Detections
Analytics
CIS Microsoft 365 Foundations E5 L1 v3.1.0
Audit Details
Name: CIS Microsoft 365 Foundations E5 L1 v3.1.0
Updated: 6/24/2024
Authority: CIS
Plugin: microsoft_azure
Revision: 1.0
Estimated Item Count: 10
File Details
Filename: CIS_Microsoft_365_v3.1.0_E5_Level_1.audit
Size: 33 kB
MD5: 792e57f9054cc6f1ec0ca7cba701ece5
SHA256: 6d49b483ce260235e18ea05c21768fab25f8f4b53138ace67e414fe14bd9b236
Audit Items
| Description | Categories |
|---|---|
| 2.1.7 Ensure that an anti-phishing policy has been created | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.11 Ensure the spoofed domains report is reviewed weekly | AUDIT AND ACCOUNTABILITY |
| 2.4.1 Ensure Priority account protection is enabled and configured | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.2 Ensure Priority accounts have 'Strict protection' presets applied | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.4 Ensure Zero-hour auto purge for Microsoft Teams is on | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.2 Ensure DLP policies are enabled for Microsoft Teams | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6.1 Ensure the Azure AD 'Risky sign-ins' report is reviewed at least weekly | AUDIT AND ACCOUNTABILITY |
| 5.3.2 Ensure 'Access reviews' for Guest Users are configured | ACCESS CONTROL |
| 5.3.3 Ensure 'Access reviews' for high privileged Azure AD roles are configured | ACCESS CONTROL |
| 6.1.3 Ensure mailbox auditing for E5 users is Enabled | AUDIT AND ACCOUNTABILITY |