Fix: Update Help

2025-04-21 11:27:41 -05:00
parent 118bb6f227
commit e2ab71f1a8
10 changed files with 521 additions and 386 deletions
--- a/copy.md
+++ b/copy.md
@@ -26,7 +26,7 @@ For full license details, please visit [Creative Commons Attribution-NonCommerci
 The `M365FoundationsCISReport` module relies on several other PowerShell modules to perform its operations. The default run ensures these modules are installed with the specified versions. Use -NoModuleCheck to skip this step if you have installed the required modules previously and would like to suppress any output for automated runs.
-### Required Modules for Audit Functions
+### Minimum Required Modules for Audit Functions
 Default modules used for audit functions:
@@ -58,7 +58,7 @@ $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.
 $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -NoModuleCheck -NoModuleCheck -DoNotConfirmConnections -Confirm:$false
 # Example 2: Exporting a security audit and it's nested tables to zipped CSV files
-Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportNestedTables
+Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp"
    # Output Ex: 2024.07.07_14.55.55_M365FoundationsAudit_368B2E2F.zip
 # Example 3: Retrieving licenses for users in administrative roles
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ For full license details, please visit [Creative Commons Attribution-NonCommerci
 The `M365FoundationsCISReport` module relies on several other PowerShell modules to perform its operations. The default run ensures these modules are installed with the specified versions. Use -NoModuleCheck to skip this step if you have installed the required modules previously and would like to suppress any output for automated runs.
-### Required Modules for Audit Functions
+### Minimum Required Modules for Audit Functions
 Default modules used for audit functions:
@@ -58,7 +58,7 @@ $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.
 $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -NoModuleCheck -NoModuleCheck -DoNotConfirmConnections -Confirm:$false
 # Example 2: Exporting a security audit and it's nested tables to zipped CSV files
-Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportNestedTables
+Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp"
    # Output Ex: 2024.07.07_14.55.55_M365FoundationsAudit_368B2E2F.zip
 # Example 3: Retrieving licenses for users in administrative roles
@@ -97,19 +97,19 @@ If you encounter any issues while using the cmdlets, ensure that your environmen
 - [Microsoft 365 Security Documentation](https://docs.microsoft.com/en-us/microsoft-365/security/)
 - [PowerShell Documentation](https://docs.microsoft.com/en-us/powershell/)
 # M365FoundationsCISReport Module
 ## Export-M365SecurityAuditTable
 ### Synopsis
 Exports Microsoft 365 security audit results to CSV or Excel files and supports outputting specific test results as objects.
 ### Syntax
 ```powershell
-Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [-OutputTestNumber] <String> [-WhatIf] [-Confirm] [<CommonParameters>]
+Export-M365SecurityAuditTable -AuditResults <PSObject[]> -ExportPath <String> [-ExportToExcel] [-Prefix <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [[-ExportNestedTables]] -ExportPath <String> [-ExportOriginalTests] [-ExportToExcel] [-Prefix <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Export-M365SecurityAuditTable -AuditResults <PSObject[]> -OutputTestNumber <String> [-WhatIf] [-Confirm] [<CommonParameters>]
-Export-M365SecurityAuditTable [-CsvPath] <String> [-OutputTestNumber] <String> [-WhatIf] [-Confirm] [<CommonParameters>]
+Export-M365SecurityAuditTable -AuditResults <PSObject[]> -ExportPath <String> [-ExportToExcel] [-Prefix <String>] -OnlyExportNestedTables [-WhatIf] [-Confirm] [<CommonParameters>]
 Export-M365SecurityAuditTable [-CsvPath] <String> [[-ExportNestedTables]] -ExportPath <String> [-ExportOriginalTests] [-ExportToExcel] [-Prefix <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
@@ -119,20 +119,18 @@ Export-M365SecurityAuditTable [-CsvPath] <String> [[-ExportNestedTables]] -Expor
 | Name  | Alias  | Description | Required? | Pipeline Input | Default Value |
 | - | - | - | - | - | - |
 | <nobr>AuditResults</nobr> |  | An array of CISAuditResult objects containing the audit results. This parameter is mandatory when exporting from audit results. | true | false |  |
 | <nobr>CsvPath</nobr> |  | The path to a CSV file containing the audit results. This parameter is mandatory when exporting from a CSV file. | true | false |  |
 | <nobr>OutputTestNumber</nobr> |  | The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". This parameter is used to output a specific test result. | true | false |  |
 | <nobr>ExportNestedTables</nobr> |  | Switch to export all test results. When specified, all test results are exported to the specified path. | false | false | False |
 | <nobr>ExportPath</nobr> |  | The path where the CSV or Excel files will be exported. This parameter is mandatory when exporting all tests. | true | false |  |
 | <nobr>ExportOriginalTests</nobr> |  | Switch to export the original audit results to a CSV file. When specified, the original test results are exported along with the processed results. | false | false | False |
 | <nobr>ExportToExcel</nobr> |  | Switch to export the results to an Excel file. When specified, results are exported in Excel format. | false | false | False |
-| <nobr>Prefix</nobr> |  | Add Prefix to filename after date when outputting to excel or csv. Validate that the count of letters in the prefix is less than 5. | false | false | Corp |
+| <nobr>Prefix</nobr> |  |  | false | false | Corp |
 | <nobr>OnlyExportNestedTables</nobr> |  | ─────────────────────────────────────────────────────────────────────────── 2\) OnlyExportNestedTables: nested tables only into ZIP -AuditResults, -ExportPath, -OnlyExportNestedTables ─────────────────────────────────────────────────────────────────────────── | true | false | False |
 | <nobr>OutputTestNumber</nobr> |  | The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". This parameter is used to output a specific test result. | true | false |  |
 | <nobr>WhatIf</nobr> | wi |  | false | false |  |
 | <nobr>Confirm</nobr> | cf |  | false | false |  |
 ### Inputs
- - \[CISAuditResult\[\\]\\] - An array of CISAuditResult objects. \[string\\] - A path to a CSV file.
+ - \[CISAuditResult\[\]\] - An array of CISAuditResult objects. \[string\] - A path to a CSV file.
 ### Outputs
- - \[PSCustomObject\\] - A custom object containing the path to the zip file and its hash.
+ - \[PSCustomObject\] - A custom object containing the path to the zip file and its hash.
