changed name of output functions with prefix 'CIS'

2024-06-23 14:44:25 -05:00
parent a90df5bef4
commit e9bac2fe1c
34 changed files with 95 additions and 36 deletions
--- a/source/Private/Get-CISExoOutput.ps1
+++ b/source/Private/Get-CISExoOutput.ps1
@@ -4,11 +4,11 @@
    .DESCRIPTION
        This sample function is not exported to the module and only return the data passed as parameter.
    .EXAMPLE
-        $null = Get-ExoOutput -PrivateData 'NOTHING TO SEE HERE'
+        $null = Get-CISExoOutput -PrivateData 'NOTHING TO SEE HERE'
    .PARAMETER PrivateData
        The PrivateData parameter is what will be returned without transformation.
 #>
-function Get-ExoOutput {
+function Get-CISExoOutput {
    [cmdletBinding()]
    [OutputType([string])]
    param(
@@ -293,5 +293,5 @@ function Get-ExoOutput {
    end {
        Write-Verbose "Retuning data for Rec: $Rec"
    }
-} # end function Get-MgOutput
+} # end function Get-CISExoOutput

--- a/source/Private/Get-CISMSTeamsOutput.ps1
+++ b/source/Private/Get-CISMSTeamsOutput.ps1
@@ -0,0 +1,32 @@
+function Get-CISMSTeamsOutput
+{
+    <#
+      .SYNOPSIS
+      This is a sample Private function only visible within the module.
+
+      .DESCRIPTION
+      This sample function is not exported to the module and only return the data passed as parameter.
+
+      .EXAMPLE
+      $null = Get-MSTeamsOutput -PrivateData 'NOTHING TO SEE HERE'
+
+      .PARAMETER PrivateData
+      The PrivateData parameter is what will be returned without transformation.
+
+      #>
+    [cmdletBinding()]
+    [OutputType([string])]
+    param
+    (
+        [Parameter()]
+        [String]
+        $PrivateData
+    )
+
+    process
+    {
+        Write-Output $PrivateData
+    }
+
+}
+
--- a/source/Private/Get-CISMgOutput.ps1
+++ b/source/Private/Get-CISMgOutput.ps1
@@ -1,4 +1,4 @@
-function Get-MgOutput {
+function Get-CISMgOutput {
    <#
    .SYNOPSIS
    This is a sample Private function only visible within the module.
@@ -7,7 +7,7 @@ function Get-MgOutput {
    This sample function is not exported to the module and only return the data passed as parameter.

    .EXAMPLE
-    $null = Get-MgOutput -PrivateData 'NOTHING TO SEE HERE'
+    $null = Get-CISMgOutput -PrivateData 'NOTHING TO SEE HERE'

    .PARAMETER PrivateData
    The PrivateData parameter is what will be returned without transformation.
@@ -81,5 +81,5 @@ function Get-MgOutput {
    end {
        Write-Verbose "Retuning data for Rec: $Rec"
    }
-} # end function Get-MgOutput
+} # end function Get-CISMgOutput

--- a/source/tests/Test-AdministrativeAccountCompliance.ps1
+++ b/source/tests/Test-AdministrativeAccountCompliance.ps1
@@ -17,7 +17,7 @@ function Test-AdministrativeAccountCompliance {
        try {
            # Retrieve admin roles, assignments, and user details including licenses
            Write-Verbose "Retrieving admin roles, assignments, and user details including licenses"
-            $adminRoleAssignments = Get-MgOutput -Rec $recnum
+            $adminRoleAssignments = Get-CISMgOutput -Rec $recnum

            $adminRoleUsers = @()

--- a/source/tests/Test-AntiPhishingPolicy.ps1
+++ b/source/tests/Test-AntiPhishingPolicy.ps1
@@ -34,7 +34,7 @@ function Test-AntiPhishingPolicy {

        try {
            # Condition A: Ensure that an anti-phishing policy has been created
-            $antiPhishPolicies = Get-ExoOutput -Rec $recnum
+            $antiPhishPolicies = Get-CISExoOutput -Rec $recnum

            # Condition B: Verify the anti-phishing policy settings using PowerShell
            $validatedPolicies = $antiPhishPolicies | Where-Object {
--- a/source/tests/Test-AuditDisabledFalse.ps1
+++ b/source/tests/Test-AuditDisabledFalse.ps1
@@ -35,7 +35,7 @@ function Test-AuditDisabledFalse {
            # 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False'

