Detections
Analytics

CIS Microsoft 365 Foundations v5.0.0 L2 E3

Audit Details

Name: CIS Microsoft 365 Foundations v5.0.0 L2 E3

Updated: 10/22/2025

Authority: CIS

Plugin: microsoft_azure

Revision: 1.1

Estimated Item Count: 30

File Details

Filename: CIS_Microsoft_365_Foundations_v5.0.0_L2_E3.audit

Size: 98.8 kB

MD5: 99f13153e03779dbc719a3f3a96d501a
SHA256: 0257bd79a5181b601261437a0a38e09b9aaede0855ad41a08e233aa44b94dce5

Audit Changelog

 
Revision 1.1

Oct 22, 2025

Informational Update
  • 1.2.1 (L2) Ensure that only organizationally managed/approved public groups exist
  • 1.3.2 (L2) Ensure 'Idle session timeout' is set to '3 hours (or less)' for unmanaged devices
  • 1.3.3 (L2) Ensure 'External sharing' of calendars is not available
  • 1.3.7 (L2) Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web'
  • 1.3.8 (L2) Ensure that Sways cannot be shared with people outside of your organization
  • 2.1.11 (L2) Ensure comprehensive attachment filtering is applied
  • 4.1 (L2) Ensure devices without a compliance policy are marked 'not compliant'
  • 4.2 (L2) Ensure device enrollment for personally owned devices is blocked by default
  • 5.1.2.2 (L2) Ensure third party integrated applications are not allowed
  • 5.1.2.5 (L2) Ensure the option to remain signed in is hidden
  • 5.1.2.6 (L2) Ensure 'LinkedIn account connections' is disabled
  • 5.1.5.1 (L2) Ensure user consent to apps accessing company data on their behalf is not allowed
  • 5.1.6.1 (L2) Ensure that collaboration invitations are sent to allowed domains only
  • 5.1.6.3 (L2) Ensure guest user invitations are limited to the Guest Inviter role
  • 5.2.2.5 (L2) Ensure 'Phishing-resistant MFA strength' is required for Administrators
  • 6.3.1 (L2) Ensure users installing Outlook add-ins is not allowed
  • 7.2.4 (L2) Ensure OneDrive content sharing is restricted
  • 7.2.5 (L2) Ensure that SharePoint guest users cannot share items they don't own
  • 7.2.6 (L2) Ensure SharePoint external sharing is managed through domain whitelist/blacklists
  • 7.2.8 (L2) Ensure external sharing is restricted by security group
  • 7.3.2 (L2) Ensure OneDrive sync is restricted for unmanaged devices
  • 8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage services
  • 8.2.1 (L2) Ensure external domains are restricted in the Teams admin center
  • 8.5.1 (L2) Ensure anonymous users can't join a meeting
  • 8.5.5 (L2) Ensure meeting chat does not allow anonymous users
  • 8.5.6 (L2) Ensure only organizers and co-organizers can present
  • 8.5.8 (L2) Ensure external meeting chat is off
  • 8.5.9 (L2) Ensure meeting recording is off by default
  • 9.1.5 (L2) Ensure 'Interact with and share R and Python' visuals is 'Disabled'
Miscellaneous
  • Metadata updated.