vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: formatting

Browse Source
This commit is contained in:
DrIOS
2024-06-30 12:24:36 -05:00
parent 5804ca25c1
commit e993f186af
10 changed files with 9 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
source/Private/Get-CISMSTeamsOutput.ps1
View File

@@ -135,7 +135,6 @@ function Get-CISMSTeamsOutput {
# - Condition A: `AllowAnonymousUsersToJoinMeeting` is not set to `False`. # - Condition A: `AllowAnonymousUsersToJoinMeeting` is not set to `False`.
# - Condition B: Verification using the UI shows that `Anonymous users can join a meeting` is not set to `Off` in the Global meeting policy. # - Condition B: Verification using the UI shows that `Anonymous users can join a meeting` is not set to `Off` in the Global meeting policy.
# - Condition C: PowerShell command output indicates that anonymous users are allowed to join meetings. # - Condition C: PowerShell command output indicates that anonymous users are allowed to join meetings.
# Connect to Teams PowerShell using Connect-MicrosoftTeams # Connect to Teams PowerShell using Connect-MicrosoftTeams
# $teamsMeetingPolicy Mock Object # $teamsMeetingPolicy Mock Object
<# <#

9
source/tests/Test-BlockChannelEmails.ps1
View File

@@ -5,16 +5,14 @@ function Test-BlockChannelEmails {
# Aligned # Aligned
# Parameters can be added here if needed # Parameters can be added here if needed
) )
begin { begin {
# Dot source the class script if necessary # Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.1.2" $recnum = "8.1.2"
Write-Verbose "Running Test-BlockChannelEmails for $recnum..."
} }
process { process {
try { try {
# 8.1.2 (L1) Ensure users can't send emails to a channel email address # 8.1.2 (L1) Ensure users can't send emails to a channel email address
# #
@@ -31,11 +29,9 @@ function Test-BlockChannelEmails {
# - Condition A: The `AllowEmailIntoChannel` setting in Teams is not set to `False`. # - Condition A: The `AllowEmailIntoChannel` setting in Teams is not set to `False`.
# - Condition B: The setting `Users can send emails to a channel email address` is not set to `Off` in the Teams admin center. # - Condition B: The setting `Users can send emails to a channel email address` is not set to `Off` in the Teams admin center.
# - Condition C: Verification using PowerShell indicates that the `AllowEmailIntoChannel` setting is enabled. # - Condition C: Verification using PowerShell indicates that the `AllowEmailIntoChannel` setting is enabled.
# Retrieve Teams client configuration # Retrieve Teams client configuration
$teamsClientConfig = Get-CISMSTeamsOutput -Rec $recnum $teamsClientConfig = Get-CISMSTeamsOutput -Rec $recnum
$allowEmailIntoChannel = $teamsClientConfig.AllowEmailIntoChannel $allowEmailIntoChannel = $teamsClientConfig.AllowEmailIntoChannel
# Prepare failure reasons and details based on compliance # Prepare failure reasons and details based on compliance
$failureReasons = if ($allowEmailIntoChannel) { $failureReasons = if ($allowEmailIntoChannel) {
"Emails can be sent to a channel email address" # Condition A Fail: AllowEmailIntoChannel is True "Emails can be sent to a channel email address" # Condition A Fail: AllowEmailIntoChannel is True
@@ -43,14 +39,12 @@ function Test-BlockChannelEmails {
else { else {
"N/A" # Condition A Pass: AllowEmailIntoChannel is False "N/A" # Condition A Pass: AllowEmailIntoChannel is False
} }
$details = if ($allowEmailIntoChannel) { $details = if ($allowEmailIntoChannel) {
"AllowEmailIntoChannel is set to True" # Condition B Fail: Emails are allowed "AllowEmailIntoChannel is set to True" # Condition B Fail: Emails are allowed
} }
else { else {
"AllowEmailIntoChannel is set to False" # Condition B Pass: Emails are blocked "AllowEmailIntoChannel is set to False" # Condition B Pass: Emails are blocked
} }
# Create and populate the CISAuditResult object # Create and populate the CISAuditResult object
$params = @{ $params = @{
Rec = $recnum Rec = $recnum
@@ -66,7 +60,6 @@ function Test-BlockChannelEmails {
$auditResult = Get-TestError -LastError $LastError -recnum $recnum $auditResult = Get-TestError -LastError $LastError -recnum $recnum
} }
} }
end { end {
# Return the audit result # Return the audit result
return $auditResult return $auditResult

