| CHECK |
BUDGET
basis set |
PREMIUM
geavanceerde set
|
| Logging |
| CHK-1001 - Audit logging coming in |
✅ |
✅ |
| CHK-1002 - Audit logging enabled |
✅ |
✅ |
| CHK-1003 - Mailbox auditing settings correct |
✅ |
✅ |
| CHK-1055 - Mailbox audit bypass enabled |
|
✅ |
| Sterke wachtwoorden |
| CHK-1331 - Passwords do not expire |
✅ |
✅ |
| CHK-1333 - Self-service password reset enabled |
✅ |
✅ |
| CHK-1145 - Password reset notifications |
✅ |
✅ |
| Toegang |
| CHK-1322 - Admins with limited privileges used |
|
✅ |
| CHK-1329 - Between 2 and 4 global admins in tenant |
|
✅ |
| CHK-1056 - Security Group Creation Allowed |
|
✅ |
| CHK-1320 - Customer Lockbox feature enabled |
|
✅1 |
| CHK-1523 - Sharepoint Legacy Protocols disabled |
|
✅ |
| CHK-1150 - Disable AzureAD Sync softmatch |
|
✅ |
| CHK-1143 - User Access to Azure AD in portal is restricted |
|
✅ |
| Multi-factor Authenticatie |
| CHK-1327 - MFA enabled for all users |
✅ |
✅ |
| CHK-1127 - Security defaults enabled |
✅ |
✅ |
| CHK-1325 - Legacy authentication disabled |
✅ |
✅ |
| CHK-1021 - Modern authentication enabled (Exchange Online) |
✅ |
✅ |
| CHK-1328 - MFA enabled for all admin users |
✅ |
✅ |
| CHK-1137 - Admin user without MFA methods detected |
✅ |
✅ |
| CHK-1141 - MFA number matching enabled |
✅ |
✅ |
| CHK-1140 - Pushnotifications Microsoft Authenticator enabled |
✅ |
✅ |
| CHK-1135 - Emergency Admin |
|
✅ |
| CHK-1053 - Emergency Admin Password Needs to Change |
|
✅ |
| CHK-1052 - Emergency Admin Password Changed |
|
✅ |
| CHK-1139 - MFA Passwordless Login |
|
✅ |
| CHK-1142 - MFA Display Additional information |
|
✅ |
| CHK-1144 - MFA fraud reports enabled |
|
✅ |
| CHK-1154 - MFA Policy exclusions changed |
|
✅ |
| E-mailbescherming |
| CHK-1026 - Outbound Spamfilter Policy Enabled |
✅ |
✅ |
| CHK-1024 - Internal malware Sending notifications |
✅ |
✅ |
| CHK-1046 - Synchronization to LinkedIn Disabled |
✅ |
✅ |
| CHK-1025 - Malware Filter Policy Enabled |
✅ |
✅ |
| CHK-1020 - Bestandsfilter voor e-mail bijlagen |
✅ |
✅ |
| CHK-1048 - MailTips Enabled |
✅ |
✅ |
| CHK-1028 - E-mail Content-Filter Policy |
✅ |
✅ |
| CHK-1054 - Plus Addressing enabled |
✅ |
✅ |
| CHK-1057 - Autodiscover not configured |
✅ |
✅ |
| CHK-1058 - Phishing warning based mailtips enabled |
✅ |
✅ |
| CHK-1022 - E-mail disclaimer voor berichten van buiten de organisatie |
|
✅ |
| CHK-1036 - Remote Domains external forward |
|
✅ |
| CHK-1031 - Calendar Sharing Disabled |
|
✅ |
| CHK-1049 - Outbound spamfilter forwarding |
|
✅ |
| OAuth Apps |
| CHK-1120 - Register applications allowed for users |
|
✅ |
| CHK-1122 - Check for suspicious app consents |
|
✅ |
| CHK-1128 - User Consent Policies configured |
|
✅ |
| Afwijkend Gedrag |
| CHK-1334 - Sign-In risk policy enabled for all users |
|
✅2 |
| CHK-1336 - User Risk policy enabled |
|
✅2 |
| Monitoring |
| CHK-1051 - New Delegate Admin Added |
|
✅ |
| CHK-1131 - External Users with High Privileges |
|
✅ |
| CHK-1520 - Public SharePoint Sites |
|
✅ |
| Domein & DNS |
| CHK-1033 - SPF Records Correct |
|
✅ |
| CHK-1030 - DMARC Enabled |
|
✅ |
| CHK-1029 - DKIM signing enabled |
|
✅ |
| Gasten |
| CHK-1151 - Guest authorization policy |
|
✅ |
| CHK-1152 - Guest invite settings |
|
✅ |
| CHK-1522 - Resharing by guest disabled |
|
✅ |
| Systeem |
| CHK-1149 - Bitlocker keys not readable by regular users |
|
✅ |
| Malware |
| CHK-1521 - Microsoft 365 Defender for Sharepoint, Onedrive and Teams enabled |
|
✅ |
Opmerkingen
0 opmerkingen
U moet u aanmelden om een opmerking te plaatsen.