            # Retrieve the AuditDisabled configuration (Condition B)
-            $auditNotDisabled = Get-ExoOutput -Rec $recnum
+            $auditNotDisabled = Get-CISExoOutput -Rec $recnum

            # Prepare failure reasons and details based on compliance
            $failureReasons = if (-not $auditNotDisabled) {
--- a/source/tests/Test-AuditLogSearch.ps1
+++ b/source/tests/Test-AuditLogSearch.ps1
@@ -36,7 +36,7 @@ function Test-AuditLogSearch {
        try {
            # 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled

-            $auditLogResult = Get-ExoOutput -Rec $recnum
+            $auditLogResult = Get-CISExoOutput -Rec $recnum

            # Prepare failure reasons and details based on compliance
            $failureReasons = if (-not $auditLogResult) {
--- a/source/tests/Test-BlockMailForwarding.ps1
+++ b/source/tests/Test-BlockMailForwarding.ps1
@@ -35,7 +35,7 @@ function Test-BlockMailForwarding {
            # 6.2.1 (L1) Ensure all forms of mail forwarding are blocked and/or disabled

            # Step 1: Retrieve the transport rules that redirect messages
-            $transportRules,$nonCompliantSpamPolicies = Get-ExoOutput -Rec $recnum
+            $transportRules,$nonCompliantSpamPolicies = Get-CISExoOutput -Rec $recnum
            $transportForwardingBlocked = $transportRules.Count -eq 0

            # Step 2: Check all anti-spam outbound policies
--- a/source/tests/Test-BlockSharedMailboxSignIn.ps1
+++ b/source/tests/Test-BlockSharedMailboxSignIn.ps1
@@ -30,7 +30,7 @@ function Test-BlockSharedMailboxSignIn {
    process {
        try {
            # Step: Retrieve shared mailbox details
-            $MBX = Get-ExoOutput -Rec $recnum
+            $MBX = Get-CISExoOutput -Rec $recnum

            # Step: Retrieve details of shared mailboxes from Azure AD (Condition B: Pass/Fail)
            $sharedMailboxDetails = $MBX | ForEach-Object { Get-AzureADUser -ObjectId $_.ExternalDirectoryObjectId }
--- a/source/tests/Test-CommonAttachmentFilter.ps1
+++ b/source/tests/Test-CommonAttachmentFilter.ps1
@@ -38,7 +38,7 @@ function Test-CommonAttachmentFilter {
            # Condition B: Using Exchange Online PowerShell, verify that the `EnableFileFilter` property of the default malware filter policy is set to `True`.

            # Retrieve the attachment filter policy
-            $result = Get-ExoOutput -Rec $recnum
+            $result = Get-CISExoOutput -Rec $recnum

            # Prepare failure reasons and details based on compliance
            $failureReasons = if (-not $result) {
--- a/source/tests/Test-CustomerLockbox.ps1
+++ b/source/tests/Test-CustomerLockbox.ps1
@@ -33,7 +33,7 @@ function Test-CustomerLockbox {
    process {
        try {
            # Step: Retrieve the organization configuration (Condition C: Pass/Fail)
-            $customerLockboxEnabled = Get-ExoOutput -Rec $recnum
+            $customerLockboxEnabled = Get-CISExoOutput -Rec $recnum

            # Step: Prepare failure reasons and details based on compliance (Condition A, B, & C: Fail)
            $failureReasons = if (-not $customerLockboxEnabled) {
--- a/source/tests/Test-EnableDKIM.ps1
+++ b/source/tests/Test-EnableDKIM.ps1
@@ -36,7 +36,7 @@ function Test-EnableDKIM {
            # 2.1.9 (L1) Ensure DKIM is enabled for all Exchange Online Domains

            # Retrieve DKIM configuration for all domains
-            $dkimConfig = Get-ExoOutput -Rec $recnum
+            $dkimConfig = Get-CISExoOutput -Rec $recnum
            $dkimResult = ($dkimConfig | ForEach-Object { $_.Enabled }) -notcontains $false
            $dkimFailedDomains = $dkimConfig | Where-Object { -not $_.Enabled } | ForEach-Object { $_.Domain }

--- a/source/tests/Test-ExternalSharingCalendars.ps1
+++ b/source/tests/Test-ExternalSharingCalendars.ps1
@@ -31,7 +31,7 @@ function Test-ExternalSharingCalendars {
    process {
        try {
            # Step: Retrieve sharing policies related to calendar sharing
-            $sharingPolicies = Get-ExoOutput -Rec $recnum
+            $sharingPolicies = Get-CISExoOutput -Rec $recnum

