private/tests/TestMeta.json
|
{ "21809": { "TestId": "21809", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Admin consent workflow is enabled", "TenantType": [ "Workforce", "External" ] }, "21897": { "TestId": "21897", "ImplementationCost": "High", "UserImpact": "High", "RiskLevel": "Medium", "Category": "Access control", "Title": "All app assignment and group membership is governed", "TenantType": [ "Workforce", "External" ] }, "21894": { "TestId": "21894", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "All certificates Microsoft Entra Application Registrations and Service Principals must be issued by an approved certification authority", "TenantType": [ "Workforce", "External" ] }, "21867": { "TestId": "21867", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "All enterprise applications have owners", "TenantType": [ "Workforce", "External" ] }, "21929": { "TestId": "21929", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "All entitlement management packages that apply to guests have expirations or access reviews configured in their assignment policies", "TenantType": [ "Workforce", "External" ] }, "21878": { "TestId": "21878", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "All entitlement management policies have an expiration date", "TenantType": [ "Workforce", "External" ] }, "21879": { "TestId": "21879", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "All entitlement management policies that apply to External users require approval", "TenantType": [ "Workforce", "External" ] }, "21832": { "TestId": "21832", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "All groups in Conditional Access policies belong to a restricted management administrative unit", "TenantType": [ "Workforce" ] }, "21877": { "TestId": "21877", "ImplementationCost": "High", "UserImpact": "High", "RiskLevel": "Medium", "Category": "Access control", "Title": "All guests have a sponsor", "TenantType": [ "Workforce", "External" ] }, "21899": { "TestId": "21899", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "All privileged role assignments have a recipient that can receive notifications", "TenantType": [ "Workforce", "External" ] }, "21887": { "TestId": "21887", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "All registered redirect URIs must have proper DNS records and ownerships", "TenantType": [ "Workforce", "External" ] }, "21864": { "TestId": "21864", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "All risk detections are triaged", "TenantType": [ "Workforce", "External" ] }, "21862": { "TestId": "21862", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "All risky workload identities are triaged", "TenantType": [ "Workforce", "External" ] }, "22659": { "TestId": "22659", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "All risky workload identity sign ins are triaged", "TenantType": [ "Workforce", "External" ] }, "21892": { "TestId": "21892", "ImplementationCost": "High", "UserImpact": "High", "RiskLevel": "Medium", "Category": "Access control", "Title": "All sign-in activity comes from managed devices", "TenantType": [ "Workforce", "External" ] }, "21898": { "TestId": "21898", "ImplementationCost": "High", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "All supported access lifecycle resources are managed with entitlement management packages", "TenantType": [ "Workforce", "External" ] }, "21784": { "TestId": "21784", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "All user sign in activity uses phishing-resistant authentication methods", "TenantType": [ "Workforce", "External" ] }, "21888": { "TestId": "21888", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "App registrations must not have dangling or abandoned domain redirect URIs", "TenantType": [ "Workforce", "External" ] }, "21895": { "TestId": "21895", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Application Certificate Credentials are managed using HSM", "TenantType": [ "Workforce", "External" ] }, "21886": { "TestId": "21886", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Applications that use Microsoft Entra for authentication and support provisioning are configured", "TenantType": [ "Workforce", "External" ] }, "21841": { "TestId": "21841", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Authenticator app report suspicious activity is enabled", "TenantType": [ "Workforce", "External" ] }, "21802": { "TestId": "21802", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Authenticator app shows sign-in context", "TenantType": [ "Workforce", "External" ] }, "21912": { "TestId": "21912", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Azure resources used by Microsoft Entra only allow access from privileged roles", "TenantType": [ "Workforce", "External" ] }, "21881": { "TestId": "21881", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Azure subscriptions used by Identity Governance are secured consistently with Identity Governance roles", "TenantType": [ "Workforce", "External" ] }, "21842": { "TestId": "21842", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Block administrators from using SSPR", "TenantType": [ "Workforce" ] }, "21799": { "TestId": "21799", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Block high risk sign-ins", "TenantType": [ "Workforce", "External" ] }, "21844": { "TestId": "21844", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Block