 ### Examples
 **EXAMPLE 1**
@@ -228,9 +226,18 @@ This example retrieves all administrative role users along with their licenses w
 ### Links
 - [https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense](https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense)
 ## Get-M365SecurityAuditRecNumberList
 ### Syntax
 ```powershell
 Get-M365SecurityAuditRecNumberList [[-Version] <string>]
 ```
 ### Parameters
 | Name  | Alias  | Description | Required? | Pipeline Input | Default Value |
 | - | - | - | - | - | - |
 | <nobr>Version</nobr> | None |  | false | false |  |
 ## Get-MFAStatus
 ### Synopsis
-Retrieves the MFA \(Multi-Factor Authentication\) status for Azure Active Directory users.
+Retrieves the MFA \\(Multi-Factor Authentication\) status for Azure Active Directory users.
 ### Syntax
 ```powershell
@@ -243,7 +250,7 @@ Get-MFAStatus [[-UserId] <String>] [-SkipMSOLConnectionChecks] [<CommonParameter
 ### Parameters
 | Name  | Alias  | Description | Required? | Pipeline Input | Default Value |
 | - | - | - | - | - | - |
-| <nobr>UserId</nobr> |  | The User Principal Name \(UPN\) of a specific user to retrieve MFA status for. If not provided, the function retrieves MFA status for all users. | false | false |  |
+| <nobr>UserId</nobr> |  | The User Principal Name \\(UPN\) of a specific user to retrieve MFA status for. If not provided, the function retrieves MFA status for all users. | false | false |  |
 | <nobr>SkipMSOLConnectionChecks</nobr> |  |  | false | false | False |
 ### Outputs
 - System.Object Returns a sorted list of custom objects containing the following properties: - UserPrincipalName - DisplayName - MFAState - MFADefaultMethod - MFAPhoneNumber - PrimarySMTP - Aliases
@@ -284,7 +291,7 @@ Grant-M365SecurityAuditConsent [-UserPrincipalNameForConsent] <String> [-SkipGra
 ### Parameters
 | Name  | Alias  | Description | Required? | Pipeline Input | Default Value |
 | - | - | - | - | - | - |
-| <nobr>UserPrincipalNameForConsent</nobr> |  | The UPN or ID of the user to grant consent for. | true | true \(ByValue, ByPropertyName\) |  |
+| <nobr>UserPrincipalNameForConsent</nobr> |  | The UPN or ID of the user to grant consent for. | true | true \\(ByValue, ByPropertyName\) |  |
 | <nobr>SkipGraphConnection</nobr> |  | If specified, skips connecting to Microsoft Graph. | false | false | False |
 | <nobr>SkipModuleCheck</nobr> |  | If specified, skips the check for the Microsoft.Graph module. | false | false | False |
 | <nobr>SuppressRevertOutput</nobr> |  | If specified, suppresses the output of the revert commands. | false | false | False |
@@ -319,19 +326,19 @@ Invokes a security audit for Microsoft 365 environments.
 ### Syntax
 ```powershell
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -ELevel <String> -ProfileLevel <String> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -ELevel <String> -ProfileLevel <String> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG1 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG1 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG2 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG2 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG3 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeIG3 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeRecommendation <String[]> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeRecommendation <String[]> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
-Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -SkipRecommendation <String[]> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-WhatIf] [-Confirm] [<CommonParameters>]
+Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -SkipRecommendation <String[]> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
@@ -342,27 +349,28 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -Skip
 | - | - | - | - | - | - |
 | <nobr>TenantAdminUrl</nobr> |  | The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run. | false | false |  |
 | <nobr>DomainName</nobr> |  | The domain name of the Microsoft 365 environment to test. It is optional and will trigger various tests to run only for the specified domain. Tests Affected: 2.1.9/Test-EnableDKIM, 1.3.1/Test-PasswordNeverExpirePolicy, 2.1.4/Test-SafeAttachmentsPolicy | false | false |  |
-| <nobr>ELevel</nobr> |  | Specifies the E-Level \(E3 or E5\) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. | true | false |  |
+| <nobr>ELevel</nobr> |  | Specifies the E-Level \\(E3 or E5\) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. | true | false |  |
-| <nobr>ProfileLevel</nobr> |  | Specifies the profile level \(L1 or L2\) for the audit. This parameter is mandatory, but only when ELevel is selected. Otherwise it is not required. | true | false |  |
+| <nobr>ProfileLevel</nobr> |  | Specifies the profile level \\(L1 or L2\) for the audit. This parameter is mandatory, but only when ELevel is selected. Otherwise, it is not required. | true | false |  |
 | <nobr>IncludeIG1</nobr> |  | If specified, includes tests where IG1 is true. | true | false | False |
 | <nobr>IncludeIG2</nobr> |  | If specified, includes tests where IG2 is true. | true | false | False |
 | <nobr>IncludeIG3</nobr> |  | If specified, includes tests where IG3 is true. | true | false | False |
 | <nobr>IncludeRecommendation</nobr> |  | Specifies specific recommendations to include in the audit. Accepts an array of recommendation numbers. | true | false |  |
 | <nobr>SkipRecommendation</nobr> |  | Specifies specific recommendations to exclude from the audit. Accepts an array of recommendation numbers. | true | false |  |
-| <nobr>ApprovedCloudStorageProviders</nobr> |  | Specifies the approved cloud storage providers for the audit. Accepts an array of cloud storage provider names for test 8.1.1/Test-TeamsExternalFileSharing. Acceptable values: 'GoogleDrive', 'ShareFile', 'Box', 'DropBox', 'Egnyte' | false | false | @\(\) |
+| <nobr>ApprovedCloudStorageProviders</nobr> |  | Specifies the approved cloud storage providers for the audit. Accepts an array of cloud storage provider names for test 8.1.1/Test-TeamsExternalFileSharing. Acceptable values: 'GoogleDrive', 'ShareFile', 'Box', 'DropBox', 'Egnyte' | false | false | @\\(\) |
 | <nobr>ApprovedFederatedDomains</nobr> |  | Specifies the approved federated domains for the audit test 8.2.1/Test-TeamsExternalAccess. Accepts an array of allowed domain names. Additional Tests may include this parameter in the future. | false | false |  |
 | <nobr>DoNotConnect</nobr> |  | If specified, the cmdlet will not establish a connection to Microsoft 365 services. | false | false | False |
 | <nobr>DoNotDisconnect</nobr> |  | If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. | false | false | False |
 | <nobr>NoModuleCheck</nobr> |  | If specified, the cmdlet will not check for the presence of required modules. | false | false | False |
 | <nobr>DoNotConfirmConnections</nobr> |  | If specified, the cmdlet will not prompt for confirmation before proceeding with established connections and will disconnect from all of them. | false | false | False |
 | <nobr>AuthParams</nobr> |  | Specifies an authentication object containing parameters for application-based authentication. If provided, this will be used for connecting to services. | false | false |  |
 | <nobr>Version</nobr> |  | Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0". | false | false | 4.0.0 |
 | <nobr>WhatIf</nobr> | wi |  | false | false |  |
 | <nobr>Confirm</nobr> | cf |  | false | false |  |
 ### Inputs
 - None. You cannot pipe objects to Invoke-M365SecurityAudit.
