MS.DEFENDER.1.1v1 - The standard and strict preset security policies SHALL be enabled.

Information

Defender includes a large number of features and settings to protect users against threats. Using the preset security policies, administrators can help ensure all new and existing users automatically have secure defaults applied.

Solution

1. Sign in to Microsoft 365 Defender.
2. In the left-hand menu, go to Email & Collaboration > Policies & Rules.
3. Select Threat Policies.
4. From the Templated policies section, select Preset Security Policies.
5. Under Standard protection, slide the toggle switch to the right so the text next to the toggle reads Standard protection is on.
6. Under Strict protection, slide the toggle switch to the right so the text next to the toggle reads Strict protection is on.

Note: If the toggle slider in step 5 is grayed out, click on Manage protection settings instead and configure the policy settings according to [Use the Microsoft 365 Defender portal to assign Standard and Strict preset security policies to users \| Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide#use-the-microsoft-365-defender-portal-to-assign-standard-and-strict-preset-security-policies-to-users).

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-4, 800-53|CA-7, 800-53|CM-2, 800-53|CM-6, 800-53|IA-9, 800-53|SC-7, 800-53|SC-20, 800-53|SC-44, 800-53|SI-2, 800-53|SI-3, 800-53|SI-4, 800-53|SI-8

Plugin: microsoft_azure

Control ID: 9890d1ae3c4cbae57cdcb3e5452076e80932930bc90c5238e961237a765919e7