            # Step (Condition A & B: Pass/Fail): Check if calendar sharing is disabled in all applicable policies
            $isExternalSharingDisabled = $true
--- a/source/tests/Test-GlobalAdminsCount.ps1
+++ b/source/tests/Test-GlobalAdminsCount.ps1
@@ -30,7 +30,7 @@ function Test-GlobalAdminsCount {

    process {
        try {
-            $globalAdmins = Get-MgOutput -Rec $recnum
+            $globalAdmins = Get-CISMgOutput -Rec $recnum

            # Step: Count the number of global admins
            $globalAdminCount = $globalAdmins.Count
--- a/source/tests/Test-IdentifyExternalEmail.ps1
+++ b/source/tests/Test-IdentifyExternalEmail.ps1
@@ -36,7 +36,7 @@ function Test-IdentifyExternalEmail {
            # 6.2.3 (L1) Ensure email from external senders is identified

            # Retrieve external sender tagging configuration
-            $externalInOutlook = Get-ExoOutput -Rec $recnum
+            $externalInOutlook = Get-CISExoOutput -Rec $recnum
            $externalTaggingEnabled = ($externalInOutlook | ForEach-Object { $_.Enabled }) -contains $true

            # Prepare failure reasons and details based on compliance
--- a/source/tests/Test-MailTipsEnabled.ps1
+++ b/source/tests/Test-MailTipsEnabled.ps1
@@ -38,7 +38,7 @@ function Test-MailTipsEnabled {
            # 6.5.2 (L2) Ensure MailTips are enabled for end users

            # Retrieve organization configuration for MailTips settings
-            $orgConfig = Get-ExoOutput -Rec $recnum
+            $orgConfig = Get-CISExoOutput -Rec $recnum

            # Check the MailTips settings (Conditions A, B, C, D)
            $allTipsEnabled = $orgConfig.MailTipsAllTipsEnabled -and $orgConfig.MailTipsGroupMetricsEnabled -and $orgConfig.MailTipsLargeAudienceThreshold -eq 25
--- a/source/tests/Test-MailboxAuditingE3.ps1
+++ b/source/tests/Test-MailboxAuditingE3.ps1
@@ -38,14 +38,14 @@ function Test-MailboxAuditingE3 {

        $allFailures = @()
        $recnum = "6.1.2"
-        $allUsers = Get-MgOutput -Rec $recnum
+        $allUsers = Get-CISMgOutput -Rec $recnum
        $processedUsers = @{}  # Dictionary to track processed users

    }

    process {
        if ($null -ne $allUsers) {
-            $mailboxes = Get-ExoOutput -Rec $recnum
+            $mailboxes = Get-CISExoOutput -Rec $recnum
            try {
                foreach ($user in $allUsers) {
                    if ($processedUsers.ContainsKey($user.UserPrincipalName)) {
--- a/source/tests/Test-MailboxAuditingE5.ps1
+++ b/source/tests/Test-MailboxAuditingE5.ps1
@@ -35,12 +35,12 @@ function Test-MailboxAuditingE5 {
        $allFailures = @()
        $processedUsers = @{}
        $recnum = "6.1.3"
-        $allUsers = Get-MgOutput -Rec $recnum
+        $allUsers = Get-CISMgOutput -Rec $recnum
    }

    process {
        if ($null -ne $allUsers) {
-            $mailboxes = Get-ExoOutput -Rec $recnum
+            $mailboxes = Get-CISExoOutput -Rec $recnum
            try {
                foreach ($user in $allUsers) {
                    if ($processedUsers.ContainsKey($user.UserPrincipalName)) {
--- a/source/tests/Test-ManagedApprovedPublicGroups.ps1
+++ b/source/tests/Test-ManagedApprovedPublicGroups.ps1
@@ -30,7 +30,7 @@ function Test-ManagedApprovedPublicGroups {
    process {
        try {
            # Step: Retrieve all groups with visibility set to 'Public'
-            $allGroups = Get-MgOutput -Rec $recnum
+            $allGroups = Get-CISMgOutput -Rec $recnum

