Checks/check-ORCA222.ps1
using module "..\ORCA.psm1" class ORCA222 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA222() { $this.Control=222 $this.Services=[ORCAService]::OATP $this.Area="Advanced Threat Protection Policies" $this.Name="Domain Impersonation Action" $this.PassText="Domain Impersonation action is set to move to Quarantine" $this.FailRecommendation="Configure domain impersonation action to Quarantine" $this.Importance="Domain Impersonation can detect impersonation attempts against your domains or domains that look very similiar to your domains. Move messages that are caught using this impersonation protection to Quarantine." $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Antiphishing Policy" $this.ItemName="Setting" $this.DataType="Current Value" $this.ChiValue=[ORCACHI]::Medium $this.Links= @{ "Security & Compliance Center - Anti-phishing"="https://aka.ms/orca-atpp-action-antiphishing" "Recommended settings for EOP and Office 365 ATP security"="https://aka.ms/orca-atpp-docs-7" } } <# RESULTS #> GetResults($Config) { $PolicyExists = $False #$CountOfPolicies = ($Config["AntiPhishPolicy"] | Where-Object {$_.Enabled -eq $True}).Count $CountOfPolicies = ($global:AntiSpamPolicyStatus| Where-Object {$_.IsEnabled -eq $True}).Count ForEach($Policy in ($Config["AntiPhishPolicy"] | Where-Object {$_.Enabled -eq $True})) { $IsPolicyDisabled = $false $EnableTargetedDomainsProtection = $($Policy.EnableTargetedDomainsProtection) $EnableOrganizationDomainsProtection = $($Policy.EnableOrganizationDomainsProtection) $TargetedDomainProtectionAction = $($Policy.TargetedDomainProtectionAction) $IsBuiltIn = $false $policyname = $($Policy.Name) ForEach($data in ($global:AntiSpamPolicyStatus | Where-Object {$_.PolicyName -eq $policyname})) { $IsPolicyDisabled = !$data.IsEnabled } if($IsPolicyDisabled) { $IsPolicyDisabled = $true $policyname = "$policyname" +" [Disabled]" $EnableTargetedDomainsProtection = "N/A" $EnableOrganizationDomainsProtection = "N/A" $TargetedDomainProtectionAction = "N/A" } elseif($policyname -match "Built-In" -and $CountOfPolicies -gt 1) { $IsBuiltIn =$True $policyname = "$policyname" +" [Built-In]" } elseif(($policyname -eq "Default" -or $policyname -eq "Office365 AntiPhish Default") -and $CountOfPolicies -gt 1) { $IsBuiltIn =$True $policyname = "$policyname" +" [Default]" } $PolicyExists = $True <# EnableTargetedDomainsProtection / EnableOrgainizationDomainsProtection #> If($EnableTargetedDomainsProtection -eq $False -and $EnableOrganizationDomainsProtection -eq $False) { # Check objects $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="EnableTargetedDomainsProtection" $ConfigObject.ConfigData=$EnableTargetedDomainsProtection if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is not set properly according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } $this.AddConfig($ConfigObject) # Check objects $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="EnableOrganizationDomainsProtection" $ConfigObject.ConfigData=$EnableOrganizationDomainsProtection if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is not set properly