 ### Outputs
- - CISAuditResult\[\\] The cmdlet returns an array of CISAuditResult objects representing the results of the security audit.
+ - CISAuditResult\[\] The cmdlet returns an array of CISAuditResult objects representing the results of the security audit.
 ### Note
 - This module is based on CIS benchmarks. - Governed by the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. - Commercial use is not permitted. This module cannot be sold or used for commercial purposes. - Modifications and sharing are allowed under the same license. - For full license details, visit: https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en - Register for CIS Benchmarks at: https://www.cisecurity.org/cis-benchmarks
@@ -398,12 +406,19 @@ Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com"
 **EXAMPLE 5**
 ```powershell
 Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -Version "3.0.0"
 # Performs a security audit using the CIS benchmark definitions version 3.0.0.
 ```
 **EXAMPLE 6**
 ```powershell
 $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com"
 PS> Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportAllTests
 ```
-**EXAMPLE 6**
+**EXAMPLE 7**
 ```powershell
 # (PowerShell 7.x Only) Creating a new authentication object for the security audit for app-based authentication.
 PS> $authParams = New-M365SecurityAuditAuthObject `
@@ -422,7 +437,7 @@ auditResults.csv
 ```
-**EXAMPLE 7**
+**EXAMPLE 8**
 ```powershell
 Invoke-M365SecurityAudit -WhatIf
 Displays what would happen if the cmdlet is run without actually performing the audit.
@@ -450,7 +465,7 @@ New-M365SecurityAuditAuthObject [-ClientCertThumbPrint] <String> [-ClientId] <St
 | Name  | Alias  | Description | Required? | Pipeline Input | Default Value |
 | - | - | - | - | - | - |
 | <nobr>ClientCertThumbPrint</nobr> |  | The thumbprint of the client certificate used for authentication. It must be a 40-character hexadecimal string. This certificate is used to authenticate the application in Azure AD. | true | false |  |
-| <nobr>ClientId</nobr> |  | The Client ID \(Application ID\) of the Azure AD application. It must be a valid GUID format. | true | false |  |
+| <nobr>ClientId</nobr> |  | The Client ID \\(Application ID\) of the Azure AD application. It must be a valid GUID format. | true | false |  |
 | <nobr>TenantId</nobr> |  | The Tenant ID of the Azure AD directory. It must be a valid GUID format representing your Microsoft 365 tenant. | true | false |  |
 | <nobr>OnMicrosoftUrl</nobr> |  | The URL of your onmicrosoft.com domain. It should be in the format 'example.onmicrosoft.com'. | true | false |  |
 | <nobr>SpAdminUrl</nobr> |  | The SharePoint admin URL, which should end with '-admin.sharepoint.com'. This URL is used for connecting to SharePoint Online. | true | false |  |
@@ -461,7 +476,7 @@ New-M365SecurityAuditAuthObject [-ClientCertThumbPrint] <String> [-ClientId] <St
 - CISAuthenticationParameters The function returns an instance of the CISAuthenticationParameters class containing the authentication details.
 ### Note
-Requires PowerShell 7.0 or later.
+Requires PowerShell 7.0 or later. https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps
 ### Examples
 **EXAMPLE 1**
--- a/docs/index.html
+++ b/docs/index.html
@@ -2,7 +2,7 @@
 <!--
 <auto-generated>
  <synopsis>
-    This code was generated by a tool. on: 08/04/2024 15:16:23
+    This code was generated by a tool. on: 04/21/2025 11:26:56
  </synopsis>
  <description>
    If you'd like to regenerate the documentation, please open up powershell and run
@@ -99,6 +99,7 @@
                  <ul class="nav navbar-nav list-group" id="searchList">
 					<li class="nav-menu list-group-item"><a href="#Export-M365SecurityAuditTable">Export-M365SecurityAuditTable</a></li>
 					<li class="nav-menu list-group-item"><a href="#Get-AdminRoleUserLicense">Get-AdminRoleUserLicense</a></li>
 					<li class="nav-menu list-group-item"><a href="#Get-M365SecurityAuditRecNumberList">Get-M365SecurityAuditRecNumberList</a></li>
 					<li class="nav-menu list-group-item"><a href="#Get-MFAStatus">Get-MFAStatus</a></li>
 					<li class="nav-menu list-group-item"><a href="#Grant-M365SecurityAuditConsent">Grant-M365SecurityAuditConsent</a></li>
 					<li class="nav-menu list-group-item"><a href="#Invoke-M365SecurityAudit">Invoke-M365SecurityAudit</a></li>
@@ -122,13 +123,11 @@
                        </div>
 						<div class="panel panel-default">
                            <div class='panel-body'>
-<pre class="brush: ps">Export-M365SecurityAuditTable [-AuditResults] &lt;CISAuditResult[]&gt; [-OutputTestNumber] &lt;String&gt; [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+<pre class="brush: ps">Export-M365SecurityAuditTable -AuditResults &lt;PSObject[]&gt; -ExportPath &lt;String&gt; [-ExportToExcel] [-Prefix &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Export-M365SecurityAuditTable [-AuditResults] &lt;CISAuditResult[]&gt; [[-ExportNestedTables]] -ExportPath &lt;String&gt; [-ExportOriginalTests] [-ExportToExcel] [-Prefix &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Export-M365SecurityAuditTable -AuditResults &lt;PSObject[]&gt; -OutputTestNumber &lt;String&gt; [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [-OutputTestNumber] &lt;String&gt; [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Export-M365SecurityAuditTable -AuditResults &lt;PSObject[]&gt; -ExportPath &lt;String&gt; [-ExportToExcel] [-Prefix &lt;String&gt;] -OnlyExportNestedTables [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]</pre>
 Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]] -ExportPath &lt;String&gt; [-ExportOriginalTests] [-ExportToExcel] [-Prefix &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]</pre>
                            </div>
 						</div>
 						<div>
@@ -153,30 +152,6 @@ Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]]
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-CsvPath</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>The path to a CSV file containing the audit results. This parameter is mandatory when exporting from a CSV file.</td>
 										<td class="visible-lg visible-md">true</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-OutputTestNumber</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". This parameter is used to output a specific test result.</td>
 										<td class="visible-lg visible-md">true</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-ExportNestedTables</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>Switch to export all test results. When specified, all test results are exported to the specified path.</td>
 										<td class="visible-lg visible-md">false</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg">False</td>
 									</tr>
 									<tr>
 										<td><nobr>-ExportPath</nobr></td>
                                        <td class="visible-lg visible-md"></td>
@@ -185,14 +160,6 @@ Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]]
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-ExportOriginalTests</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>Switch to export the original audit results to a CSV file. When specified, the original test results are exported along with the processed results.</td>
 										<td class="visible-lg visible-md">false</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg">False</td>
 									</tr>
 									<tr>
 										<td><nobr>-ExportToExcel</nobr></td>
                                        <td class="visible-lg visible-md"></td>
