57 lines
2.1 KiB
PowerShell
57 lines
2.1 KiB
PowerShell
function Test-SafeAttachmentsTeams_2.1.5_E5L2_IG1_IG2_IG3 {
|
|
[CmdletBinding()]
|
|
param (
|
|
# Parameters can be added if needed
|
|
)
|
|
|
|
begin {
|
|
. ".\source\Classes\CISAuditResult.ps1"
|
|
$auditResults = @()
|
|
}
|
|
|
|
process {
|
|
# Retrieve the ATP policies for Office 365 and check Safe Attachments settings
|
|
$atpPolicies = Get-AtpPolicyForO365
|
|
|
|
# Check if the required ATP policies are enabled
|
|
$atpPolicyResult = $atpPolicies | Where-Object {
|
|
$_.EnableATPForSPOTeamsODB -eq $true -and
|
|
$_.EnableSafeDocs -eq $true -and
|
|
$_.AllowSafeDocsOpen -eq $false
|
|
}
|
|
|
|
# Determine the result based on the ATP policy settings
|
|
$result = $null -ne $atpPolicyResult
|
|
$details = if ($result) {
|
|
"ATP for SharePoint, OneDrive, and Teams is enabled with correct settings."
|
|
} else {
|
|
"ATP for SharePoint, OneDrive, and Teams is not enabled with correct settings."
|
|
}
|
|
$failureReason = if ($result) { "N/A" } else { "ATP policy for SharePoint, OneDrive, and Microsoft Teams is not correctly configured." }
|
|
|
|
# Create an instance of CISAuditResult and populate it
|
|
$auditResult = [CISAuditResult]::new()
|
|
$auditResult.Status = if ($result) { "Pass" } else { "Fail" }
|
|
$auditResult.ELevel = "E5"
|
|
$auditResult.Profile = "L2"
|
|
$auditResult.Rec = "2.1.5"
|
|
$auditResult.RecDescription = "Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled"
|
|
$auditResult.CISControlVer = "v8"
|
|
$auditResult.CISControl = "9.7, 10.1"
|
|
$auditResult.CISDescription = "Deploy and Maintain Email Server Anti-Malware Protections, Deploy and Maintain Anti-Malware Software"
|
|
$auditResult.IG1 = $true
|
|
$auditResult.IG2 = $true
|
|
$auditResult.IG3 = $true
|
|
$auditResult.Result = $result
|
|
$auditResult.Details = $details
|
|
$auditResult.FailureReason = $failureReason
|
|
|
|
$auditResults += $auditResult
|
|
}
|
|
|
|
end {
|
|
# Return auditResults
|
|
return $auditResults
|
|
}
|
|
}
|