Revision 1.4Jun 10, 2022
Functional Update
- 5.1.5 Ensure that logging for Azure KeyVault is 'Enabled'
- 7.1 Ensure Virtual Machines are utilizing Managed Disks
- 7.4 Ensure that only approved extensions are installed
- 7.5 Ensure that the latest OS Patches for all Virtual Machines are applied
- 7.6 Ensure that the endpoint protection for all Virtual Machines is installed
- 8.1 Ensure that the expiration date is set on all keys
- 8.2 Ensure that the expiration date is set on all Secrets
- 8.4 Ensure the key vault is recoverable
- 9.10 Ensure FTP deployments are disabled
- 9.2 Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service
- 9.3 Ensure web app is using the latest version of TLS encryption
- 9.5 Ensure that Register with Azure Active Directory is enabled on App Service
- 9.6 Ensure that 'PHP version' is the latest, if used to run the web app
- 9.7 Ensure that 'Python version' is the latest, if used to run the web app
- 9.8 Ensure that 'Java version' is the latest, if used to run the web app
- 9.9 Ensure that 'HTTP Version' is the latest, if used to run the web app