CIS Microsoft 365 Foundations E5 L2 v1.4.0

Audit Details

Name: CIS Microsoft 365 Foundations E5 L2 v1.4.0

Updated: 8/11/2022

Authority: CIS

Plugin: microsoft_azure

Revision: 1.0

Estimated Item Count: 10

File Details

Filename: CIS_Microsoft_365_v1.4.0_E5_Level_2.audit

Size: 30.1 kB

MD5: 81696e5acf075c6f364341e41fcd0072
SHA256: 3bb4c190e38f7385d1a6fd0e61452fa02e6b5c52ec952d9dfea282b14738405b

Audit Items

DescriptionCategories
1.1.8 Enable Azure AD Identity Protection sign-in risk policies

IDENTIFICATION AND AUTHENTICATION

1.1.9 Enable Azure AD Identity Protection user risk policies

SYSTEM AND INFORMATION INTEGRITY

1.1.10 Use Just In Time privileged access to Office 365 roles

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.3 Ensure Safe Links for Office Applications is Enabled

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled

SYSTEM AND INFORMATION INTEGRITY

2.5 Ensure Office 365 SharePoint infected files are disallowed for download

SYSTEM AND INFORMATION INTEGRITY

3.1 Ensure the customer lockbox feature is enabled

AUDIT AND ACCOUNTABILITY, SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

4.5 Ensure the Safe Links policy is enabled

SYSTEM AND COMMUNICATIONS PROTECTION

4.6 Ensure Safe Attachments policy is enabled

SYSTEM AND INFORMATION INTEGRITY

5.13 Ensure Microsoft Defender for Cloud Apps is Enabled

AUDIT AND ACCOUNTABILITY