@@ -204,11 +171,27 @@ Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]]
 									<tr>
 										<td><nobr>-Prefix</nobr></td>
                                        <td class="visible-lg visible-md"></td>
-										<td>Add Prefix to filename after date when outputting to excel or csv.<br>Validate that the count of letters in the prefix is less than 5.</td>
+										<td></td>
 										<td class="visible-lg visible-md">false</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg">Corp</td>
 									</tr>
 									<tr>
 										<td><nobr>-OnlyExportNestedTables</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>───────────────────────────────────────────────────────────────────────────<br> 2) OnlyExportNestedTables: nested tables only into ZIP<br>    -AuditResults, -ExportPath, -OnlyExportNestedTables<br>───────────────────────────────────────────────────────────────────────────</td>
 										<td class="visible-lg visible-md">true</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg">False</td>
 									</tr>
 									<tr>
 										<td><nobr>-OutputTestNumber</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4". This parameter is used to output a specific test result.</td>
 										<td class="visible-lg visible-md">true</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-WhatIf</nobr></td>
                                        <td class="visible-lg visible-md">wi</td>
@@ -364,6 +347,36 @@ Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]]
                            </div>
 						</div>
 				</div>
 				<div id="Get-M365SecurityAuditRecNumberList" class="toggle_container">
 					<div class="page-header">
 						<h2> Get-M365SecurityAuditRecNumberList </h2>
 					</div>
 						<div>
 							<h3> Parameters </h3>
 							<table class="table table-striped table-bordered table-condensed visible-on">
 								<thead>
 									<tr>
 										<th>Name</th>
                                        <th class="visible-lg visible-md">Alias</th>
 										<th>Description</th>
 										<th class="visible-lg visible-md">Required?</th>
 										<th class="visible-lg">Pipeline Input</th>
 										<th class="visible-lg">Default Value</th>
 									</tr>
 								</thead>
 								<tbody>
 									<tr>
 										<td><nobr>-Version</nobr></td>
                                        <td class="visible-lg visible-md">None</td>
 										<td></td>
 										<td class="visible-lg visible-md">false</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 								</tbody>
 							</table>
 						</div>				
 				</div>
 				<div id="Get-MFAStatus" class="toggle_container">
 					<div class="page-header">
 						<h2> Get-MFAStatus </h2>
@@ -581,26 +594,26 @@ Export-M365SecurityAuditTable [-CsvPath] &lt;String&gt; [[-ExportNestedTables]]
 					<div class="page-header">
 						<h2> Invoke-M365SecurityAudit </h2>
 						<p>Invokes a security audit for Microsoft 365 environments.</p>
-						<p>The Invoke-M365SecurityAudit cmdlet performs a comprehensive security audit based on the specified parameters.<br>It allows auditing of various configurations and settings within a Microsoft 365 environment in alignment with CIS benchmarks designated "Automatic".</p>
+						<p>The Invoke-M365SecurityAudit cmdlet performs a comprehensive security audit based on the specified parameters.<br>It allows auditing of various configurations and settings within a Microsoft 365 environment in alignment with CIS benchmarks designated "Automatic".<br>Supports selection of CIS benchmark definitions version (default is 4.0.0).</p>
 					</div>
                        <div>
                        <h3> Syntax </h3>
                        </div>
 						<div class="panel panel-default">
                            <div class='panel-body'>
-<pre class="brush: ps">Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+<pre class="brush: ps">Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -ELevel &lt;String&gt; -ProfileLevel &lt;String&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -ELevel &lt;String&gt; -ProfileLevel &lt;String&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG1 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG1 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG2 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG2 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG3 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeIG3 [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeRecommendation &lt;String[]&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -IncludeRecommendation &lt;String[]&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]
-Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -SkipRecommendation &lt;String[]&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]</pre>
+Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;String&gt;] -SkipRecommendation &lt;String[]&gt; [-ApprovedCloudStorageProviders &lt;String[]&gt;] [-ApprovedFederatedDomains &lt;String[]&gt;] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams &lt;CISAuthenticationParameters&gt;] [-Version &lt;String&gt;] [-WhatIf] [-Confirm] [&lt;CommonParameters&gt;]</pre>
                            </div>
 						</div>
 						<div>
@@ -644,7 +657,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;Strin
 									<tr>
 										<td><nobr>-ProfileLevel</nobr></td>
                                        <td class="visible-lg visible-md"></td>
-										<td>Specifies the profile level (L1 or L2) for the audit. This parameter is mandatory, but only when ELevel is selected. Otherwise it is not required.</td>
+										<td>Specifies the profile level (L1 or L2) for the audit. This parameter is mandatory, but only when ELevel is selected. Otherwise, it is not required.</td>
 										<td class="visible-lg visible-md">true</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
@@ -745,6 +758,14 @@ Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;Strin
 										<td class="visible-lg">false</td>
 										<td class="visible-lg"></td>
 									</tr>
 									<tr>
 										<td><nobr>-Version</nobr></td>
                                        <td class="visible-lg visible-md"></td>
 										<td>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</td>
 										<td class="visible-lg visible-md">false</td>
 										<td class="visible-lg">false</td>
 										<td class="visible-lg">4.0.0</td>
 									</tr>
 									<tr>
 										<td><nobr>-WhatIf</nobr></td>
                                        <td class="visible-lg visible-md">wi</td>
@@ -808,10 +829,14 @@ Invoke-M365SecurityAudit [-TenantAdminUrl &lt;String&gt;] [-DomainName &lt;Strin
    # Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1.</pre>
 							    <div></div>
 							    <strong>EXAMPLE 5</strong>
 <pre class="brush: ps">Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -Version "3.0.0"
    # Performs a security audit using the CIS benchmark definitions version 3.0.0.</pre>
 							    <div></div>
 							    <strong>EXAMPLE 6</strong>
 <pre class="brush: ps">$auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com"
 PS&gt; Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportAllTests</pre>
 							    <div></div>
-							    <strong>EXAMPLE 6</strong>
+							    <strong>EXAMPLE 7</strong>
 <pre class="brush: ps"># (PowerShell 7.x Only) Creating a new authentication object for the security audit for app-based authentication.