8
source/tests/Test-DialInBypassLobby.ps1
View File

@@ -5,16 +5,14 @@ function Test-DialInBypassLobby {
# Aligned # Aligned
# Parameters can be defined here if needed # Parameters can be defined here if needed
) )
begin { begin {
# Dot source the class script if necessary # Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.4" $recnum = "8.5.4"
Write-Verbose "Running Test-DialInBypassLobby for $recnum..."
} }
process { process {
try { try {
# 8.5.4 (L1) Ensure users dialing in can't bypass the lobby # 8.5.4 (L1) Ensure users dialing in can't bypass the lobby
# #
@@ -40,7 +38,6 @@ function Test-DialInBypassLobby {
#> #>
$CsTeamsMeetingPolicyPSTN = Get-CISMSTeamsOutput -Rec $recnum $CsTeamsMeetingPolicyPSTN = Get-CISMSTeamsOutput -Rec $recnum
$PSTNBypassDisabled = -not $CsTeamsMeetingPolicyPSTN.AllowPSTNUsersToBypassLobby $PSTNBypassDisabled = -not $CsTeamsMeetingPolicyPSTN.AllowPSTNUsersToBypassLobby
# Prepare failure reasons and details based on compliance # Prepare failure reasons and details based on compliance
$failureReasons = if (-not $PSTNBypassDisabled) { $failureReasons = if (-not $PSTNBypassDisabled) {
"Users dialing in can bypass the lobby" "Users dialing in can bypass the lobby"
@@ -48,14 +45,12 @@ function Test-DialInBypassLobby {
else { else {
"N/A" "N/A"
} }
$details = if ($PSTNBypassDisabled) { $details = if ($PSTNBypassDisabled) {
"AllowPSTNUsersToBypassLobby is set to False" "AllowPSTNUsersToBypassLobby is set to False"
} }
else { else {
"AllowPSTNUsersToBypassLobby is set to True" "AllowPSTNUsersToBypassLobby is set to True"
} }
# Create and populate the CISAuditResult object # Create and populate the CISAuditResult object
$params = @{ $params = @{
Rec = $recnum Rec = $recnum
@@ -71,7 +66,6 @@ function Test-DialInBypassLobby {
$auditResult = Get-TestError -LastError $LastError -recnum $recnum $auditResult = Get-TestError -LastError $LastError -recnum $recnum
} }
} }
end { end {
# Return the audit result # Return the audit result
return $auditResult return $auditResult

1
source/tests/Test-MeetingChatNoAnonymous.ps1
View File

@@ -10,6 +10,7 @@ function Test-MeetingChatNoAnonymous {
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.5" $recnum = "8.5.5"
Write-Verbose "Running Test-MeetingChatNoAnonymous for $recnum..."
} }
process { process {
try { try {

1
source/tests/Test-NoAnonymousMeetingJoin.ps1
View File

@@ -10,6 +10,7 @@ function Test-NoAnonymousMeetingJoin {
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.1" $recnum = "8.5.1"
Write-Verbose "Running Test-NoAnonymousMeetingJoin for $recnum..."
} }
process { process {
try { try {

1
source/tests/Test-NoAnonymousMeetingStart.ps1
View File

@@ -10,6 +10,7 @@ function Test-NoAnonymousMeetingStart {
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.2" $recnum = "8.5.2"
Write-Verbose "Running Test-NoAnonymousMeetingStart for $recnum..."
} }
process { process {
try { try {

3
source/tests/Test-OrgOnlyBypassLobby.ps1
View File

@@ -5,14 +5,13 @@ function Test-OrgOnlyBypassLobby {
# Aligned # Aligned
# Parameters can be defined here if needed # Parameters can be defined here if needed
) )
begin { begin {
# Dot source the class script if necessary # Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.3" $recnum = "8.5.3"
Write-Verbose "Running Test-OrgOnlyBypassLobby for $recnum..."
} }
process { process {
try { try {
# 8.5.3 (L1) Ensure only people in my org can bypass the lobby # 8.5.3 (L1) Ensure only people in my org can bypass the lobby

1
source/tests/Test-OrganizersPresent.ps1
View File

@@ -10,6 +10,7 @@ function Test-OrganizersPresent {
#. .\source\Classes\CISAuditResult.ps1 #. .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.5.6" $recnum = "8.5.6"
Write-Verbose "Running Test-OrganizersPresent for $recnum..."
} }
process { process {
try { try {

1
source/tests/Test-TeamsExternalAccess.ps1
View File

@@ -10,6 +10,7 @@ function Test-TeamsExternalAccess {
# . .\source\Classes\CISAuditResult.ps1 # . .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.2.1" $recnum = "8.2.1"
Write-Verbose "Running Test-TeamsExternalAccess for $recnum..."
} }
process { process {
try { try {

3
source/tests/Test-TeamsExternalFileSharing.ps1
View File

@@ -10,18 +10,17 @@ function Test-TeamsExternalFileSharing {
# . .\source\Classes\CISAuditResult.ps1 # . .\source\Classes\CISAuditResult.ps1
# Initialization code, if needed # Initialization code, if needed
$recnum = "8.1.1" $recnum = "8.1.1"
Write-Verbose "Running Test-TeamsExternalFileSharing for $recnum..."
} }
process { process {
try { try {
# 8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage services # 8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage services
# Connect to Teams PowerShell using Connect-MicrosoftTeams # Connect to Teams PowerShell using Connect-MicrosoftTeams
# Condition A: The `AllowDropbox` setting is set to `False`. # Condition A: The `AllowDropbox` setting is set to `False`.
# Condition B: The `AllowBox` setting is set to `False`. # Condition B: The `AllowBox` setting is set to `False`.
# Condition C: The `AllowGoogleDrive` setting is set to `False`. # Condition C: The `AllowGoogleDrive` setting is set to `False`.
# Condition D: The `AllowShareFile` setting is set to `False`. # Condition D: The `AllowShareFile` setting is set to `False`.
# Condition E: The `AllowEgnyte` setting is set to `False`. # Condition E: The `AllowEgnyte` setting is set to `False`.
# Assuming that 'approvedProviders' is a list of approved cloud storage service names # Assuming that 'approvedProviders' is a list of approved cloud storage service names
# This list must be defined according to your organization's approved cloud storage services # This list must be defined according to your organization's approved cloud storage services
# Retrieve the current Teams client configuration # Retrieve the current Teams client configuration