step 2: Initialize variables to track compliance and details $compliantPolicy = $null $details = @() @@ -38,15 +35,12 @@ function Test-AntiPhishingPolicy { $policiesEvaluated = @() $PassedTests = @() $FailedTests = @() - Write-Verbose "Evaluating each policy for compliance..." - # Separate policies based on type $strictPolicy = $antiPhishPolicies | Where-Object { $_.Identity -match "Strict Preset Security Policy" } $standardPolicy = $antiPhishPolicies | Where-Object { $_.Identity -match "Standard Preset Security Policy" } $customPolicies = $antiPhishPolicies | Where-Object { -not ($_.Identity -match "Strict Preset Security Policy" -or $_.Identity -match "Standard Preset Security Policy" -or $_.IsDefault) } $defaultPolicy = $antiPhishPolicies | Where-Object { $_.IsDefault } - # Step 3: Check for Strict Preset Security Policy if ($null -ne $strictPolicy) { Write-Verbose "Evaluating policy: $($strictPolicy.Identity)" @@ -225,7 +219,6 @@ function Test-AntiPhishingPolicy { $auditResult = Get-TestError -LastError $_ -recnum $recnum } } - end { return $auditResult } diff --git a/source/tests/Test-AuditDisabledFalse.ps1 b/source/tests/Test-AuditDisabledFalse.ps1 index fd8436e..ccfc555 100644 --- a/source/tests/Test-AuditDisabledFalse.ps1 +++ b/source/tests/Test-AuditDisabledFalse.ps1 @@ -5,11 +5,9 @@ function Test-AuditDisabledFalse { param ( # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Conditions for 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False' # # Validate test for a pass: @@ -25,18 +23,15 @@ function Test-AuditDisabledFalse { # - Condition A: The `AuditDisabled` organizational setting is set to `True` in the Microsoft 365 admin center. # - Condition B: Using PowerShell, the `AuditDisabled` property in the organization's configuration is set to `True`. # - Condition C: Mailbox auditing is not enabled by default at the organizational level. - # Initialization code, if needed $recnum = "6.1.1" + Write-Verbose "Running Test-AuditDisabledFalse for $recnum..." } - process { try { # 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False' - # Retrieve the AuditDisabled configuration (Condition B) $auditNotDisabled = Get-CISExoOutput -Rec $recnum - # Prepare failure reasons and details based on compliance $failureReasons = if (-not $auditNotDisabled) { "AuditDisabled is set to True" # Condition A Fail @@ -44,14 +39,12 @@ function Test-AuditDisabledFalse { else { "N/A" } - $details = if ($auditNotDisabled) { "Audit is not disabled organizationally" # Condition C Pass } else { "Audit is disabled organizationally" # Condition C Fail } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -67,7 +60,6 @@ function Test-AuditDisabledFalse { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-AuditLogSearch.ps1 b/source/tests/Test-AuditLogSearch.ps1 index 2d44b69..a1a8962 100644 --- a/source/tests/Test-AuditLogSearch.ps1 +++ b/source/tests/Test-AuditLogSearch.ps1 @@ -5,23 +5,20 @@ function Test-AuditLogSearch { # Aligned # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 # Initialization code, if needed $recnum = "3.1.1" - + Write-Verbose "Running Test-AuditLogSearch for $recnum..." <# Conditions for 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled - Validate test for a pass: - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark. - Specific conditions to check: - Condition A: Audit log search is enabled in the Microsoft Purview compliance portal. - Condition B: The audit log retains user and admin activity for 90 days. - Condition C: Audit log search capabilities are functional (search results are displayed for activities within the past 30 days). - Validate test for a fail: - Confirm that the failure conditions in the automated test are consistent with the manual audit results. - Specific conditions to check: @@ -30,14 +27,10 @@ function Test-AuditLogSearch { - Condition C: Audit log search capabilities are non-functional (no search results are displayed for activities within the past 30 days). #> } - process { - try { # 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled - $auditLogResult = Get-CISExoOutput -Rec $recnum - # Prepare failure reasons and details based on compliance $failureReasons = if (-not $auditLogResult) { # Condition A (Fail): Audit log search is not enabled in the Microsoft Purview compliance portal @@ -46,7 +39,6 @@ function Test-AuditLogSearch { else { "N/A" } - $details = if ($auditLogResult) { # Condition A (Pass): Audit log search is enabled in the Microsoft Purview compliance portal "UnifiedAuditLogIngestionEnabled: True" @@ -54,7 +46,6 @@ function Test-AuditLogSearch { else { "UnifiedAuditLogIngestionEnabled: False" } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -70,9 +61,8 @@ function Test-AuditLogSearch { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult } -} +} \ No newline at end of file diff --git a/source/tests/Test-BlockMailForwarding.ps1 b/source/tests/Test-BlockMailForwarding.ps1 index 81177ff..645b783 100644 --- a/source/tests/Test-BlockMailForwarding.ps1 +++ b/source/tests/Test-BlockMailForwarding.ps1 @@ -4,23 +4,20 @@ function Test-BlockMailForwarding { param ( # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 # Initialization code, if needed $recnum = "6.2.1" - + Write-Verbose "Running Test-BlockMailForwarding for $recnum..." <# Conditions for 6.2.1 (L1) Ensure all forms of mail forwarding are blocked and/or disabled - Validate test for a pass: - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark. - Specific conditions to check: - Condition A: Transport rules do not forward email to external domains. - Condition B: Anti-spam outbound policy is configured to disable automatic email forwarding to external domains. - Condition C: No exceptions to the forwarding rules unless explicitly defined by organizational policy. - Validate test for a fail: - Confirm that the failure conditions in the automated test are consistent with the manual audit results. - Specific conditions to check: @@ -29,26 +26,20 @@ function Test-BlockMailForwarding { - Condition C: Unapproved exceptions to the forwarding rules are present. #> } - process { try { # 6.2.1 (L1) Ensure all forms of mail forwarding are blocked and/or disabled - # Step 1: Retrieve the transport rules that redirect messages $transportRules,$nonCompliantSpamPolicies = Get-CISExoOutput -Rec $recnum $transportForwardingBlocked = $transportRules.Count -eq 0 - # Step 2: Check all anti-spam outbound policies $nonCompliantSpamPoliciesArray = @($nonCompliantSpamPolicies) $spamForwardingBlocked = $nonCompliantSpamPoliciesArray.Count -eq 0 - # Determine overall compliance $forwardingBlocked = $transportForwardingBlocked -and $spamForwardingBlocked - # Prepare failure reasons and details based on compliance $failureReasons = @() $details = @() - if ($transportRules -ne 1) { # Fail Condition A $failureReasons += "Mail forwarding rules found: $($transportRules.Name -join ', ')" @@ -58,7 +49,6 @@ function Test-BlockMailForwarding { } $details += "`n" } - if ($nonCompliantSpamPoliciesArray.Count -gt 0) { # Fail Condition B $failureReasons += "Outbound spam policies allowing automatic forwarding found." @@ -67,7 +57,6 @@ function Test-BlockMailForwarding { "$($_.Name)|$($_.AutoForwardingMode)" } } - if ($failureReasons.Count -eq 0) { $failureReasons = "N/A" $details = "Both transport rules and outbound spam policies are configured correctly to block forwarding." @@ -76,7 +65,6 @@ function Test-BlockMailForwarding { $failureReasons = $failureReasons -join " | " $details = $details -join "`n" } - # Populate the audit result $params = @{ Rec = $recnum @@ -92,9 +80,8 @@ function Test-BlockMailForwarding { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult } -} +} \ No newline at end of file diff --git a/source/tests/Test-BlockSharedMailboxSignIn.ps1 b/source/tests/Test-BlockSharedMailboxSignIn.ps1 index 2e6166e..d0edeaf 100644 --- a/source/tests/Test-BlockSharedMailboxSignIn.ps1 +++ b/source/tests/Test-BlockSharedMailboxSignIn.ps1 @@ -8,7 +8,6 @@ function Test-BlockSharedMailboxSignIn { begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code, if needed $recnum = "1.2.2" Write-Verbose "Running Test-BlockSharedMailboxSignIn for $recnum..." @@ -26,7 +25,6 @@ function Test-BlockSharedMailboxSignIn { # - Condition A: One or more shared mailboxes have the "Sign-in blocked" option enabled in the properties pane on the Microsoft 365 admin center. # - Condition B: Using PowerShell, the `AccountEnabled` property for one or more shared mailboxes is set to `True`. } - process { try { # Step: Retrieve shared mailbox details @@ -63,11 +61,9 @@ function Test-BlockSharedMailboxSignIn { $users = Get-CISAadOutput -Rec $recnum # Step: Retrieve details of shared mailboxes from Azure AD (Condition B: Pass/Fail) $sharedMailboxDetails = $users | Where-Object {$_.objectid -in $objectids} - # Step: Identify enabled mailboxes (Condition B: Pass/Fail) $enabledMailboxes = $sharedMailboxDetails | Where-Object { $_.AccountEnabled } | ForEach-Object { $_.DisplayName } $allBlocked = $enabledMailboxes.Count -eq 0 - # Step: Determine failure reasons based on enabled mailboxes (Condition A & B: Fail) $failureReasons = if (-not $allBlocked) { "Some mailboxes have sign-in enabled (AccountEnabled:True):`n$($enabledMailboxes -join ', ')" @@ -75,7 +71,6 @@ function Test-BlockSharedMailboxSignIn { else { "N/A" } - # Step: Prepare details for the audit result (Condition A & B: Pass/Fail) $details = if ($allBlocked) { "All shared mailboxes have sign-in blocked." @@ -83,7 +78,6 @@ function Test-BlockSharedMailboxSignIn { else { "AccountEnabled set to True Mailboxes: $($enabledMailboxes -join ', ')" } - # Step: Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -99,7 +93,6 @@ function Test-BlockSharedMailboxSignIn { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-CommonAttachmentFilter.ps1 b/source/tests/Test-CommonAttachmentFilter.ps1 index 7a77945..0abb2c8 100644 --- a/source/tests/Test-CommonAttachmentFilter.ps1 +++ b/source/tests/Test-CommonAttachmentFilter.ps1 @@ -5,7 +5,6 @@ function Test-CommonAttachmentFilter { # Aligned # Parameters can be added if needed ) - begin { <# Conditions for 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled diff --git a/source/tests/Test-CustomerLockbox.ps1 b/source/tests/Test-CustomerLockbox.ps1 index d71cf5e..9f4b830 100644 --- a/source/tests/Test-CustomerLockbox.ps1 +++ b/source/tests/Test-CustomerLockbox.ps1 @@ -29,7 +29,6 @@ function Test-CustomerLockbox { # - Condition B: Using the SecureScore portal, the Customer Lockbox feature is not enabled. # - Condition C: Using PowerShell, the