 PS&gt; $authParams = New-M365SecurityAuditAuthObject `
        -ClientCertThumbPrint "ABCDEF1234567890ABCDEF1234567890ABCDEF12" `
@@ -827,7 +852,7 @@ PS&gt; $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
            CISAuditResult[]
            auditResults.csv</pre>
 							    <div></div>
-							    <strong>EXAMPLE 7</strong>
+							    <strong>EXAMPLE 8</strong>
 <pre class="brush: ps">Invoke-M365SecurityAudit -WhatIf
    Displays what would happen if the cmdlet is run without actually performing the audit.
        Output:
@@ -931,7 +956,8 @@ PS&gt; $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
                            <div class='panel-heading'>
                                <h3 class='panel-title'> Note </h3>
                            </div>
-							<div class='panel-body'>Requires PowerShell 7.0 or later.</div>
+							<div class='panel-body'>Requires PowerShell 7.0 or later.
    https://learn.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps</div>
 						</div>
                        <div>
                            <h3> Examples </h3>
--- a/help/Export-M365SecurityAuditTable.md
+++ b/help/Export-M365SecurityAuditTable.md
@@ -12,30 +12,23 @@ Exports M365 security audit results to a CSV file or outputs a specific test res
 ## SYNTAX
-### OutputObjectFromAuditResultsSingle
+### DefaultExport (Default)
 ```
-Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [-OutputTestNumber] <String>
+Export-M365SecurityAuditTable -AuditResults <PSObject[]> -ExportPath <String> [-ExportToExcel]
 [-Prefix <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### SingleObject
 ```
 Export-M365SecurityAuditTable -AuditResults <PSObject[]> -OutputTestNumber <String>
 [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
-### ExportAllResultsFromAuditResults
+### OnlyExportNestedTables
 ```
-Export-M365SecurityAuditTable [-AuditResults] <CISAuditResult[]> [-ExportNestedTables] -ExportPath <String>
+Export-M365SecurityAuditTable -AuditResults <PSObject[]> -ExportPath <String> [-ExportToExcel]
- [-ExportOriginalTests] [-ExportToExcel] [-Prefix <String>] [-ProgressAction <ActionPreference>] [-WhatIf]
+ [-Prefix <String>] [-OnlyExportNestedTables] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm]
- [-Confirm] [<CommonParameters>]
+ [<CommonParameters>]
 ```
 ### OutputObjectFromCsvSingle
 ```
 Export-M365SecurityAuditTable [-CsvPath] <String> [-OutputTestNumber] <String>
 [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### ExportAllResultsFromCsv
 ```
 Export-M365SecurityAuditTable [-CsvPath] <String> [-ExportNestedTables] -ExportPath <String>
 [-ExportOriginalTests] [-ExportToExcel] [-Prefix <String>] [-ProgressAction <ActionPreference>] [-WhatIf]
 [-Confirm] [<CommonParameters>]
 ```
 ## DESCRIPTION
@@ -86,69 +79,23 @@ Export-M365SecurityAuditTable -ExportAllTests -CsvPath "C:\temp\auditresultstoda
 An array of CISAuditResult objects containing the audit results.
 ```yaml
-Type: CISAuditResult[]
+Type: PSObject[]
-Parameter Sets: OutputObjectFromAuditResultsSingle, ExportAllResultsFromAuditResults
+Parameter Sets: (All)
 Aliases:
 Required: True
-Position: 3
+Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -CsvPath
 The path to a CSV file containing the audit results.
 ```yaml
 Type: String
 Parameter Sets: OutputObjectFromCsvSingle, ExportAllResultsFromCsv
 Aliases:
 Required: True
 Position: 3
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -OutputTestNumber
 The test number to output as an object.
 Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".
 ```yaml
 Type: String
 Parameter Sets: OutputObjectFromAuditResultsSingle, OutputObjectFromCsvSingle
 Aliases:
 Required: True
 Position: 2
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -ExportNestedTables
 Switch to export all test results. When specified, all test results are exported to the specified path.
 ```yaml
 Type: SwitchParameter
 Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
 Aliases:
 Required: False
 Position: 1
 Default value: False
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -ExportPath
 The path where the CSV files will be exported.
 ```yaml
 Type: String
-Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
+Parameter Sets: DefaultExport, OnlyExportNestedTables
 Aliases:
 Required: True
@@ -158,27 +105,12 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -ExportOriginalTests
 Switch to export the original audit results to a CSV file.
 ```yaml
 Type: SwitchParameter
 Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
 Aliases:
 Required: False
 Position: Named
 Default value: False
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -ExportToExcel
 Switch to export the results to an Excel file.
 ```yaml
 Type: SwitchParameter
-Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
+Parameter Sets: DefaultExport, OnlyExportNestedTables
 Aliases:
 Required: False
@@ -194,7 +126,7 @@ Validate that the count of letters in the prefix is less than 5.
