Detections
Analytics

CSCv7|7.10

Title

Sandbox All Email Attachments

Description

Use sandboxing to analyze and block inbound email attachments with malicious behavior.

Reference Item Details

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.4 Ensure Safe Attachments policy is enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v3.0.0
2.1.4 Ensure Safe Attachments policy is enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v3.1.0
2.1.5 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v3.0.0
2.1.5 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v3.1.0
2.1.6 Ensure Exchange Online Spam Policies are set to notify administratorsmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.0.0
2.1.6 Ensure Exchange Online Spam Policies are set to notify administratorsmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.1.0
2.4 Ensure Office 365 ATP for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.3.0
2.4 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.5.0
2.4 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.4.0
2.5 Ensure Office 365 SharePoint infected files are disallowed for downloadmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.4.0
2.5 Ensure Office 365 SharePoint infected files are disallowed for downloadmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.5.0
2.5 Ensure Office 365 SharePoint infected files are disallowed for downloadmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v1.3.0
2.5 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabledmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v2.0.0
2.6 Ensure Office 365 SharePoint infected files are disallowed for downloadmicrosoft_azureCIS Microsoft 365 Foundations E5 L2 v2.0.0
18.9.46.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + NG
18.9.46.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 NG
18.9.46.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
18.9.46.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.46.3 Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + BL + NG
18.9.46.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + BL + NG
18.9.46.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + NG
18.9.46.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.46.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 NG
18.9.46.4 Ensure 'Allow files to download and save to the host operating system from Microsoft Defender Application Guard' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
18.9.46.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.46.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 NG
18.9.46.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + NG
18.9.46.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L2 + BL + NG
18.9.46.6 Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L1 v2.4.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.0.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L1 v2.4.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.0.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG NG DC L3 v1.0.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 STIG NG MS L3 v1.0.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.2.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0