Customer Lockbox feature is not set to `True`. } - process { try { # Step: Retrieve the organization configuration (Condition C: Pass/Fail) @@ -43,7 +42,6 @@ function Test-CustomerLockbox { else { "N/A" } - # Step: Prepare details for the audit result (Condition A, B, & C: Pass/Fail) $details = if ($customerLockboxEnabled) { "Customer Lockbox Enabled: True" @@ -51,7 +49,6 @@ function Test-CustomerLockbox { else { "Customer Lockbox Enabled: False" } - # Step: Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -67,7 +64,6 @@ function Test-CustomerLockbox { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-ExternalSharingCalendars.ps1 b/source/tests/Test-ExternalSharingCalendars.ps1 index 9cf01d9..0a43079 100644 --- a/source/tests/Test-ExternalSharingCalendars.ps1 +++ b/source/tests/Test-ExternalSharingCalendars.ps1 @@ -5,11 +5,9 @@ function Test-ExternalSharingCalendars { # Aligned # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code, if needed $recnum = "1.3.3" Write-Verbose "Running Test-ExternalSharingCalendars for $recnum..." @@ -27,7 +25,6 @@ function Test-ExternalSharingCalendars { # - Condition A: In the Microsoft 365 admin center, external calendar sharing is enabled. # - Condition B: Using the Exchange Online PowerShell Module, the `OrganizationConfig` property `ExternalSharingEnabled` is set to `True`. } - process { try { # Step: Retrieve sharing policies related to calendar sharing @@ -87,7 +84,6 @@ function Test-ExternalSharingCalendars { else { "Enabled Sharing Policies:`n$($sharingPolicyDetails -join ', ')" } - # Step: Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -103,7 +99,6 @@ function Test-ExternalSharingCalendars { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-IdentifyExternalEmail.ps1 b/source/tests/Test-IdentifyExternalEmail.ps1 index 571b41d..5191899 100644 --- a/source/tests/Test-IdentifyExternalEmail.ps1 +++ b/source/tests/Test-IdentifyExternalEmail.ps1 @@ -9,10 +9,9 @@ function Test-IdentifyExternalEmail { begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code, if needed $recnum = "6.2.3" - + Write-Verbose "Running Test-IdentifyExternalEmail for $recnum..." # Conditions for 6.2.3 (L1) Ensure email from external senders is identified # # Validate test for a pass: @@ -29,16 +28,12 @@ function Test-IdentifyExternalEmail { # - Condition B: The BypassAllowList contains unauthorized email addresses. # - Condition C: External sender tag does not appear in email messages received from external sources. } - process { - try { # 6.2.3 (L1) Ensure email from external senders is identified - # Retrieve external sender tagging configuration $externalInOutlook = Get-CISExoOutput -Rec $recnum $externalTaggingEnabled = ($externalInOutlook | ForEach-Object { $_.Enabled }) -contains $true - # Prepare failure reasons and details based on compliance $failureReasons = if (-not $externalTaggingEnabled) { # Condition A: External tagging is not enabled using PowerShell for all identities. @@ -47,10 +42,8 @@ function Test-IdentifyExternalEmail { else { "N/A" } - # Details for external tagging configuration $details = "Enabled: $($externalTaggingEnabled); AllowList: $($externalInOutlook.AllowList)" - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -66,7 +59,6 @@ function Test-IdentifyExternalEmail { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-MailTipsEnabled.ps1 b/source/tests/Test-MailTipsEnabled.ps1 index aa6d6bc..be58075 100644 --- a/source/tests/Test-MailTipsEnabled.ps1 +++ b/source/tests/Test-MailTipsEnabled.ps1 @@ -5,15 +5,12 @@ function Test-MailTipsEnabled { # Aligned # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 # Initialization code, if needed - - $auditResult = [CISAuditResult]::new() $recnum = "6.5.2" - + Write-Verbose "Running Test-MailTipsEnabled for $recnum..." # Conditions for 6.5.2 (L2) Ensure MailTips are enabled for end users # # Validate test for a pass: @@ -32,18 +29,14 @@ function Test-MailTipsEnabled { # - Condition C: MailTipsGroupMetricsEnabled is not set to True. # - Condition D: MailTipsLargeAudienceThreshold is not set to an acceptable value (default is 25). } - process { try { # 6.5.2 (L2) Ensure MailTips are enabled for end users - # Retrieve organization configuration for MailTips settings $orgConfig = Get-CISExoOutput -Rec $recnum - # Check the MailTips settings (Conditions A, B, C, D) $allTipsEnabled = $orgConfig.MailTipsAllTipsEnabled -and $orgConfig.MailTipsGroupMetricsEnabled -and $orgConfig.MailTipsLargeAudienceThreshold -eq 25 $externalRecipientsTipsEnabled = $orgConfig.MailTipsExternalRecipientsTipsEnabled - # Prepare failure reasons and details based on compliance $failureReasons = if (-not ($allTipsEnabled -and $externalRecipientsTipsEnabled)) { "One or more MailTips settings are not configured as required." @@ -51,14 +44,12 @@ function Test-MailTipsEnabled { else { "N/A" } - $details = if ($allTipsEnabled -and $externalRecipientsTipsEnabled) { "MailTipsAllTipsEnabled: $($orgConfig.MailTipsAllTipsEnabled); MailTipsExternalRecipientsTipsEnabled: $($orgConfig.MailTipsExternalRecipientsTipsEnabled); MailTipsGroupMetricsEnabled: $($orgConfig.MailTipsGroupMetricsEnabled); MailTipsLargeAudienceThreshold: $($orgConfig.MailTipsLargeAudienceThreshold)" } else { "One or more MailTips settings are not configured as required." } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -74,7 +65,6 @@ function Test-MailTipsEnabled { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-MailboxAuditingE3.ps1 b/source/tests/Test-MailboxAuditingE3.ps1 index d05c18c..ab6b2dc 100644 --- a/source/tests/Test-MailboxAuditingE3.ps1 +++ b/source/tests/Test-MailboxAuditingE3.ps1 @@ -4,11 +4,9 @@ function Test-MailboxAuditingE3 { param ( # Parameters can be added if needed ) - begin { <# Conditions for 6.1.2 (L1) Ensure mailbox auditing for E3 users is Enabled - Validate test for a pass: - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark. - Specific conditions to check: @@ -16,7 +14,6 @@ function Test-MailboxAuditingE3 { - Condition B: The `AuditAdmin` actions include `ApplyRecord`, `Create`, `HardDelete`, `MoveToDeletedItems`, `SendAs`, `SendOnBehalf`, `SoftDelete`, `Update`, `UpdateCalendarDelegation`, `UpdateFolderPermissions`, and `UpdateInboxRules`. - Condition C: The `AuditDelegate` actions include `ApplyRecord`, `Create`, `HardDelete`, `MoveToDeletedItems`, `SendAs`, `SendOnBehalf`, `SoftDelete`, `Update`, `UpdateFolderPermissions`, and `UpdateInboxRules`. - Condition D: The `AuditOwner` actions include `ApplyRecord`, `HardDelete`, `MoveToDeletedItems`, `SoftDelete`, `Update`, `UpdateCalendarDelegation`, `UpdateFolderPermissions`, and `UpdateInboxRules`. - Validate test for a fail: - Confirm that the failure conditions in the automated test are consistent with the manual audit results. - Specific conditions to check: @@ -25,24 +22,19 @@ function Test-MailboxAuditingE3 { - Condition C: The `AuditDelegate` actions do not include `ApplyRecord`, `Create`, `HardDelete`, `MoveToDeletedItems`, `SendAs`, `SendOnBehalf`, `SoftDelete`, `Update`, `UpdateFolderPermissions`, and `UpdateInboxRules`. - Condition D: The `AuditOwner` actions do not include `ApplyRecord`, `HardDelete`, `MoveToDeletedItems`, `SoftDelete`, `Update`, `UpdateCalendarDelegation`, `UpdateFolderPermissions`, and `UpdateInboxRules`. #> - # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - - $actionDictionaries = Get-Action -Dictionaries # E3 specific actions $AdminActions = $actionDictionaries.AdminActions.Keys | Where-Object { $_ -notin @("MailItemsAccessed", "Send") } $DelegateActions = $actionDictionaries.DelegateActions.Keys | Where-Object { $_ -notin @("MailItemsAccessed") } $OwnerActions = $actionDictionaries.OwnerActions.Keys | Where-Object { $_ -notin @("MailItemsAccessed", "Send") } - $allFailures = @() $recnum = "6.1.2" + Write-Verbose "Running Test-MailboxAuditingE3 for $recnum..." $allUsers = Get-CISMgOutput -Rec $recnum $processedUsers = @{} # Dictionary to track processed users - } - process { if ($null -ne $allUsers) { $mailboxes = Get-CISExoOutput -Rec $recnum @@ -52,14 +44,11 @@ function Test-MailboxAuditingE3 { Write-Verbose "Skipping already processed user: $($user.UserPrincipalName)" continue } - $userUPN = $user.UserPrincipalName $mailbox = $mailboxes | Where-Object { $_.UserPrincipalName -eq $user.UserPrincipalName } - $missingAdminActions = @() $missingDelegateActions = @() $missingOwnerActions = @() - if ($mailbox.AuditEnabled) { foreach ($action in $AdminActions) { if ($mailbox.AuditAdmin -notcontains $action) { @@ -76,7 +65,6 @@ function Test-MailboxAuditingE3 { $missingOwnerActions += (Get-Action -Actions $action -ActionType "Owner") } } - if ($missingAdminActions.Count -gt 0 -or $missingDelegateActions.Count -gt 0 -or $missingOwnerActions.Count -gt 0) { $allFailures += "$userUPN|True|$($missingAdminActions -join ',')|$($missingDelegateActions -join ',')|$($missingOwnerActions -join ',')" } @@ -84,11 +72,9 @@ function Test-MailboxAuditingE3 { else { $allFailures += "$userUPN|False|||" # Condition A for fail } - # Mark the user as processed $processedUsers[$user.UserPrincipalName] = $true } - # Prepare failure reasons and details based on compliance if ($allFailures.Count -eq 0) { $failureReasons = "N/A" @@ -102,7 +88,6 @@ function Test-MailboxAuditingE3 { else { "UserPrincipalName|AuditEnabled|AdminActionsMissing|DelegateActionsMissing|OwnerActionsMissing`n" + ($allFailures -join "`n") } - # Populate the audit result $params = @{ Rec = $recnum @@ -115,13 +100,10 @@ function Test-MailboxAuditingE3 { } catch { Write-Error "An error occurred during the test: $_" - # Retrieve the description from the test definitions $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum } $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" } - $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ }) - # Call Initialize-CISAuditResult with error parameters $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure } @@ -137,15 +119,12 @@ function Test-MailboxAuditingE3 { $auditResult = Initialize-CISAuditResult @params } } - end { $detailsLength = $details.Length Write-Verbose "Character count of the details: $detailsLength" - if ($detailsLength -gt 32767) { Write-Verbose "Warning: The character count exceeds the limit for Excel cells." } - return $auditResult } } diff --git a/source/tests/Test-MailboxAuditingE5.ps1 b/source/tests/Test-MailboxAuditingE5.ps1 index f0ee6be..0bc9020 100644 --- a/source/tests/Test-MailboxAuditingE5.ps1 +++ b/source/tests/Test-MailboxAuditingE5.ps1 @@ -4,11 +4,9 @@ function Test-MailboxAuditingE5 { param ( # Parameters can be added