| 2.1.9 (L1) Ensure that DKIM is enabled for all Exchange Online Domains | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.9 (L1) Ensure that DKIM is enabled for all Exchange Online Domains | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.10 (L1) Ensure DMARC Records for all Exchange Online domains are published | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.10 (L1) Ensure DMARC Records for all Exchange Online domains are published | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.12 (L1) Ensure the connection filter IP allow list is not used | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.12 (L1) Ensure the connection filter IP allow list is not used | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.13 (L1) Ensure the connection filter safe list is off | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.13 (L1) Ensure the connection filter safe list is off | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.14 (L1) Ensure inbound anti-spam policies do not contain allowed domains | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.14 (L1) Ensure inbound anti-spam policies do not contain allowed domains | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 7.4 Ensure Either SPF or DKIM DNS Records are Configured | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MS.EXO.3.1v1 - DKIM SHOULD be enabled for all domains. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| MS.EXO.4.1v1 - A DMARC policy SHALL be published for every second-level domain. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