legacy Azure AD PowerShell module", "TenantType": [ "Workforce" ] }, "21843": { "TestId": "21843", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Block legacy Microsoft Online PowerShell module", "TenantType": [ "Workforce" ] }, "21831": { "TestId": "21831", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Conditional Access protected actions are enabled", "TenantType": [ "Workforce" ] }, "21834": { "TestId": "21834", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Directory sync account is locked down to specific named location", "TenantType": [ "Workforce" ] }, "22101": { "TestId": "22101", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Disable ciamlogin endpoints when custom domain enabled", "TenantType": [ "External" ] }, "21848": { "TestId": "21848", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Enable custom banned passwords", "TenantType": [ "Workforce", "External" ] }, "22102": { "TestId": "22102", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Enable custom domain", "TenantType": [ "External" ] }, "21893": { "TestId": "21893", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Low", "Category": "Access control", "Title": "Enable Microsoft Entra ID Protection policy to enforce multifactor authentication registration", "TenantType": [ "Workforce", "External" ] }, "21964": { "TestId": "21964", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Enable protected actions to secure Conditional Access policy creation and changes", "TenantType": [ "Workforce", "External" ] }, "21870": { "TestId": "21870", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Enable SSPR", "TenantType": [ "Workforce", "External" ] }, "22100": { "TestId": "22100", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Enable WAF for ciamlogin endpoints", "TenantType": [ "External" ] }, "21869": { "TestId": "21869", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Enterprise applications must require explicit assignment or scoped provisioning", "TenantType": [ "Workforce", "External" ] }, "21859": { "TestId": "21859", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "GDAP admin least privilege", "TenantType": [ "Workforce", "External" ] }, "21822": { "TestId": "21822", "ImplementationCost": "High", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guest access is limited to approved tenants", "TenantType": [ "Workforce" ] }, "21821": { "TestId": "21821", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guest access is restricted", "TenantType": [ "Workforce" ] }, "21857": { "TestId": "21857", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guest identities are lifecycle managed with access reviews", "TenantType": [ "Workforce", "External" ] }, "21823": { "TestId": "21823", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guest self-service sign up via user flow is disabled", "TenantType": [ "Workforce" ] }, "22128": { "TestId": "22128", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Guests are not assigned high privileged directory roles", "TenantType": [ "Workforce", "External" ] }, "21824": { "TestId": "21824", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guests don't have long lived sign-in sessions", "TenantType": [ "Workforce" ] }, "21868": { "TestId": "21868", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Guests don't own apps in the tenant", "TenantType": [ "Workforce", "External" ] }, "21858": { "TestId": "21858", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Inactive guest identities are removed from the tenant", "TenantType": [ "Workforce", "External" ] }, "22098": { "TestId": "22098", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Integrate Entra Audit logs with Azure Monitor", "TenantType": [ "External" ] }, "22099": { "TestId": "22099", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Integrate Entra Sign-In logs with Azure Monitor", "TenantType": [ "External" ] }, "21953": { "TestId": "21953", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Local Admin Password Solution is deployed", "TenantType": [ "Workforce", "External" ] }, "21955": { "TestId": "21955", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Manage the local administrators on Microsoft Entra joined devices", "TenantType": [ "Workforce", "External" ] }, "21803": { "TestId": "21803", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Migrate from legacy MFA and SSPR policies", "TenantType": [ "Workforce", "External" ] }, "21984": { "TestId": "21984", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "No Active low priority Entra recommendations found", "TenantType": [ "Workforce", "External" ] }, "21983": { "TestId": "21983", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "No Active Medium priority Entra recommendations found", "TenantType": [ "Workforce", "External" ] }, "21882": { "TestId": "21882", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "No nested groups in PIM for groups", "TenantType": [ "Workforce", "External" ] }, "21839": { "TestId": "21839", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Passkey authentication method enabled", "TenantType": [ "Workforce", "External" ] }, "21811": { "TestId": "21811", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Password expiration is disabled", "TenantType": [ "Workforce", "External" ] }, "21847": { "TestId": "21847", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Password