12 KiB
12 KiB
# M365FoundationsCISReport Module
License
This PowerShell module is based on CIS benchmarks and is distributed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This means:
- Non-commercial: You may not use the material for commercial purposes.
- ShareAlike: If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
- Attribution: Appropriate credit must be given, provide a link to the license, and indicate if changes were made.
For full license details, please visit Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Register for and download CIS Benchmarks
Invoke-M365SecurityAudit
Synopsis
Invokes a security audit for Microsoft 365 environments.
Syntax
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-ELevel <String>] [-ProfileLevel <String>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG1] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG2] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeIG3] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-IncludeRecommendation <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-M365SecurityAudit -TenantAdminUrl <String> -DomainName <String> [-SkipRecommendation <String[]>] [-DoNotConnect] [-DoNotDisconnect] [-NoModuleCheck] [-WhatIf] [-Confirm] [<CommonParameters>]
Parameters
| Name | Alias | Description | Required? | Pipeline Input | Default Value |
|---|---|---|---|---|---|
| TenantAdminUrl | The URL of the tenant admin. This parameter is mandatory. | true | false | ||
| DomainName | The domain name of the Microsoft 365 environment. This parameter is mandatory. | true | false | ||
| ELevel | Specifies the E-Level (E3 or E5) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter. | false | false | ||
| ProfileLevel | Specifies the profile level (L1 or L2) for the audit. This parameter is optional and can be combined with the ELevel parameter. | false | false | ||
| IncludeIG1 | If specified, includes tests where IG1 is true. | false | false | False | |
| IncludeIG2 | If specified, includes tests where IG2 is true. | false | false | False | |
| IncludeIG3 | If specified, includes tests where IG3 is true. | false | false | False | |
| IncludeRecommendation | Specifies specific recommendations to include in the audit. Accepts an array of recommendation numbers. | false | false | ||
| SkipRecommendation | Specifies specific recommendations to exclude from the audit. Accepts an array of recommendation numbers. | false | false | ||
| DoNotConnect | If specified, the cmdlet will not establish a connection to Microsoft 365 services. | false | false | False | |
| DoNotDisconnect | If specified, the cmdlet will not disconnect from Microsoft 365 services after execution. | false | false | False | |
| NoModuleCheck | If specified, the cmdlet will not check for the presence of required modules. | false | false | False | |
| WhatIf | wi | false | false | ||
| Confirm | cf | false | false |
Inputs
- None. You cannot pipe objects to Invoke-M365SecurityAudit.
Outputs
- CISAuditResult[] The cmdlet returns an array of CISAuditResult objects representing the results of the security audit.
Note
- This module is based on CIS benchmarks. - Governed by the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. - Commercial use is not permitted. This module cannot be sold or used for commercial purposes. - Modifications and sharing are allowed under the same license. - For full license details, visit: https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en - Register for CIS Benchmarks at: https://www.cisecurity.org/cis-benchmarks
Examples
EXAMPLE 1
Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -ELevel "E5" -ProfileLevel "L1"
Performs a security audit for the E5 level and L1 profile in the specified Microsoft 365 environment.
EXAMPLE 2
Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -IncludeIG1
Performs an audit including all tests where IG1 is true.
EXAMPLE 3
Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -SkipRecommendation '1.1.3', '2.1.1'
Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1.
EXAMPLE 4
$auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com"
PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
Captures the audit results into a variable and exports them to a CSV file.
Links
- [Online Version: https://github.com/CriticalSolutionsNetwork/M365FoundationsCISReport](#Online Version: https://github.com/CriticalSolutionsNetwork/M365FoundationsCISReport)