Maester

1.3.114-preview

internal/orca/check-ORCA225.ps1

                                # Generated by .\build\orca\Update-OrcaTests.ps1

using module ".\orcaClass.psm1"

[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '')]

[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingEmptyCatchBlock', '')]

[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSPossibleIncorrectComparisonWithNull', '')]

[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidGlobalVars', '')]

[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingCmdletAliases', '')]

param()

<#

225 Checks to determine if MDO SafeDocs is enabled in the MDO configuration.

#>

class ORCA225 : ORCACheck

{

    <#

        CONSTRUCTOR with Check Header Data

    #>

    ORCA225()

    {

        $this.Control=225

        $this.Services=[ORCAService]::MDO

        $this.Area="Microsoft Defender for Office 365 Policies"

        $this.Name="Safe Documents for Office clients"

        $this.PassText="Safe Documents is enabled for Office clients"

        $this.FailRecommendation="Enable Safe Documents for Office clients"

        $this.Importance="Safe Documents can assist protecting files opened in Office appplications. Before a user is allowed to trust a file opened in Office 365 ProPlus using Protected View, the file will be verified by Microsoft Defender for Office 365."

        $this.ExpandResults=$True

        $this.CheckType=[CheckType]::ObjectPropertyValue

        $this.ObjectType="Safe Attachments Policy"

        $this.ChiValue=[ORCACHI]::High

        $this.ItemName="Setting"

        $this.DataType="Current Value"

        $this.Links= @{

            "Microsoft 365 Defender Portal - Safe attachments"="https://security.microsoft.com/safeattachmentv2"

            "Safe Documents in Microsoft 365 E5"="https://aka.ms/orca-atpp-docs-1"

            "Recommended settings for EOP and Microsoft Defender for Office 365"="https://aka.ms/orca-atpp-docs-7"

        }

    }

    <#

        RESULTS

    #>

    GetResults($Config)

    {

        $ConfigObject = [ORCACheckConfig]::new()

        $ConfigObject.Object=$Config["AtpPolicy"].Name

        $ConfigObject.ConfigItem="EnableSafeDocs"

        $ConfigObject.ConfigData=$Config["AtpPolicy"].EnableSafeDocs

        # Determine if SafeDocs in MDO is enabled or not

        If($Config["AtpPolicy"].EnableSafeDocs -eq $false) 

        {

            $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail")   

        }

        Else

        {

            $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass")     

        }

        $this.AddConfig($ConfigObject)

    }

}