if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Conditions for 6.1.3 (L1) Ensure mailbox auditing for E5 users is Enabled # # Validate test for a pass: @@ -26,18 +24,16 @@ function Test-MailboxAuditingE5 { # - Condition B: AuditAdmin actions do not include all of the following: ApplyRecord, Create, HardDelete, MailItemsAccessed, MoveToDeletedItems, Send, SendAs, SendOnBehalf, SoftDelete, Update, UpdateCalendarDelegation, UpdateFolderPermissions, UpdateInboxRules. # - Condition C: AuditDelegate actions do not include all of the following: ApplyRecord, Create, HardDelete, MailItemsAccessed, MoveToDeletedItems, SendAs, SendOnBehalf, SoftDelete, Update, UpdateFolderPermissions, UpdateInboxRules. # - Condition D: AuditOwner actions do not include all of the following: ApplyRecord, HardDelete, MailItemsAccessed, MoveToDeletedItems, Send, SoftDelete, Update, UpdateCalendarDelegation, UpdateFolderPermissions, UpdateInboxRules. - $actionDictionaries = Get-Action -Dictionaries $AdminActions = $actionDictionaries.AdminActions.Keys $DelegateActions = $actionDictionaries.DelegateActions.Keys $OwnerActions = $actionDictionaries.OwnerActions.Keys - $allFailures = @() $processedUsers = @{} $recnum = "6.1.3" + Write-Verbose "Running Test-MailboxAuditingE5 for $recnum..." $allUsers = Get-CISMgOutput -Rec $recnum } - process { if ($null -ne $allUsers) { $mailboxes = Get-CISExoOutput -Rec $recnum @@ -47,14 +43,11 @@ function Test-MailboxAuditingE5 { Write-Verbose "Skipping already processed user: $($user.UserPrincipalName)" continue } - $mailbox = $mailboxes | Where-Object { $_.UserPrincipalName -eq $user.UserPrincipalName } $userUPN = $user.UserPrincipalName - $missingAdminActions = @() $missingDelegateActions = @() $missingOwnerActions = @() - if ($mailbox.AuditEnabled) { # Validate Admin actions foreach ($action in $AdminActions) { @@ -74,7 +67,6 @@ function Test-MailboxAuditingE5 { $missingOwnerActions += (Get-Action -Actions $action -ActionType "Owner") # Condition D } } - if ($missingAdminActions.Count -gt 0 -or $missingDelegateActions.Count -gt 0 -or $missingOwnerActions.Count -gt 0) { $allFailures += "$userUPN|True|$($missingAdminActions -join ',')|$($missingDelegateActions -join ',')|$($missingOwnerActions -join ',')" } @@ -82,11 +74,9 @@ function Test-MailboxAuditingE5 { else { $allFailures += "$userUPN|False|||" # Condition A for fail } - # Mark the user as processed $processedUsers[$user.UserPrincipalName] = $true } - # Prepare failure reasons and details based on compliance if ($allFailures.Count -eq 0) { $failureReasons = "N/A" @@ -113,13 +103,10 @@ function Test-MailboxAuditingE5 { } catch { Write-Error "An error occurred during the test: $_" - # Retrieve the description from the test definitions $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum } $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" } - $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ }) - # Call Initialize-CISAuditResult with error parameters $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure } @@ -135,15 +122,12 @@ function Test-MailboxAuditingE5 { $auditResult = Initialize-CISAuditResult @params } } - end { $detailsLength = $details.Length Write-Verbose "Character count of the details: $detailsLength" - if ($detailsLength -gt 32767) { Write-Verbose "Warning: The character count exceeds the limit for Excel cells." } - return $auditResult } } \ No newline at end of file diff --git a/source/tests/Test-ModernAuthExchangeOnline.ps1 b/source/tests/Test-ModernAuthExchangeOnline.ps1 index d4cd0bc..90f82d5 100644 --- a/source/tests/Test-ModernAuthExchangeOnline.ps1 +++ b/source/tests/Test-ModernAuthExchangeOnline.ps1 @@ -5,11 +5,9 @@ function Test-ModernAuthExchangeOnline { # Aligned # Define your parameters here ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Conditions for 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled # # Validate test for a pass: @@ -25,17 +23,14 @@ function Test-ModernAuthExchangeOnline { # - Condition A: Modern authentication for Exchange Online is not enabled. # - Condition B: Exchange Online clients do not use modern authentication to log in to Microsoft 365 mailboxes. # - Condition C: Users of older email clients, such as Outlook 2013 and Outlook 2016, are still able to authenticate to Exchange using Basic Authentication. - $recnum = "6.5.1" + Write-Verbose "Running Test-ModernAuthExchangeOnline for $recnum..." } - process { try { # 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled - # Check modern authentication setting in Exchange Online configuration (Condition A and B) $orgConfig = Get-CISExoOutput -Rec $recnum - # Prepare failure reasons and details based on compliance $failureReasons = if (-not $orgConfig.OAuth2ClientProfileEnabled) { "Modern authentication is disabled" @@ -43,10 +38,8 @@ function Test-ModernAuthExchangeOnline { else { "N/A" } - # Details include the current setting (Condition A and B) $details = "OAuth2ClientProfileEnabled: $($orgConfig.OAuth2ClientProfileEnabled) for Organization: $($orgConfig.Name)" - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -56,15 +49,12 @@ function Test-ModernAuthExchangeOnline { FailureReason = $failureReasons } $auditResult = Initialize-CISAuditResult @params - } catch { $LastError = $_ $auditResult = Get-TestError -LastError $LastError -recnum $recnum } - } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-NoWhitelistDomains.ps1 b/source/tests/Test-NoWhitelistDomains.ps1 index da28030..dc8f958 100644 --- a/source/tests/Test-NoWhitelistDomains.ps1 +++ b/source/tests/Test-NoWhitelistDomains.ps1 @@ -5,24 +5,20 @@ function Test-NoWhitelistDomains { # Aligned # Define your parameters here ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code, if needed $recnum = "6.2.2" - + Write-Verbose "Running Test-NoWhitelistDomains for $recnum..." <# Conditions for 6.2.2 (L1) Ensure mail transport rules do not whitelist specific domains (Automated) - Validate test for a pass: - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark. - Specific conditions to check: - Condition A: No mail transport rules whitelist any specific domains. - Condition B: Verification of mail transport rules using PowerShell shows no domains are whitelisted. - Condition C: Manual review in Exchange Online admin center confirms no whitelisted domains in transport rules. - Validate test for a fail: - Confirm that the failure conditions in the automated test are consistent with the manual audit results. - Specific conditions to check: @@ -31,11 +27,9 @@ function Test-NoWhitelistDomains { - Condition C: Manual review in Exchange Online admin center shows whitelisted domains in transport rules. #> } - process { try { # 6.2.2 (L1) Ensure mail transport rules do not whitelist specific domains - # Retrieve transport rules that whitelist specific domains # Condition A: Checking for transport rules that whitelist specific domains $whitelistedRules = Get-CISExoOutput -Rec $recnum @@ -47,7 +41,6 @@ function Test-NoWhitelistDomains { else { "N/A" } - # Condition C: Prepare details about the whitelisted rules if found $details = if ($whitelistedRules) { $ruleDetails = $whitelistedRules | ForEach-Object { "{0}: {1}" -f $_.Name, ($_.SenderDomainIs -join ', ') } @@ -56,7 +49,6 @@ function Test-NoWhitelistDomains { else { "No transport rules whitelisting specific domains found." } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -72,7 +64,6 @@ function Test-NoWhitelistDomains { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return auditResult return $auditResult diff --git a/source/tests/Test-NotifyMalwareInternal.ps1 b/source/tests/Test-NotifyMalwareInternal.ps1 index 380bcf5..f836b8a 100644 --- a/source/tests/Test-NotifyMalwareInternal.ps1 +++ b/source/tests/Test-NotifyMalwareInternal.ps1 @@ -5,7 +5,6 @@ function Test-NotifyMalwareInternal { # Aligned # Parameters can be added if needed ) - begin { <# # Conditions for 2.1.3 (L1) Ensure notifications for internal users sending malware is Enabled @@ -22,14 +21,12 @@ function Test-NotifyMalwareInternal { # - Condition A: Notifications for internal users sending malware are not enabled in the Microsoft 365 Security & Compliance Center. # - Condition B: Using PowerShell, the `NotifyInternal` property in the anti-malware policy is set to `False` or does not include any valid email addresses for notifications. #> - # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 # Initialization code, if needed $recnum = "2.1.3" Write-Verbose "Running Test-NotifyMalwareInternal for $recnum..." } - process { try { # 2.1.3 Ensure notifications for internal users sending malware is Enabled @@ -51,7 +48,6 @@ function Test-NotifyMalwareInternal { ) #> $malwareNotifications = Get-CISExoOutput -Rec $recnum - # Condition B: Using PowerShell, the `NotifyInternal` property in the anti-malware policy is set to `True` and includes at least one valid email address for notifications. $policiesToReport = @() foreach ($policy in $malwareNotifications) { @@ -59,10 +55,8 @@ function Test-NotifyMalwareInternal { $policiesToReport += "$($policy.Identity): Notifications Disabled" } } - # Determine the result based on the presence of custom policies without notifications $result = $policiesToReport.Count -eq 0 - # Prepare failure reasons and details based on compliance $failureReasons = if ($result) { "N/A" @@ -71,14 +65,12 @@ function Test-NotifyMalwareInternal { # Condition A: Notifications for internal users sending malware are not enabled in the Microsoft 365 Security & Compliance Center. "Some custom policies do not have notifications for internal users sending malware enabled." } - $details = if ($result) { "All custom malware policies have notifications enabled." } else { "Misconfigured Policies: $($policiesToReport -join '`n')" } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -94,7 +86,6 @@ function Test-NotifyMalwareInternal { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-ReportSecurityInTeams.ps1 b/source/tests/Test-ReportSecurityInTeams.ps1 index 589fa6f..2080cb1 100644 --- a/source/tests/Test-ReportSecurityInTeams.ps1 +++ b/source/tests/Test-ReportSecurityInTeams.ps1 @@ -5,20 +5,17 @@ function Test-ReportSecurityInTeams { # Aligned # Parameters can be defined here if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code, if needed $recnum = "8.6.1" + Write-Verbose "Running Test-ReportSecurityInTeams for $recnum..." } - process { try { # Test-ReportSecurityInTeams.ps1 # 8.6.1 (L1) Ensure users can report security concerns in Teams - # Retrieve the necessary settings for Teams and Exchange Online # Condition A: Ensure the 'Report a security