protection for on-premises is enabled", "TenantType": [ "Workforce" ] }, "21854": { "TestId": "21854", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Privileged roles aren't assigned to stale identities", "TenantType": [ "Workforce", "External" ] }, "21855": { "TestId": "21855", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Privileged roles have access reviews", "TenantType": [ "Workforce", "External" ] }, "21825": { "TestId": "21825", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Privileged user sessions don't have long lived sign-in sessions", "TenantType": [ "Workforce" ] }, "21889": { "TestId": "21889", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Low", "Category": "Access control", "Title": "Reduce the user-visible password surface area", "TenantType": [ "Workforce", "External" ] }, "21872": { "TestId": "21872", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "High", "Category": "Access control", "Title": "Require multifactor authentication for device join and device registration using user action", "TenantType": [ "Workforce" ] }, "21891": { "TestId": "21891", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Require password reset notifications for administrator roles", "TenantType": [ "Workforce", "External" ] }, "21890": { "TestId": "21890", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Require password reset notifications for user roles", "TenantType": [ "Workforce", "External" ] }, "21797": { "TestId": "21797", "ImplementationCost": "Medium", "UserImpact": "High", "RiskLevel": "High", "Category": "Access control", "Title": "Restrict access to high risk users", "TenantType": [ "Workforce", "External" ] }, "21808": { "TestId": "21808", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "High", "Category": "Access control", "Title": "Restrict device code flow", "TenantType": [ "Workforce", "External" ] }, "21954": { "TestId": "21954", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Restrict nonadministrator users from recovering the BitLocker keys for their owned devices", "TenantType": [ "Workforce", "External" ] }, "21806": { "TestId": "21806", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Secure the MFA registration (My Security Info) page", "TenantType": [ "Workforce", "External" ] }, "21840": { "TestId": "21840", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Security key attestation is enforced", "TenantType": [ "Workforce", "External" ] }, "21838": { "TestId": "21838", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Security key authentication method enabled", "TenantType": [ "Workforce", "External" ] }, "22072": { "TestId": "22072", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Self-Service Password Reset does not use Q & A", "TenantType": [ "Workforce", "External" ] }, "21896": { "TestId": "21896", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Service principals don't have certificates or credentials associated with them", "TenantType": [ "Workforce", "External" ] }, "23183": { "TestId": "23183", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Service principals use safe redirect URIs", "TenantType": [ "Workforce", "External" ] }, "21849": { "TestId": "21849", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Smart lockout duration is set to a minimum of 60", "TenantType": [ "Workforce", "External" ] }, "21850": { "TestId": "21850", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Smart lockout threshold isn't greater than 10", "TenantType": [ "Workforce", "External" ] }, "21845": { "TestId": "21845", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Temporary access pass is enabled", "TenantType": [ "Workforce", "External" ] }, "21846": { "TestId": "21846", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Access control", "Title": "Temporary access pass restricted to one-time use", "TenantType": [ "Workforce", "External" ] }, "21775": { "TestId": "21775", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "Low", "Category": "Access control", "Title": "Tenant app management policy is configured", "TenantType": [ "Workforce", "External" ] }, "21874": { "TestId": "21874", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Tenant does have controls to selectively onboard External organizations (cross-tenant access polices and domain-based allow/deny lists)", "TenantType": [ "Workforce", "External" ] }, "21875": { "TestId": "21875", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Tenant has all External organizations allowed to collaborate as Connected Organization", "TenantType": [ "Workforce", "External" ] }, "21793": { "TestId": "21793", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Tenant restrictions v2 are configured", "TenantType": [ "Workforce", "External" ] }, "21941": { "TestId": "21941", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Token protection policies are configured", "TenantType": [ "Workforce", "External" ] }, "21865": { "TestId": "21865", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Trusted network locations are configured to increase quality of risk detections", "TenantType": [ "Workforce", "External" ] }, "21985": { "TestId": "21985", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "Turn off Seamless SSO if there are is no usage", "TenantType": [ "Workforce", "External" ] }, "21829": { "TestId": "21829", "ImplementationCost": "High", "UserImpact": "High", "RiskLevel": "High", "Category": "Access