vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: TestDefinitions-v4.0.0.csv file

Browse Source
This commit is contained in:
DrIOS
2024-12-24 13:37:08 -06:00
parent fdc20093ba
commit fb7b543c6a
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -7,6 +7,7 @@ The format is based on and uses the types of changes according to [Keep a Change
### Added
- Link to App Authentication documentation in `New-M365SecurityAuditAuthObject` help file.
- TestDefinitions.csv file to the helper folder for version choices.
## [0.1.26] - 2024-08-04

9
source/helper/TestDefinitions-v4.0.0.csv Normal file
View File

@@ -0,0 +1,9 @@
Index,TestFileName,Rec,RecDescription,ELevel,ProfileLevel,CISControl,CISDescription,IG1,IG2,IG3,Automated,Connection
1,Test-AdministrativeAccountCompliance.ps1,1.1.1,Ensure Administrative accounts are cloud-only,E3,L1,5.4,Restrict Administrator Privileges to Dedicated Administrator Accounts,TRUE,TRUE,TRUE,TRUE,Microsoft Graph
2,Test-AdminAccountLicenses.ps1,1.1.4,Ensure administrative accounts use licenses with a reduced application footprint,E3,L1,5.4,Restrict Administrator Privileges to Dedicated Administrator Accounts,TRUE,TRUE,TRUE,TRUE,Microsoft Graph
3,Test-AntiPhishingPolicy.ps1,2.1.7,Ensure that an anti-phishing policy has been created,E5,L2,9.7,Deploy and Maintain Email Server Anti-Malware Protections,FALSE,FALSE,TRUE,TRUE,EXO
4,Test-AttachmentFiltering.ps1,2.1.11,Ensure comprehensive attachment filtering is applied,E3,L2,9.6,Block unnecessary file types attempting to enter the enterprises email gateway,FALSE,TRUE,TRUE,TRUE,EXO
5,Test-ConnectionFilterIPAllowList.ps1,2.1.12,(L1) Ensure the connection filter IP allow list is not used,E3,L1,9.7,Deploy and Maintain Email Server Anti-Malware Protections,FALSE,FALSE,TRUE,TRUE,EXO
6,Test-ConnectionFilterSafeList.ps1,2.1.13,(L1) Ensure the connection filter safe list is off,E3,L1,9.7,Deploy and Maintain Email Server Anti-Malware Protections,FALSE,FALSE,TRUE,TRUE,EXO
7,Test-InboundAntiSpamPolicies.ps1,2.1.14,(L1) Ensure inbound anti-spam policies do not contain allowed domains,E3,L1,9.7,Deploy and Maintain Email Server Anti-Malware Protections,FALSE,FALSE,TRUE,TRUE,EXO
8,Test-AuditBypassEnabled.ps1,6.1.4,(L1) Ensure 'AuditBypassEnabled' is not enabled on mailboxes,E3,L1,8.5,"Configure detailed audit logging for enterprise assets containing sensitive data. Include event source, date, username, timestamp, source addresses, destination addresses, and other useful elements that could assist in a forensic investigation",FALSE,TRUE,TRUE,TRUE,EXO
1 Index TestFileName Rec RecDescription ELevel ProfileLevel CISControl CISDescription IG1 IG2 IG3 Automated Connection
2 1 Test-AdministrativeAccountCompliance.ps1 1.1.1 Ensure Administrative accounts are cloud-only E3 L1 5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts TRUE TRUE TRUE TRUE Microsoft Graph
3 2 Test-AdminAccountLicenses.ps1 1.1.4 Ensure administrative accounts use licenses with a reduced application footprint E3 L1 5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts TRUE TRUE TRUE TRUE Microsoft Graph
4 3 Test-AntiPhishingPolicy.ps1 2.1.7 Ensure that an anti-phishing policy has been created E5 L2 9.7 Deploy and Maintain Email Server Anti-Malware Protections FALSE FALSE TRUE TRUE EXO
5 4 Test-AttachmentFiltering.ps1 2.1.11 Ensure comprehensive attachment filtering is applied E3 L2 9.6 Block unnecessary file types attempting to enter the enterprise’s email gateway FALSE TRUE TRUE TRUE EXO
6 5 Test-ConnectionFilterIPAllowList.ps1 2.1.12 (L1) Ensure the connection filter IP allow list is not used E3 L1 9.7 Deploy and Maintain Email Server Anti-Malware Protections FALSE FALSE TRUE TRUE EXO
7 6 Test-ConnectionFilterSafeList.ps1 2.1.13 (L1) Ensure the connection filter safe list is off E3 L1 9.7 Deploy and Maintain Email Server Anti-Malware Protections FALSE FALSE TRUE TRUE EXO
8 7 Test-InboundAntiSpamPolicies.ps1 2.1.14 (L1) Ensure inbound anti-spam policies do not contain allowed domains E3 L1 9.7 Deploy and Maintain Email Server Anti-Malware Protections FALSE FALSE TRUE TRUE EXO
9 8 Test-AuditBypassEnabled.ps1 6.1.4 (L1) Ensure 'AuditBypassEnabled' is not enabled on mailboxes E3 L1 8.5 Configure detailed audit logging for enterprise assets containing sensitive data. Include event source, date, username, timestamp, source addresses, destination addresses, and other useful elements that could assist in a forensic investigation FALSE TRUE TRUE TRUE EXO