concern' setting in the Teams admin center is set to 'On'. $CsTeamsMessagingPolicy = Get-CISMSTeamsOutput -Rec $recnum @@ -35,7 +32,6 @@ function Test-ReportSecurityInTeams { $null -ne $ReportSubmissionPolicy.ReportPhishAddresses -and $ReportSubmissionPolicy.ReportChatMessageToCustomizedAddressEnabled -and -not $ReportSubmissionPolicy.ReportChatMessageEnabled - $detailsString = @" The following settings are required for users to report security concerns in Teams: @@ -75,7 +71,6 @@ ReportChatMessageToCustomizedAddressEnabled: True else { $faildetailstring } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -91,7 +86,6 @@ ReportChatMessageToCustomizedAddressEnabled: True $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-RestrictOutlookAddins.ps1 b/source/tests/Test-RestrictOutlookAddins.ps1 index 4952b24..94755d0 100644 --- a/source/tests/Test-RestrictOutlookAddins.ps1 +++ b/source/tests/Test-RestrictOutlookAddins.ps1 @@ -5,16 +5,14 @@ function Test-RestrictOutlookAddins { # Aligned # Parameters could include credentials or other necessary data ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Initialization code $defaultPolicyFailureDetails = @() $relevantRoles = @('My Custom Apps', 'My Marketplace Apps', 'My ReadWriteMailbox Apps') $recnum = "6.3.1" - + Write-Verbose "Running Test-RestrictOutlookAddins for $recnum..." # Conditions for 6.3.1 (L2) Ensure users installing Outlook add-ins is not allowed # # Validate test for a pass: @@ -29,21 +27,17 @@ function Test-RestrictOutlookAddins { # - Condition A: One or more of the roles MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are checked under Other roles. # - Condition B: Using PowerShell, verify that MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are assigned to users. } - process { try { # 6.3.1 (L2) Ensure users installing Outlook add-ins is not allowed - # Check all mailboxes for custom policies with unallowed add-ins # Check Default Role Assignment Policy $customPolicyFailures, $defaultPolicy = Get-CISExoOutput -Rec $recnum $defaultPolicyRoles = $defaultPolicy.AssignedRoles | Where-Object { $_ -in $relevantRoles } - # Condition A: Verify that the roles MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are unchecked under Other roles. if ($defaultPolicyRoles) { $defaultPolicyFailureDetails = $defaultPolicyRoles } - # Prepare result details string $detailsString = "" if ($customPolicyFailures) { @@ -53,7 +47,6 @@ function Test-RestrictOutlookAddins { else { $detailsString += "Custom Policy Failures: None | " } - $detailsString += "Default Role Assignment Policy: " if ($defaultPolicyFailureDetails) { $detailsString += ($defaultPolicyFailureDetails -join ', ') @@ -61,10 +54,8 @@ function Test-RestrictOutlookAddins { else { $detailsString += "Compliant" } - # Determine result based on findings $isCompliant = -not ($customPolicyFailures -or $defaultPolicyFailureDetails) - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -80,7 +71,6 @@ function Test-RestrictOutlookAddins { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-RestrictStorageProvidersOutlook.ps1 b/source/tests/Test-RestrictStorageProvidersOutlook.ps1 index 1db39e5..0160d82 100644 --- a/source/tests/Test-RestrictStorageProvidersOutlook.ps1 +++ b/source/tests/Test-RestrictStorageProvidersOutlook.ps1 @@ -5,7 +5,6 @@ function Test-RestrictStorageProvidersOutlook { # Aligned # Parameters can be added here if needed ) - begin { <# # 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web @@ -22,25 +21,21 @@ function Test-RestrictStorageProvidersOutlook { # - Condition A: Using PowerShell, verify that `AdditionalStorageProvidersAvailable` is not set to `False` in the OwaMailboxPolicy. # - Condition B: Ensure that the command `Get-OwaMailboxPolicy | Format-Table Name, AdditionalStorageProvidersAvailable` does not return `False`. #> - # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 # Initialization code, if needed $recnum = "6.5.3" + Write-Verbose "Running Test-RestrictStorageProvidersOutlook for $recnum..." } - process { try { # 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web - # Retrieve all OwaMailbox policies $owaPolicies = Get-CISExoOutput -Rec $recnum # Condition A: Check if AdditionalStorageProvidersAvailable is set to False $nonCompliantPolicies = $owaPolicies | Where-Object { $_.AdditionalStorageProvidersAvailable } - # Determine compliance $allPoliciesRestricted = $nonCompliantPolicies.Count -eq 0 - # Prepare failure reasons and details based on compliance $failureReasons = if ($allPoliciesRestricted) { "N/A" @@ -48,14 +43,12 @@ function Test-RestrictStorageProvidersOutlook { else { "One or more OwaMailbox policies allow AdditionalStorageProvidersAvailable." } - $details = if ($allPoliciesRestricted) { "All OwaMailbox policies restrict AdditionalStorageProvidersAvailable" } else { "Non-compliant OwaMailbox policies: $($nonCompliantPolicies.Name -join ', ')" } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -71,7 +64,6 @@ function Test-RestrictStorageProvidersOutlook { $auditResult = Get-TestError -LastError $LastError -recnum $recnum } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-SafeAttachmentsPolicy.ps1 b/source/tests/Test-SafeAttachmentsPolicy.ps1 index 2065728..9337729 100644 --- a/source/tests/Test-SafeAttachmentsPolicy.ps1 +++ b/source/tests/Test-SafeAttachmentsPolicy.ps1 @@ -2,7 +2,6 @@ function Test-SafeAttachmentsPolicy { [CmdletBinding()] [OutputType([CISAuditResult])] param () - begin { $recnum = "2.1.4" Write-Verbose "Running Test-SafeAttachmentsPolicy for $recnum..." @@ -13,7 +12,6 @@ function Test-SafeAttachmentsPolicy { - Check if the policy's action is set to 'Block'. - Confirm the QuarantineTag is set to 'AdminOnlyAccessPolicy'. - Verify that the Redirect setting is disabled. - Validate test for a fail: - If the highest priority Safe Attachments policy's action is not set to 'Block'. - If the QuarantineTag is not set to 'AdminOnlyAccessPolicy'. @@ -55,11 +53,11 @@ function Test-SafeAttachmentsPolicy { # The result is a pass if there are no failure reasons $result = $failureReasons.Count -eq 0 $details = [PSCustomObject]@{ - Policy = $highestPriorityPolicy.Identity - Action = $highestPriorityPolicy.Action - QuarantineTag = $highestPriorityPolicy.QuarantineTag - Redirect = $highestPriorityPolicy.Redirect - Enabled = $highestPriorityPolicy.Enable + Policy = $highestPriorityPolicy.Identity + Action = $highestPriorityPolicy.Action + QuarantineTag = $highestPriorityPolicy.QuarantineTag + Redirect = $highestPriorityPolicy.Redirect + Enabled = $highestPriorityPolicy.Enable } # Format details for output manually $detailsString = "Policy|Action|QuarantineTag|Redirect|Enabled`n" + ($details | diff --git a/source/tests/Test-SafeAttachmentsTeams.ps1 b/source/tests/Test-SafeAttachmentsTeams.ps1 index c850c7e..b9f29b9 100644 --- a/source/tests/Test-SafeAttachmentsTeams.ps1 +++ b/source/tests/Test-SafeAttachmentsTeams.ps1 @@ -8,7 +8,6 @@ function Test-SafeAttachmentsTeams { begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 - # Conditions for 2.1.5 (L2) Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled # # Validate test for a pass: @@ -24,7 +23,6 @@ function Test-SafeAttachmentsTeams { # - Condition A: Safe Attachments for SharePoint is not enabled. # - Condition B: Safe Attachments for OneDrive is not enabled. # - Condition C: Safe Attachments for Microsoft Teams is not enabled. - # Initialization code, if needed $recnum = "2.1.5" Write-Verbose "Running Test-SafeAttachmentsTeams for $recnum..." diff --git a/source/tests/Test-SafeLinksOfficeApps.ps1 b/source/tests/Test-SafeLinksOfficeApps.ps1 index 154a28d..d41777f 100644 --- a/source/tests/Test-SafeLinksOfficeApps.ps1 +++ b/source/tests/Test-SafeLinksOfficeApps.ps1 @@ -5,7 +5,6 @@ function Test-SafeLinksOfficeApps { # Aligned # Define your parameters here if needed ) - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1 @@ -14,7 +13,6 @@ function Test-SafeLinksOfficeApps { Write-Verbose "Running Test-SafeLinksOfficeApps for $recnum..." <# Conditions for 2.1.1 (L2) Ensure Safe Links for Office Applications is Enabled - Validate test for a pass: - Confirm that the automated test results align with the manual audit steps outlined in the CIS benchmark. - Specific conditions to check: @@ -25,7 +23,6 @@ function Test-SafeLinksOfficeApps { - Click protection settings: On - Do not track when users click safe links: Off - Condition B: Using the Exchange Online PowerShell Module, Safe Links policies are retrieved, and the relevant policy shows Safe Links for Office applications is enabled. - Validate test for a fail: - Confirm that the failure conditions in the automated test are consistent with the manual audit results. - Specific conditions to check: @@ -38,7 +35,6 @@ function Test-SafeLinksOfficeApps { - Condition B: Using the Exchange Online PowerShell Module, Safe Links policies are retrieved, and the relevant policy shows Safe Links for Office applications is not enabled. #> } - process { # 2.1.1 (L2) Ensure Safe Links for Office Applications is Enabled # Retrieve all Safe Links policies @@ -51,7 +47,6 @@ function Test-SafeLinksOfficeApps { $result = $misconfiguredDetails.Count -eq 0 $details = if ($result) { "All Safe Links policies are correctly configured." } else { $misconfiguredDetails -join '`n' } $failureReasons = if ($result) { "N/A" } else { "The following Safe Links policies settings do not meet the recommended configuration: $($misconfiguredDetails -join ' | ')" } - # Create and populate the CISAuditResult object $params = @{ Rec = $recnum @@ -64,13 +59,10 @@ function Test-SafeLinksOfficeApps { } catch { Write-Error "An error occurred during the test: $_" - # Retrieve the description from the test definitions $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum } $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" } - $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ }) - # Call Initialize-CISAuditResult with error parameters $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure } @@ -86,7 +78,6 @@ function Test-SafeLinksOfficeApps { $auditResult = Initialize-CISAuditResult @params } } - end { # Return the audit result return $auditResult diff --git a/source/tests/Test-SpamPolicyAdminNotify.ps1 b/source/tests/Test-SpamPolicyAdminNotify.ps1 index 5f39b31..194b441 100644 --- a/source/tests/Test-SpamPolicyAdminNotify.ps1 +++ b/source/tests/Test-SpamPolicyAdminNotify.ps1 @@ -2,7 +2,6 @@ function Test-SpamPolicyAdminNotify { [CmdletBinding()] [OutputType([CISAuditResult])] param () - begin { # Dot source the class script if necessary #. .\source\Classes\CISAuditResult.ps1