            # Step: Determine failure reasons based on the presence of public groups
            $failureReasons = if ($null -ne $allGroups -and $allGroups.Count -gt 0) {
--- a/source/tests/Test-ModernAuthExchangeOnline.ps1
+++ b/source/tests/Test-ModernAuthExchangeOnline.ps1
@@ -34,7 +34,7 @@ function Test-ModernAuthExchangeOnline {
            # 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled

            # Check modern authentication setting in Exchange Online configuration (Condition A and B)
-            $orgConfig = Get-ExoOutput -Rec $recnum
+            $orgConfig = Get-CISExoOutput -Rec $recnum

            # Prepare failure reasons and details based on compliance
            $failureReasons = if (-not $orgConfig.OAuth2ClientProfileEnabled) {
--- a/source/tests/Test-NoWhitelistDomains.ps1
+++ b/source/tests/Test-NoWhitelistDomains.ps1
@@ -38,7 +38,7 @@ function Test-NoWhitelistDomains {

            # Retrieve transport rules that whitelist specific domains
            # Condition A: Checking for transport rules that whitelist specific domains
-            $whitelistedRules = Get-ExoOutput -Rec $recnum
+            $whitelistedRules = Get-CISExoOutput -Rec $recnum
            # Prepare failure reasons and details based on compliance
            # Condition B: Prepare failure reasons based on the presence of whitelisted rules
            $failureReasons = if ($whitelistedRules) {
--- a/source/tests/Test-NotifyMalwareInternal.ps1
+++ b/source/tests/Test-NotifyMalwareInternal.ps1
@@ -34,7 +34,7 @@ function Test-NotifyMalwareInternal {
            # 2.1.3 Ensure notifications for internal users sending malware is Enabled

            # Retrieve all 'Custom' malware filter policies and check notification settings
-            $malwareNotifications = Get-ExoOutput -Rec $recnum
+            $malwareNotifications = Get-CISExoOutput -Rec $recnum

            # Condition B: Using PowerShell, the `NotifyInternal` property in the anti-malware policy is set to `True` and includes at least one valid email address for notifications.
            $policiesToReport = @()
--- a/source/tests/Test-PasswordHashSync.ps1
+++ b/source/tests/Test-PasswordHashSync.ps1
@@ -34,7 +34,7 @@ function Test-PasswordHashSync {
            # 5.1.8.1 (L1) Ensure password hash sync is enabled for hybrid deployments

            # Retrieve password hash sync status (Condition A and C)
-            $passwordHashSync = Get-MgOutput -Rec $recnum
+            $passwordHashSync = Get-CISMgOutput -Rec $recnum
            $hashSyncResult = $passwordHashSync

            # Prepare failure reasons and details based on compliance
--- a/source/tests/Test-ReportSecurityInTeams.ps1
+++ b/source/tests/Test-ReportSecurityInTeams.ps1
@@ -24,7 +24,7 @@ function Test-ReportSecurityInTeams {
            $CsTeamsMessagingPolicy = Get-CsTeamsMessagingPolicy -Identity Global | Select-Object -Property AllowSecurityEndUserReporting
            # Condition B: Verify that 'Monitor reported messages in Microsoft Teams' is checked in the Microsoft 365 Defender portal.
            # Condition C: Ensure the 'Send reported messages to' setting in the Microsoft 365 Defender portal is set to 'My reporting mailbox only' with the correct report email addresses.
-            $ReportSubmissionPolicy = Get-ExoOutput -Rec $recnum
+            $ReportSubmissionPolicy = Get-CISExoOutput -Rec $recnum
            # Check if all the required settings are enabled
            $securityReportEnabled = $CsTeamsMessagingPolicy.AllowSecurityEndUserReporting -and
            $ReportSubmissionPolicy.ReportJunkToCustomizedAddress -and
--- a/source/tests/Test-RestrictOutlookAddins.ps1
+++ b/source/tests/Test-RestrictOutlookAddins.ps1
@@ -36,7 +36,7 @@ function Test-RestrictOutlookAddins {

            # Check all mailboxes for custom policies with unallowed add-ins
            # Check Default Role Assignment Policy
-            $customPolicyFailures, $defaultPolicy = Get-ExoOutput -Rec $recnum
+            $customPolicyFailures, $defaultPolicy = Get-CISExoOutput -Rec $recnum
            $defaultPolicyRoles = $defaultPolicy.AssignedRoles | Where-Object { $_ -in $relevantRoles }