 ```yaml
 Type: String
-Parameter Sets: ExportAllResultsFromAuditResults, ExportAllResultsFromCsv
+Parameter Sets: DefaultExport, OnlyExportNestedTables
 Aliases:
 Required: False
@@ -204,6 +136,40 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -OnlyExportNestedTables
 ───────────────────────────────────────────────────────────────────────────
 2) OnlyExportNestedTables: nested tables only into ZIP
    -AuditResults, -ExportPath, -OnlyExportNestedTables
 ───────────────────────────────────────────────────────────────────────────
 ```yaml
 Type: SwitchParameter
 Parameter Sets: OnlyExportNestedTables
 Aliases:
 Required: True
 Position: Named
 Default value: False
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -OutputTestNumber
 The test number to output as an object.
 Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".
 ```yaml
 Type: String
 Parameter Sets: SingleObject
 Aliases:
 Required: True
 Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -WhatIf
 Shows what would happen if the cmdlet runs. The cmdlet is not run.
--- a/help/Get-M365SecurityAuditRecNumberList.md
+++ b/help/Get-M365SecurityAuditRecNumberList.md
@@ -0,0 +1,61 @@
 ---
 external help file: M365FoundationsCISReport-help.xml
 Module Name: M365FoundationsCISReport
 online version:
 schema: 2.0.0
 ---
 # Get-M365SecurityAuditRecNumberList
 ## SYNOPSIS
 {{ Fill in the Synopsis }}
 ## SYNTAX
 ```
 Get-M365SecurityAuditRecNumberList [[-Version] <String>] [<CommonParameters>]
 ```
 ## DESCRIPTION
 {{ Fill in the Description }}
 ## EXAMPLES
 ### Example 1
 ```powershell
 PS C:\> {{ Add example code here }}
 ```
 {{ Add example description here }}
 ## PARAMETERS
 ### -Version
 {{ Fill Version Description }}
 ```yaml
 Type: String
 Parameter Sets: (All)
 Aliases:
 Accepted values: 3.0.0, 4.0.0
 Required: False
 Position: 0
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### CommonParameters
 This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
 ## INPUTS
 ### None
 ## OUTPUTS
 ### System.Object
 ## NOTES
 ## RELATED LINKS
--- a/help/Invoke-M365SecurityAudit.md
+++ b/help/Invoke-M365SecurityAudit.md
@@ -17,7 +17,7 @@ Invokes a security audit for Microsoft 365 environments.
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>]
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### ELevelFilter
@@ -25,8 +25,8 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>]
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -ELevel <String>
 -ProfileLevel <String> [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>]
 [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections]
- [-AuthParams <CISAuthenticationParameters>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm]
+ [-AuthParams <CISAuthenticationParameters>] [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf]
- [<CommonParameters>]
+ [-Confirm] [<CommonParameters>]
 ```
 ### IG1Filter
@@ -34,7 +34,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -ELev
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-IncludeIG1]
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### IG2Filter
@@ -42,7 +42,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-Inc
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-IncludeIG2]
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### IG3Filter
@@ -50,7 +50,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-Inc
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-IncludeIG3]
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### RecFilter
@@ -58,7 +58,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] [-Inc
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -IncludeRecommendation <String[]>
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ### SkipRecFilter
@@ -66,7 +66,7 @@ Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -Incl
 Invoke-M365SecurityAudit [-TenantAdminUrl <String>] [-DomainName <String>] -SkipRecommendation <String[]>
 [-ApprovedCloudStorageProviders <String[]>] [-ApprovedFederatedDomains <String[]>] [-DoNotConnect]
 [-DoNotDisconnect] [-NoModuleCheck] [-DoNotConfirmConnections] [-AuthParams <CISAuthenticationParameters>]
- [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Version <String>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 ## DESCRIPTION
@@ -417,6 +417,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -Version
 Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".
 ```yaml
 Type: String
 Parameter Sets: (All)
 Aliases:
 Required: False
 Position: Named
 Default value: 4.0.0
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 ### -WhatIf
 Shows what would happen if the cmdlet runs.
 The cmdlet is not run.
--- a/help/M365FoundationsCISReport.md
+++ b/help/M365FoundationsCISReport.md
@@ -1,4 +1,4 @@
---
+---
 Module Name: M365FoundationsCISReport
 Module Guid: 0d064bfb-d1ce-484b-a173-993b55984dc9
 Download Help Link: {{Please enter Link manually}}
@@ -11,27 +11,30 @@ Locale: en-US
 The `M365FoundationsCISReport` module provides a set of cmdlets to audit and report on the security compliance of Microsoft 365 environments based on CIS (Center for Internet Security) benchmarks. It enables administrators to generate detailed reports, sync data with CIS Excel sheets, and perform security audits to ensure compliance.
 ## M365FoundationsCISReport Cmdlets
-### [Export-M365SecurityAuditTable](Export-M365SecurityAuditTable)
+### [Export-M365SecurityAuditTable](Export-M365SecurityAuditTable.md)
 Exports M365 security audit results to a CSV file or outputs a specific test result as an object.
-### [Get-AdminRoleUserLicense](Get-AdminRoleUserLicense)
+### [Get-AdminRoleUserLicense](Get-AdminRoleUserLicense.md)
 Retrieves user licenses and roles for administrative accounts from Microsoft 365 via the Graph API.
-### [Get-MFAStatus](Get-MFAStatus)
+### [Get-M365SecurityAuditRecNumberList](Get-M365SecurityAuditRecNumberList.md)
 {{ Fill in the Synopsis }}
 ### [Get-MFAStatus](Get-MFAStatus.md)
 Retrieves the MFA (Multi-Factor Authentication) status for Azure Active Directory users.
-### [Grant-M365SecurityAuditConsent](Grant-M365SecurityAuditConsent)
+### [Grant-M365SecurityAuditConsent](Grant-M365SecurityAuditConsent.md)
 Grants Microsoft Graph permissions for an auditor.
-### [Invoke-M365SecurityAudit](Invoke-M365SecurityAudit)
+### [Invoke-M365SecurityAudit](Invoke-M365SecurityAudit.md)
 Invokes a security audit for Microsoft 365 environments.
-### [New-M365SecurityAuditAuthObject](New-M365SecurityAuditAuthObject)
+### [New-M365SecurityAuditAuthObject](New-M365SecurityAuditAuthObject.md)
 Creates a new CISAuthenticationParameters object for Microsoft 365 authentication.
