tests/Test-IESCDisabled.ps1

function Test-IESCDisabled {
    [CmdletBinding()]
    param (
        [parameter()][string] $TestName = "Disable IESC",
        [parameter()][string] $TestGroup = "configuration",
        [parameter()][string] $Description = "Disable Internet Explorer Enhanced Security Configuration",
        [parameter()][hashtable] $ScriptParams
    )
    try {
        [System.Collections.Generic.List[PSObject]]$tempdata = @() # for detailed test output to return if needed
        $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UserKey  = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        if ((Get-ItemProperty -Path $AdminKey -Name "IsInstalled" | Select-Object -ExpandProperty IsInstalled) -ne 0) {
            Write-Verbose "configuration is not compliant (is not disabled)"
            if ($Remediate -eq $True) {
                Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0 -Force
                Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0 -Force
                Stop-Process -Name Explorer -Force
                $stat = "REMEDIATED"
                $msg  = "IE Enhanced Security Configuration (ESC) has been disabled."
            } else {
                $stat = "FAIL"
                $msg  = "IE Enhanced Security Configuration (IESC) is currently enabled"
            }
        } else {
            $stat = "PASS"
            $msg  = "IE Enhanced Security Configuration (ESC) is already disabled."
        }
    }
    catch {
        $stat = 'ERROR'
        $msg = $_.Exception.Message -join ';'
    }
    finally {
        Write-Output $([pscustomobject]@{
            TestName    = $TestName
            TestGroup   = $TestGroup
            TestData    = $tempdata
            Description = $Description
            Status      = $stat 
            Message     = $msg
        })
    }
}