according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } $this.AddConfig($ConfigObject) } If($EnableTargetedDomainsProtection -eq $True) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="EnableTargetedDomainsProtection" $ConfigObject.ConfigData=$EnableTargetedDomainsProtection if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is properly set according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } $this.AddConfig($ConfigObject) } If($EnableOrganizationDomainsProtection -eq $True) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="EnableOrganizationDomainsProtection" $ConfigObject.ConfigData=$EnableOrganizationDomainsProtection if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is properly set according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } $this.AddConfig($ConfigObject) } # Check objects $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="TargetedDomainProtectionAction" $ConfigObject.ConfigData=$TargetedDomainProtectionAction If($TargetedDomainProtectionAction -eq "Quarantine") { if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is properly set according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } } Else { if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is not set properly according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } } If($TargetedDomainProtectionAction -eq "Delete" -or $TargetedDomainProtectionAction -eq "Redirect") { # For either Delete or Quarantine we should raise an informational if($IsPolicyDisabled) { $ConfigObject.InfoText = "The policy is not enabled and will not apply. The configuration for this policy is not set properly according to this check. It is being flagged incase of accidental enablement." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } elseif($IsBuiltIn) { $ConfigObject.InfoText = "This is a Built-In/Default policy managed by Microsoft and therefore cannot be edited. Other policies are set up in this area. It is being flagged only for informational purpose." $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail") $ConfigObject.InfoText = "The $($TargetedDomainProtectionAction) option may impact the users ability to release emails and may impact user experience." } } $this.AddConfig($ConfigObject) } If($CountOfPolicies -eq 0) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object="All" $ConfigObject.ConfigItem="Enabled" $ConfigObject.ConfigData="False" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") $this.AddConfig($ConfigObject) } } } # SIG # Begin signature block # MIIl0wYJKoZIhvcNAQcCoIIlxDCCJcACAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAEt0327O6WSF9J # U45V1wdbGy5p1c0B/8Z9pcygLR/XsaCCC6EwggUGMIID7qADAgECAhMzAAAE4xrK # 0/aegtm7AAEAAATjMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIxMDkwMjE5MjYyOFoXDTIyMDkwMTE5MjYyOFowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQDokaNBqvPFgH8yAnEicnWyLoQ58nf7j+B20b5uqsDq9EXWyt87+Wc9CCFh # +9gxWx6wx+iRsO/yT8SZhxi/w00uxM5jDWnbAbSIMB2VrNnLGNOxAQj674zPskBs # ecseXAMHA/+o5ujZOse4EorLmTfJ5f/Zzun8KVVwlSd1CVlj0hgk28xmTdLV7ZWw # 0wV9e/0p/XOHSRUNWw8gFfIfzli3oVV4H/DzT2o1jD4HIt3QIX1kRRXVqleASUgD # Z6/6JthrKti4xfyMdSUGyXuxEoe6zZ4EOXltaHw7hqZzH2Ufl3UxB6HmdxvG9BI4 # 3LVKq3pFO+Nj3NdMVkyptnjDJnGpAgMBAAGjggGCMIIBfjATBgNVHSUEDDAKBggr # BgEFBQcDAzAdBgNVHQ4EFgQUPMsdBtvwLsgDf0B50WrJSL+NYrEwUAYDVR0RBEkw # R6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNv # MRYwFAYDVQQFEw0yMzAwNzIrNDY3NjA2MB8GA1UdIwQYMBaAFL9loqtvdaNORZZX # Bc85h/TAFRwcMFwGA1UdHwRVMFMwUaBPoE2GS2h0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRlc3RpbmclMjBQQ0ElMjAyMDEw # KDEpLmNybDBpBggrBgEFBQcBAQRdMFswWQYIKwYBBQUHMAKGTWh0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGVzdGluZyUy # MFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQAD # ggEBAAylFduuUCCNS+ejRtNeqm7geSoNzl+E0wbGZi4W9+rqo972KaS338FB5Y5G # 8PNqaN3RNqNaHra/zI97JaLYjrZ+iCmKMzROdVS5cR/WpAla36J/tpuVSvNwwvW1 # 5KHRv6PEzGQ7BQYU55cMTkUwNtRVbARMdjcFa3pbuIkioVsoFNVOZ4e8aOSPV+Vz # PVmOU2xltmM/8IOgTSfFTCJhqY7d/vjqajXAXg2olbbJ2vX051uUuFfIyfo/5xJS # uyWOUCZ1opzXHy5EwrkmdZs6orQtMy1akT6UYjl4x5VZsqiszDshDNjVgRUdR97M # d7NxQZEScdZfoTf0byI8Cwtp8JIwggaTMIIEe6ADAgECAhMzAAAALTV6RojJB3HY # AAAAAAAtMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTowOAYDVQQDEzFNaWNyb3NvZnQgVGVzdGluZyBSb290IENl # cnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIwMTIxMDIwNDMyMFoXDTM1MDYx # NzIxMDQxMVoweTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO # BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEj # MCEGA1UEAxMaTWljcm9zb2Z0IFRlc3RpbmcgUENBIDIwMTAwggEiMA0GCSqGSIb3 # DQEBAQUAA4IBDwAwggEKAoIBAQC/PGCBq77s/9cXY/KmQtETYpywF866Rhp7Ii5V # c5pUucbU0cqY/ndHDY6d8F7M+FTv8s8q1GLxqTQKBNfFBYbyEPVN05YIZoXbAn0Y # 3OJ6I6eaKV2ueRjPDGPwGv+BqalDP6kLuVHxs0g6/EQuXxHFVjr/yg7NiAjB/cfV # 9T7v6k4bcosjvUU3nh9wwafJuCBz7fNsPYshBc93Ev6h3AfpDVt4CWwyVRBH0DfI # x/f6c/5GNORWFqg3ZFPWNfvDgLaOtoaRoRDWwUr243rUEQqy3i6eEJfgga4SXYgB # XcykxChSnGDwCuaIr0vpV4rsow83Hin2XSHT19pdDslO241tAgMBAAGjggH6MIIB # 9jAOBgNVHQ8BAf8EBAMCAYYwEgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3 # FQIEFgQU6p9fM7bQX56t6y2mwQK7QDjL57UwHQYDVR0OBBYEFL9loqtvdaNORZZX # Bc85h/TAFRwcMFQGA1UdIARNMEswSQYEVR0gADBBMD8GCCsGAQUFBwIBFjNodHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0w # GQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV # HSMEGDAWgBSjAQR+MIgz67kxnMrrhXZn/GW00TBZBgNVHR8EUjBQME6gTKBKhkho # dHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNUZXNS # b29DZXJBdXRfMjAxMC0wNi0xNy5jcmwwgY0GCCsGAQUFBwEBBIGAMH4wTQYIKwYB # BQUHMAKGQWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljVGVz # Um9vQ2VyQXV0XzIwMTAtMDYtMTcuY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25l # b2NzcC5taWNyb3NvZnQuY29tL29jc3AwDQYJKoZIhvcNAQELBQADggIBACe00IWy # nswPpCpTc9Vt2tcxAMj2/2PI9gERtRiS2ty0+a8m6PxKeb3BZ7CIA3llzzU1BViO # 4oMGlvW6fhJZUJvg8NU9nQnzu0bNh7104nfQRgZ6IhppK2QsuYs5gAzqgiciojBX # IiTZIT+raUa3w6/Bxl682Y+RViOTqfImLkR29LpyI9GZb1tFZFPilZTxtkhAv3fw # sTiUc5ACLGsBCJZ6zlLOnZTzkTSct1oOvnD8jbwn9nX7jNbU1qjWmtUI6quiyeg1 # R9V/WS+zB9bcVjaXU+IBinywbI7nsZrO1d0GgQ4FwMt519w+tr340t0QXfo2QTSD # 711uiQVjsrGFQnxakyIKY3jKP0soUu9Bty0Ywklj0TAcWJ+bamBqJpp8oXUbLP42 # u4nMQSCnKwyj9/0BUFD+oJ09BAYRandAMhp5/i2z1BPH5GYMoIEMxMUuAWaaFu1R # jQlaMuQqfuyjP8shwNSV7+nlOIUPhWF9mcBy9hAdd+6yWfKn7K6FbMBKcBA2c4g7 # p9zUkUjCQORwz6T9Oyl8BqPMeihIDBeSs5auNENXrAjRjMxUesTJDSFnk2chdsve # WtOQ4+N/c0G7WdpI0RrJJ25K0NsVWNXdNegQ0SdmK6AkphLCaHOhgczWeCKk3ms1 # 