            # Condition A: Verify that the roles MyCustomApps, MyMarketplaceApps, and MyReadWriteMailboxApps are unchecked under Other roles.
--- a/source/tests/Test-RestrictStorageProvidersOutlook.ps1
+++ b/source/tests/Test-RestrictStorageProvidersOutlook.ps1
@@ -34,7 +34,7 @@ function Test-RestrictStorageProvidersOutlook {
            # 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web

            # Retrieve all OwaMailbox policies
-            $owaPolicies = Get-ExoOutput -Rec $recnum
+            $owaPolicies = Get-CISExoOutput -Rec $recnum
            # Condition A: Check if AdditionalStorageProvidersAvailable is set to False
            $nonCompliantPolicies = $owaPolicies | Where-Object { $_.AdditionalStorageProvidersAvailable }

--- a/source/tests/Test-RestrictTenantCreation.ps1
+++ b/source/tests/Test-RestrictTenantCreation.ps1
@@ -35,7 +35,7 @@ function Test-RestrictTenantCreation {
            # 5.1.2.3 (L1) Ensure 'Restrict non-admin users from creating tenants' is set to 'Yes'

            # Retrieve the tenant creation policy
-            $tenantCreationPolicy = Get-MgOutput -Rec $recnum
+            $tenantCreationPolicy = Get-CISMgOutput -Rec $recnum
            $tenantCreationResult = -not $tenantCreationPolicy.AllowedToCreateTenants

            # Prepare failure reasons and details based on compliance
--- a/source/tests/Test-SafeAttachmentsPolicy.ps1
+++ b/source/tests/Test-SafeAttachmentsPolicy.ps1
@@ -28,7 +28,7 @@ function Test-SafeAttachmentsPolicy {
    }

    process {
-        $safeAttachmentPolicies = Get-ExoOutput -Rec $recnum
+        $safeAttachmentPolicies = Get-CISExoOutput -Rec $recnum
        if ($safeAttachmentPolicies -ne 1) {
            try {
                # Check if any Safe Attachments policy is enabled (Condition A)
--- a/source/tests/Test-SafeAttachmentsTeams.ps1
+++ b/source/tests/Test-SafeAttachmentsTeams.ps1
@@ -31,7 +31,7 @@ function Test-SafeAttachmentsTeams {
    }

    process {
-        $atpPolicyResult = Get-ExoOutput -Rec $recnum
+        $atpPolicyResult = Get-CISExoOutput -Rec $recnum
        if ($atpPolicyResult -ne 1) {
            try {
                # Condition A: Check Safe Attachments for SharePoint
--- a/source/tests/Test-SafeLinksOfficeApps.ps1
+++ b/source/tests/Test-SafeLinksOfficeApps.ps1
@@ -42,7 +42,7 @@ function Test-SafeLinksOfficeApps {
    process {
        # 2.1.1 (L2) Ensure Safe Links for Office Applications is Enabled
        # Retrieve all Safe Links policies
-        $misconfiguredDetails = Get-ExoOutput -Rec $recnum
+        $misconfiguredDetails = Get-CISExoOutput -Rec $recnum
        # Misconfigured details returns 1 if EXO Commands needed for the test are not available
        if ($misconfiguredDetails -ne 1) {
            try {
--- a/source/tests/Test-SpamPolicyAdminNotify.ps1
+++ b/source/tests/Test-SpamPolicyAdminNotify.ps1
@@ -38,7 +38,7 @@ function Test-SpamPolicyAdminNotify {
            # 2.1.6 Ensure Exchange Online Spam Policies are set to notify administrators

            # Retrieve the default hosted outbound spam filter policy
-            $hostedOutboundSpamFilterPolicy = Get-ExoOutput -Rec $recnum
+            $hostedOutboundSpamFilterPolicy = Get-CISExoOutput -Rec $recnum

            # Check if both settings are enabled (Condition A and Condition B for pass)
            $bccSuspiciousOutboundMailEnabled = $hostedOutboundSpamFilterPolicy.BccSuspiciousOutboundMail
--- a/tests/Unit/Private/Get-CISExoOutput.tests.ps1
+++ b/tests/Unit/Private/Get-CISExoOutput.tests.ps1
--- a/tests/Unit/Private/Get-CISMSTeamsOutput.tests.ps1
+++ b/tests/Unit/Private/Get-CISMSTeamsOutput.tests.ps1
--- a/tests/Unit/Private/Get-CISMgOutput.tests.ps1
+++ b/tests/Unit/Private/Get-CISMgOutput.tests.ps1
@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+