-### [Remove-RowsWithEmptyCSVStatus](Remove-RowsWithEmptyCSVStatus)
+### [Remove-RowsWithEmptyCSVStatus](Remove-RowsWithEmptyCSVStatus.md)
 Removes rows from an Excel worksheet where the 'CSV_Status' column is empty and saves the result to a new file.
-### [Sync-CISExcelAndCsvData](Sync-CISExcelAndCsvData)
+### [Sync-CISExcelAndCsvData](Sync-CISExcelAndCsvData.md)
 Synchronizes and updates data in an Excel worksheet with new information from a CSV file, including audit dates.
--- a/help/about_M365FoundationsCISReport.md
+++ b/help/about_M365FoundationsCISReport.md
@@ -21,7 +21,7 @@ $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.
 $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -ApprovedCloudStorageProviders "DropBox" -ApprovedFederatedDomains "northwind.com"
 # Example 2: Exporting a security audit and it's nested tables to zipped CSV files
-Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportAllTests
+Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp"
    # Output Ex: 2024.07.07_14.55.55_M365FoundationsAudit_368B2E2F.zip
 # Example 3: Retrieving licenses for users in administrative roles
--- a/source/en-US/M365FoundationsCISReport-help.xml
+++ b/source/en-US/M365FoundationsCISReport-help.xml
@@ -15,86 +15,14 @@
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Export-M365SecurityAuditTable</maml:name>
-        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none">
+        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>OutputTestNumber</maml:name>
          <maml:description>
            <maml:para>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
          <maml:name>AuditResults</maml:name>
          <maml:description>
            <maml:para>An array of CISAuditResult objects containing the audit results.</maml:para>
          </maml:description>
-          <command:parameterValue required="true" variableLength="false">CISAuditResult[]</command:parameterValue>
+          <command:parameterValue required="true" variableLength="false">PSObject[]</command:parameterValue>
          <dev:type>
-            <maml:name>CISAuditResult[]</maml:name>
+            <maml:name>PSObject[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
            <maml:para>Shows what would happen if the cmdlet runs. The cmdlet is not run.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="cf">
          <maml:name>Confirm</maml:name>
          <maml:description>
            <maml:para>Prompts you for confirmation before running the cmdlet.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="proga">
          <maml:name>ProgressAction</maml:name>
          <maml:description>
            <maml:para>{{ Fill ProgressAction Description }}</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">ActionPreference</command:parameterValue>
          <dev:type>
            <maml:name>ActionPreference</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Export-M365SecurityAuditTable</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none">
          <maml:name>ExportNestedTables</maml:name>
          <maml:description>
            <maml:para>Switch to export all test results. When specified, all test results are exported to the specified path.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
          <maml:name>AuditResults</maml:name>
          <maml:description>
            <maml:para>An array of CISAuditResult objects containing the audit results.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">CISAuditResult[]</command:parameterValue>
          <dev:type>
            <maml:name>CISAuditResult[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
@@ -111,17 +39,6 @@
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>ExportOriginalTests</maml:name>
          <maml:description>
            <maml:para>Switch to export the original audit results to a CSV file.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>ExportToExcel</maml:name>
          <maml:description>
@@ -182,10 +99,22 @@
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Export-M365SecurityAuditTable</maml:name>
-        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none">
+        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
-          <maml:name>OutputTestNumber</maml:name>
+          <maml:name>AuditResults</maml:name>
          <maml:description>
-            <maml:para>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".</maml:para>
+            <maml:para>An array of CISAuditResult objects containing the audit results.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">PSObject[]</command:parameterValue>
          <dev:type>
            <maml:name>PSObject[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>ExportPath</maml:name>
          <maml:description>
            <maml:para>The path where the CSV files will be exported.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
@@ -194,17 +123,39 @@
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
-        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
+        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
-          <maml:name>CsvPath</maml:name>
+          <maml:name>ExportToExcel</maml:name>
          <maml:description>
-            <maml:para>The path to a CSV file containing the audit results.</maml:para>
+            <maml:para>Switch to export the results to an Excel file.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Prefix</maml:name>
          <maml:description>
            <maml:para>Add Prefix to filename after date when outputting to excel or csv. Validate that the count of letters in the prefix is less than 5.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
-          <dev:defaultValue>None</dev:defaultValue>
+          <dev:defaultValue>Corp</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>OnlyExportNestedTables</maml:name>
          <maml:description>
            <maml:para>───────────────────────────────────────────────────────────────────────────  2) OnlyExportNestedTables: nested tables only into ZIP     -AuditResults, -ExportPath, -OnlyExportNestedTables ───────────────────────────────────────────────────────────────────────────</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
@@ -243,33 +194,22 @@
      </command:syntaxItem>
      <command:syntaxItem>
        <maml:name>Export-M365SecurityAuditTable</maml:name>
-        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none">
+        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
-          <maml:name>ExportNestedTables</maml:name>
+          <maml:name>AuditResults</maml:name>
          <maml:description>
-            <maml:para>Switch to export all test results. When specified, all test results are exported to the specified path.</maml:para>
+            <maml:para>An array of CISAuditResult objects containing the audit results.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">PSObject[]</command:parameterValue>
          <dev:type>
-            <maml:name>SwitchParameter</maml:name>
+            <maml:name>PSObject[]</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
          <maml:name>CsvPath</maml:name>
          <maml:description>
            <maml:para>The path to a CSV file containing the audit results.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
-          <maml:name>ExportPath</maml:name>
+          <maml:name>OutputTestNumber</maml:name>
          <maml:description>
-            <maml:para>The path where the CSV files will be exported.</maml:para>
+            <maml:para>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
@@ -278,40 +218,6 @@
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>ExportOriginalTests</maml:name>
          <maml:description>
            <maml:para>Switch to export the original audit results to a CSV file.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>ExportToExcel</maml:name>
          <maml:description>
            <maml:para>Switch to export the results to an Excel file.</maml:para>
          </maml:description>
          <dev:type>
            <maml:name>SwitchParameter</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>False</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Prefix</maml:name>
          <maml:description>
            <maml:para>Add Prefix to filename after date when outputting to excel or csv. Validate that the count of letters in the prefix is less than 5.</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>Corp</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -349,54 +255,18 @@
