vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0226b293b5776f4f9fa83ab31f2806649c977d50
M365FoundationsCISReport/README.md
DrIOS 0226b293b5 Initial Commit
2024-03-25 08:34:43 -05:00

5.6 KiB
Raw Blame History

M365FoundationsCISReport Module

License

This PowerShell module is based on CIS benchmarks and is distributed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This means:

  • Non-commercial: You may not use the material for commercial purposes.
  • ShareAlike: If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
  • Attribution: Appropriate credit must be given, provide a link to the license, and indicate if changes were made.

For full license details, please visit Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Invoke-M365SecurityAudit

Synopsis

Invokes a security audit for Microsoft 365 environments.

Syntax


Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-ELevel <String>] [-ProfileLevel <String>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG1] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG2] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG3] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeRecommendation <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-SkipRecommendation <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]

Parameters

Name Alias Description Required? Pipeline Input Default Value
TenantAdminUrl The URL of the tenant admin. This parameter is mandatory. true false
DomainName The domain name of the Microsoft 365 environment. This parameter is mandatory. true false
ELevel Specifies the E-Level (E3 or E5) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. false false
ProfileLevel Specifies the profile level (L1 or L2) for the audit. This parameter is optional and can be combined with the ELevel parameter. false false
IncludeIG1 If specified, includes tests where IG1 is true. false false False
IncludeIG2 If specified, includes tests where IG2 is true. false false False
IncludeIG3 If specified, includes tests where IG3 is true. false false False
IncludeRecommendation Specifies specific recommendations to include in the audit. Accepts an array of recommendation numbers. false false
SkipRecommendation Specifies specific recommendations to exclude from the audit. Accepts an array of recommendation numbers. false false
DoNotConnect If specified, the cmdlet will not establish a connection to Microsoft 365 services. false false False
DoNotDisconnect If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. false false False
NoModuleCheck If specified, the cmdlet will not check for the presence of required modules. false false False
WhatIf wi false false
Confirm cf false false

Inputs

  • None. You cannot pipe objects to Invoke-M365SecurityAudit.

Outputs

  • CISAuditResult\[] The cmdlet returns an array of CISAuditResult objects representing the results of the security audit.

Note

This module is based on CIS benchmarks and is governed by the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. For more details, visit: https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en

Examples

EXAMPLE 1

Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -ELevel "E5" -ProfileLevel "L1"

Performs a security audit for the E5 level and L1 profile in the specified Microsoft 365 environment.

EXAMPLE 2

Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -IncludeIG1

Performs an audit including all tests where IG1 is true.

EXAMPLE 3

Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -SkipRecommendation '1.1.3', '2.1.1'

Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1.

EXAMPLE 4

$auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com"
PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation

Captures the audit results into a variable and exports them to a CSV file.

Links

  • [Online Version: [GitHub Repository URL]](#Online Version: [GitHub Repository URL])