control", "Title": "Use cloud authentication", "TenantType": [ "Workforce" ] }, "21876": { "TestId": "21876", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Use PIM for Microsoft Entra privileged roles", "TenantType": [ "Workforce", "External" ] }, "21776": { "TestId": "21776", "ImplementationCost": "Low", "UserImpact": "Medium", "RiskLevel": "Medium", "Category": "Access control", "Title": "User consent settings are restricted", "TenantType": [ "Workforce", "External" ] }, "21804": { "TestId": "21804", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Weak authentication methods are disabled", "TenantType": [ "Workforce", "External" ] }, "21883": { "TestId": "21883", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Access control", "Title": "Workload identities are configured with risk-based policies", "TenantType": [ "Workforce", "External" ] }, "21884": { "TestId": "21884", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Access control", "Title": "Workload identities based on known networks are configured", "TenantType": [ "Workforce", "External" ] }, "21885": { "TestId": "21885", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Application management", "Title": "App registrations use safe redirect URIs", "TenantType": [ "Workforce", "External" ] }, "21992": { "TestId": "21992", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Application management", "Title": "Application Certificates need to be rotated on a regular basis", "TenantType": [ "Workforce", "External" ] }, "21778": { "TestId": "21778", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Application management", "Title": "Line-of-business and partner apps use MSAL", "TenantType": [ "Workforce", "External" ] }, "21780": { "TestId": "21780", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Application management", "Title": "No usage of ADAL in the tenant", "TenantType": [ "Workforce", "External" ] }, "21779": { "TestId": "21779", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Application management", "Title": "Use recent versions of Microsoft Applications", "TenantType": [ "Workforce", "External" ] }, "21836": { "TestId": "21836", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Application management", "Title": "Workload identities assigned privileged roles", "TenantType": [ "Workforce", "External" ] }, "21837": { "TestId": "21837", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Device management", "Title": "Limit the maximum number of devices per user to 10", "TenantType": [ "Workforce" ] }, "21863": { "TestId": "21863", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Monitoring", "Title": "All high-risk sign-ins are triaged", "TenantType": [ "Workforce", "External" ] }, "21861": { "TestId": "21861", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Monitoring", "Title": "All high-risk users are triaged", "TenantType": [ "Workforce", "External" ] }, "21866": { "TestId": "21866", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Monitoring", "Title": "All Microsoft Entra recommendations are addressed", "TenantType": [ "Workforce", "External" ] }, "22124": { "TestId": "22124", "ImplementationCost": "Medium", "UserImpact": "Medium", "RiskLevel": "High", "Category": "Monitoring", "Title": "High priority Entra recommendations are addressed", "TenantType": [ "Workforce", "External" ] }, "21798": { "TestId": "21798", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Monitoring", "Title": "ID Protection notifications enabled", "TenantType": [ "Workforce", "External" ] }, "21789": { "TestId": "21789", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Monitoring", "Title": "Tenant creation events are triaged", "TenantType": [ "Workforce" ] }, "21820": { "TestId": "21820", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "Activation alert for all privileged role assignments", "TenantType": [ "Workforce" ] }, "21819": { "TestId": "21819", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Medium", "Category": "Privileged access", "Title": "Activation alert for Global Administrator role assignments", "TenantType": [ "Workforce" ] }, "21818": { "TestId": "21818", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Privileged access", "Title": "Activation alert for highly privileged role assignments", "TenantType": [ "Workforce" ] }, "21815": { "TestId": "21815", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "High", "Category": "Privileged access", "Title": "All privileged role assignments are activated just in time and not permanently active", "TenantType": [ "Workforce" ] }, "21816": { "TestId": "21816", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "All privileged role assignments are managed with PIM", "TenantType": [ "Workforce" ] }, "21833": { "TestId": "21833", "ImplementationCost": "High", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "Directory Sync account credentials haven't been rotated recently", "TenantType": [ "Workforce" ] }, "21835": { "TestId": "21835", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "Emergency account exists", "TenantType": [ "Workforce" ] }, "21817": { "TestId": "21817", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Privileged access", "Title": "Global Administrator role activation triggers an approval workflow", "TenantType": [ "Workforce" ] }, "21788": { "TestId": "21788", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "High", "Category": "Privileged access", "Title": "Global Administrators don't have standing elevated access to all Azure subscriptions in the tenant", "TenantType": [ "Workforce" ] }, "21813": { "TestId": "21813", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "High Global Administrator to privileged user ratio", "TenantType": [ "Workforce" ] }, "21830": { "TestId": "21830", "ImplementationCost": "Medium", "UserImpact": "Low", "RiskLevel": "High", "Category": "Privileged access", "Title": "Highly privileged roles are only activated in a PAW/SAW device", "TenantType": [ "Workforce" ] }, "21812": { "TestId": "21812", "ImplementationCost": "Low", "UserImpact": "Low", "RiskLevel": "Low", "Category": "Privileged access", "Title": "Maximum number of Global Administrators doesn't exceed eight users", "TenantType": [ "Workforce" ] }, "21800": { "TestId": "21800", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "All user sign-in activity uses strong authentication methods", "TenantType": [ "Workforce", "External" ] }, "21773": { "TestId": "21773", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Applications don't have certificates with expiration longer than 180 days", "TenantType": [ "Workforce", "External" ] }, "21772": { "TestId": "21772", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Applications don't have secrets configured", "TenantType": [ "Workforce", "External" ] }, "21828": { "TestId": "21828", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Authentication transfer is blocked", "TenantType": [ "Workforce", "External" ] }, "21796": { "TestId": "21796", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Block legacy authentication policy is configured", "TenantType": [ "Workforce" ] }, "21810": { "TestId": "21810", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Checking Resource-Specific Consent is restricted", "TenantType": [ "Workforce", "External" ] }, "21807": { "TestId": "21807", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Creating new applications and service principles is restricted to privileged users", "TenantType": [ "Workforce" ] }, "21860": { "TestId": "21860", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Diagnostic settings are configured for all Microsoft Entra logs", "TenantType": [ "Workforce", "External" ] }, "21851": { "TestId": "21851", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Guest access is protected by strong authentication methods", "TenantType": [ "Workforce" ] }, "21791": { "TestId": "21791", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Guests can't invite other guests", "TenantType": [ "Workforce" ] }, "21792": { "TestId": "21792", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Guests have restricted access to directory objects", "TenantType": [ "Workforce" ] }, "21771": { "TestId": "21771", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Inactive applications don't have highly privileged built-in roles", "TenantType": [ "Workforce", "External" ] }, "21770": { "TestId": "21770", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Inactive applications don't have highly privileged Microsoft Graph API permissions", "TenantType": [ "Workforce", "External" ] }, "21774": { "TestId": "21774", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Microsoft services applications don't have credentials configured", "TenantType": [ "Workforce", "External" ] }, "21795": { "TestId": "21795", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "No legacy authentication sign-in activity", "TenantType": [ "Workforce" ] }, "21790": { "TestId": "21790", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Outbound cross-tenant access settings are configured", "TenantType": [ "Workforce", "External" ] }, "21787": { "TestId": "21787", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Permissions to create new tenants is limited to the Tenant Creator role", "TenantType": [ "Workforce" ] }, "21814": { "TestId": "21814", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Privileged accounts are cloud native identities", "TenantType": [ "Workforce" ] }, "21782": { "TestId": "21782", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Privileged accounts have phishing-resistant methods registered", "TenantType": [ "Workforce" ] }, "21783": { "TestId": "21783", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Privileged Microsoft Entra built-in roles are targeted with Conditional Access policies to enforce phishing-resistant methods", "TenantType": [ "Workforce" ] }, "21781": { "TestId": "21781", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Privileged users sign in with phishing-resistant methods", "TenantType": [ "Workforce" ] }, "21777": { "TestId": "21777", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "App Instance Property Lock is configured for all multitenant applications", "TenantType": [ "Workforce", "External" ] }, "21786": { "TestId": "21786", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "User sign-in activity uses token protection", "TenantType": [ "Workforce", "External" ] }, "21801": { "TestId": "21801", "ImplementationCost": null, "UserImpact": null, "RiskLevel": null, "Category": null, "Title": "Users have strong authentication methods configured", "TenantType": [ "Workforce", "External" ] } } |