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
-      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
+      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>AuditResults</maml:name>
        <maml:description>
          <maml:para>An array of CISAuditResult objects containing the audit results.</maml:para>
        </maml:description>
-        <command:parameterValue required="true" variableLength="false">CISAuditResult[]</command:parameterValue>
+        <command:parameterValue required="true" variableLength="false">PSObject[]</command:parameterValue>
        <dev:type>
-          <maml:name>CISAuditResult[]</maml:name>
+          <maml:name>PSObject[]</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="3" aliases="none">
        <maml:name>CsvPath</maml:name>
        <maml:description>
          <maml:para>The path to a CSV file containing the audit results.</maml:para>
        </maml:description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="2" aliases="none">
        <maml:name>OutputTestNumber</maml:name>
        <maml:description>
          <maml:para>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".</maml:para>
        </maml:description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none">
        <maml:name>ExportNestedTables</maml:name>
        <maml:description>
          <maml:para>Switch to export all test results. When specified, all test results are exported to the specified path.</maml:para>
        </maml:description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>ExportPath</maml:name>
        <maml:description>
@@ -409,18 +279,6 @@
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>ExportOriginalTests</maml:name>
        <maml:description>
          <maml:para>Switch to export the original audit results to a CSV file.</maml:para>
        </maml:description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>ExportToExcel</maml:name>
        <maml:description>
@@ -445,6 +303,30 @@
        </dev:type>
        <dev:defaultValue>Corp</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>OnlyExportNestedTables</maml:name>
        <maml:description>
          <maml:para>───────────────────────────────────────────────────────────────────────────  2) OnlyExportNestedTables: nested tables only into ZIP     -AuditResults, -ExportPath, -OnlyExportNestedTables ───────────────────────────────────────────────────────────────────────────</maml:para>
        </maml:description>
        <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
        <dev:type>
          <maml:name>SwitchParameter</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>False</dev:defaultValue>
      </command:parameter>
      <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>OutputTestNumber</maml:name>
        <maml:description>
          <maml:para>The test number to output as an object. Valid values are "1.1.1", "1.3.1", "6.1.2", "6.1.3", "7.3.4".</maml:para>
        </maml:description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
        <maml:name>WhatIf</maml:name>
        <maml:description>
@@ -694,6 +576,89 @@
      </maml:navigationLink>
    </command:relatedLinks>
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-M365SecurityAuditRecNumberList</command:name>
      <command:verb>Get</command:verb>
      <command:noun>M365SecurityAuditRecNumberList</command:noun>
      <maml:description>
        <maml:para>{{ Fill in the Synopsis }}</maml:para>
      </maml:description>
    </command:details>
    <maml:description>
      <maml:para>{{ Fill in the Description }}</maml:para>
    </maml:description>
    <command:syntax>
      <command:syntaxItem>
        <maml:name>Get-M365SecurityAuditRecNumberList</maml:name>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>{{ Fill Version Description }}</maml:para>
          </maml:description>
          <command:parameterValueGroup>
            <command:parameterValue required="false" command:variableLength="false">3.0.0</command:parameterValue>
            <command:parameterValue required="false" command:variableLength="false">4.0.0</command:parameterValue>
          </command:parameterValueGroup>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
      </command:syntaxItem>
    </command:syntax>
    <command:parameters>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none">
        <maml:name>Version</maml:name>
        <maml:description>
          <maml:para>{{ Fill Version Description }}</maml:para>
        </maml:description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
    </command:parameters>
    <command:inputTypes>
      <command:inputType>
        <dev:type>
          <maml:name>None</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:inputType>
    </command:inputTypes>
    <command:returnValues>
      <command:returnValue>
        <dev:type>
          <maml:name>System.Object</maml:name>
        </dev:type>
        <maml:description>
          <maml:para></maml:para>
        </maml:description>
      </command:returnValue>
    </command:returnValues>
    <maml:alertSet>
      <maml:alert>
        <maml:para></maml:para>
      </maml:alert>
    </maml:alertSet>
    <command:examples>
      <command:example>
        <maml:title>-------------------------- Example 1 --------------------------</maml:title>
        <dev:code>PS C:\&gt; {{ Add example code here }}</dev:code>
        <dev:remarks>
          <maml:para>{{ Add example description here }}</maml:para>
        </dev:remarks>
      </command:example>
    </command:examples>
    <command:relatedLinks />
  </command:command>
  <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
    <command:details>
      <command:name>Get-MFAStatus</command:name>
@@ -1276,6 +1241,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -1428,6 +1405,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -1580,6 +1569,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -1732,6 +1733,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -1885,6 +1898,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -2038,6 +2063,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
          </dev:type>
          <dev:defaultValue>None</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
          <maml:name>Version</maml:name>
          <maml:description>
            <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
          </maml:description>
          <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
          <dev:type>
            <maml:name>String</maml:name>
            <maml:uri />
          </dev:type>
          <dev:defaultValue>4.0.0</dev:defaultValue>
        </command:parameter>
        <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
          <maml:name>WhatIf</maml:name>
          <maml:description>
@@ -2267,6 +2304,18 @@ Retrieves the MFA status for the specified user with the UPN "example@domain.com
        </dev:type>
        <dev:defaultValue>None</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none">
        <maml:name>Version</maml:name>
        <maml:description>
          <maml:para>Specifies the CIS benchmark definitions version to use. Default is 4.0.0. Valid values are "3.0.0" or "4.0.0".</maml:para>
        </maml:description>
        <command:parameterValue required="true" variableLength="false">String</command:parameterValue>
        <dev:type>
          <maml:name>String</maml:name>
          <maml:uri />
        </dev:type>
        <dev:defaultValue>4.0.0</dev:defaultValue>
      </command:parameter>
      <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="wi">
        <maml:name>WhatIf</maml:name>
        <maml:description>
--- a/source/en-US/about_M365FoundationsCISReport.help.txt
+++ b/source/en-US/about_M365FoundationsCISReport.help.txt
@@ -33,7 +33,7 @@ EXAMPLES
    $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -ApprovedCloudStorageProviders "DropBox" -ApprovedFederatedDomains "northwind.com"
    # Example 2: Exporting a security audit and it's nested tables to zipped CSV files
-    Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp" -ExportOriginalTests -ExportAllTests
+    Export-M365SecurityAuditTable -AuditResults $auditResults -ExportPath "C:\temp"
        # Output Ex: 2024.07.07_14.55.55_M365FoundationsAudit_368B2E2F.zip
    # Example 3: Retrieving licenses for users in administrative roles