Detections
Analytics

CIS Microsoft 365 Foundations E3 L2 v3.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft 365 Foundations E3 L2 v3.0.0

Updated: 6/24/2024

Authority: CIS

Plugin: microsoft_azure

Revision: 1.2

Estimated Item Count: 22

File Details

Filename: CIS_Microsoft_365_v3.0.0_E3_Level_2.audit

Size: 46.1 kB

MD5: fe12d3fa3c40715963d9b36e6bbe9e80
SHA256: fc6e1951141f699716c2fa3bb4633fc482aa271d8d45bdbaedff5c5eae040201

Audit Items

DescriptionCategories
1.2.1 Ensure that only organizationally managed/approved public groups exist
1.3.3 Ensure 'External sharing' of calendars is not available
1.3.7 Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web'
1.3.8 Ensure that Sways cannot be shared with people outside of your organization
5.1.2.2 Ensure third party integrated applications are not allowed
5.1.2.5 Ensure the option to remain signed in is hidden

IDENTIFICATION AND AUTHENTICATION

5.1.2.6 Ensure 'LinkedIn account connections' is disabled
5.1.5.2 Ensure user consent to apps accessing company data on their behalf is not allowed
5.1.6.1 Ensure that collaboration invitations are sent to allowed domains only
5.2.2.5 Ensure 'Phishing-resistant MFA strength' is required for Administrators
6.3.1 Ensure users installing Outlook add-ins is not allowed
6.5.2 Ensure MailTips are enabled for end users

CONFIGURATION MANAGEMENT

6.5.3 Ensure additional storage providers are restricted in Outlook on the web
7.2.4 Ensure OneDrive content sharing is restricted
7.2.5 Ensure that SharePoint guest users cannot share items they don't own
7.2.6 Ensure SharePoint external sharing is managed through domain whitelist/blacklists
7.2.8 Ensure external sharing is restricted by security group
7.3.2 Ensure OneDrive sync is restricted for unmanaged devices

CONFIGURATION MANAGEMENT

8.1.1 Ensure external file sharing in Teams is enabled for only approved cloud storage services
8.2.1 Ensure 'external access' is restricted in the Teams admin center

CONFIGURATION MANAGEMENT

8.5.1 Ensure anonymous users can't join a meeting

ACCESS CONTROL

9.1.5 Ensure 'Interact with and share R and Python' visuals is 'Disabled'