2omIrm6SnoTwsPOLeXn/tdy0lBjf5mAcMmiyMYIZiDCCGYQCAQEwgZAweTELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEjMCEGA1UEAxMaTWljcm9z # b2Z0IFRlc3RpbmcgUENBIDIwMTACEzMAAATjGsrT9p6C2bsAAQAABOMwDQYJYIZI # AWUDBAIBBQCggbAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGC # NwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIDa+a/CQHBYtxXRC # emXjddNNISVl8ZqqQlJUPgefRkHEMEQGCisGAQQBgjcCAQwxNjA0oBSAEgBNAGkA # YwByAG8AcwBvAGYAdKEcgBpodHRwczovL3d3dy5taWNyb3NvZnQuY29tIDANBgkq # hkiG9w0BAQEFAASCAQAmCqsQhf5oKW4WjI6arMitOht5YfrVGc7wSow0kuSHOFVE # CZgcgNbq0uzBtqPiuCyXxyGgPPa5xeV8nAzgbHUH6suOUAIUXCFOgVpfAZAUeP4V # XSpkXF+n0FdxPK4Na6qiqXDNVoDBhsePolf8NkVBb+oF7rjNTsAk/m5fh33B5vZg # 3pCX2nmTFU4b2/Vu5CqQ4lpKTGnL+FxjDLpJFUTd61d4oYOuXSpjW8CgJ4VhVoqa # jQbU5FzUvwHYuVx82iMctbSaYjaujTRsmaPEuNIAway+WJuFokYbBtceQ8U7XQPb # ja6WljEvv+WfmMEow4tBeOKcIhg740Lhb6KKPlZAoYIXFTCCFxEGCisGAQQBgjcD # AwExghcBMIIW/QYJKoZIhvcNAQcCoIIW7jCCFuoCAQMxDzANBglghkgBZQMEAgEF # ADCCAVgGCyqGSIb3DQEJEAEEoIIBRwSCAUMwggE/AgEBBgorBgEEAYRZCgMBMDEw # DQYJYIZIAWUDBAIBBQAEICAO35zzZ99uppHGgAjWjplmpaYbfmd9EDcS7mqDLXF6 # AgZiubL6GywYEjIwMjIwNzE0MDkyNjEwLjU5WjAEgAIB9KCB2KSB1TCB0jELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9z # b2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjo4NkRGLTRCQkMtOTMzNTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZaCCEWUwggcUMIIE/KADAgECAhMzAAABjAGXYkc2dmY7AAEA # AAGMMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MB4XDTIxMTAyODE5Mjc0NFoXDTIzMDEyNjE5Mjc0NFowgdIxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVs # YW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046 # ODZERi00QkJDLTkzMzUxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNl # cnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDTSGhMoRP5Iaxr # LD70EV2b65n6S8Q8Yt3mwXxeVPdTLhgapPzr4OvwbeTqr+VFqCLFEq+f6DYAVEv1 # W5moLW5O9rt1k30KGKi0ccWbLJBk9qVd0lMLycoituBMxcDCH+ZuGeahrGwj2MaW # K9iCLkY04Tu7pNXhQ62dU/yKiFNR80wqFlol3OZYOOFYLsuM9ciFqb1CFGRXOuTF # 8kpzn0CxoYPc++JGSAegbF+l1Yc89pbyKIQeNzg8OYIqW5bcn4h1Tfwf4yQo+Z6Q # Lsa1FMtcoEK5YpdLxONlj/CQ1zNY0Sj6Xknc5l0d5WKDGnMKd6yRl9wdfGsJfaG5 # 7uom9auSwVK2Rls4bshiZp9gxCtka6WXvY+dLWgh1B1idHn+eBy9JBvXUZDSQ0wP # OIqxJ37mJ9RphsktnRcTE1XiotcJLrkOP7wXKAKO02+QOIHkez0jsr3PFmxRvt8o # pIYRn3IDQmBNZtwA8Jg+24AdUnxQppP3rukmbv6veGBx7fxVTf2yl54ceBoJLi9e # t6VMuJQwCXQ62TmdwpApzaQae+7A/ZEJLeQQQUDGifAufynJ53Kt5lNsExAGp/Wj # eSPSKU4nv9/8/dzWudpg7TUYMmia/ui2lvnP7WGtKgizy77p6u4koJOKF3SL/xtz # rsAoXvrCla69b0GFtQxOxaTDDivjZwIDAQABo4IBNjCCATIwHQYDVR0OBBYEFJbO # U4apgiFgiHlWnT6Iyt1Ai1IjMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1 # GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w # a2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEp # LmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUy # MFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYB # BQUHAwgwDQYJKoZIhvcNAQELBQADggIBANdoxUVYwgmp1uVBkrqiSztx0JTB48Ca # YQh52zK6yBQwhCVCpqN8I/2IbnzI4VJHHaTn2PaEAFJkHEWZuRWPCFgQLXIk9Cb3 # jriBTPkb645bnWLy5554HeHaL4OahY0o1K6Ug3J9IaBbo8IMKJGo7eqfwphXMvOh # 6Z8+Kv9RXHkICBVwQMAy3FtGtMdcEAFfIJrppDf6O6RYHlpDMvDqqEeHPscg5T2r # 9D1jY2dUEo9/MiXA+NvY2tAZ9CddOyx8UP3w6lEerTtlTHbWDimzxXfeFJKQna4P # CG2nlW0UacX4DHMUGUK9zfcs9OZexzOXLr7JCABHCY0d40DbrZaosskzzgjPw5LV # V8TU3rJgKQuODzX7MZeyO8waaMGWLLFnBdYZYmayi8HpPqHUat+a8wq504T3YPrt # JHfNPcN0DknAv1MDNfxSGLRoZi2fm41QMVvEijMhEyktWk/9g4ueD6va/yzyXJa/ # Rp+PBlgcEnrgxZU3Edxo22PORi1CN1nluHKRrp1f4O1AP1uHfOOLRKWt9UMgvERv # o6PKq18aPuJZm8mtvgCohWAdBoPOC6LERL2J60WKQd9/qn3sLmqhtNNsrA3QAQ/e # rm17Ij00g5WUmXSCLkht3nweJ/cks7q+n7nIdeOhIv8yWEWa8a1piZDAPsrNOb24 # AMXgHM/+bHa/MIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAAFTANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQg # VGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC # ggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDivbk+ # F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3po5GawcU # 88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2vjUmZNqY # O7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GPsjksUZzp # cGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3rMvrg0Xn # Rm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDPc31BmkZ1 # zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8FA6PRc6ZN # N3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q6oRRRuLR # vWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1fMHSRlJTY # uVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLvjflSxIUX # k8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGjggHdMIIB # 2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSavoKR # PEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYDVR0g # BFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5t # aWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMGA1UdJQQM # MAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQE # AwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQ # W9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNv # bS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBa # BggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0GCSqG # SIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5HZHixBpOX # PTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjYNi6c # qYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1JFe53Z/z # jj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8F7BUhUKz # /AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99Jo3QMvOyR # gNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4KWN1APMdU # bZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZkWsNn6Qo # 3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58oWFsc/4K # u+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue10Cga # iQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6gMTN9 # vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1izoXBm8qGC # AtQwggI9AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9u # cyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo4NkRGLTRCQkMtOTMz # NTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcG # BSsOAwIaAxUANKLyFOur9DyimnB4bK5ks0Qmr9WggYMwgYCkfjB8MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQg # VGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOZ58aswIhgPMjAy # MjA3MTQwOTM2NDNaGA8yMDIyMDcxNTA5MzY0M1owdDA6BgorBgEEAYRZCgQBMSww # KjAKAgUA5nnxqwIBADAHAgEAAgIHCzAHAgEAAgITDjAKAgUA5ntDKwIBADA2Bgor # BgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAID # AYagMA0GCSqGSIb3DQEBBQUAA4GBAHgN064wmgru/yoNf4SN/MxMalQ2Tdf9Mb7+ # A0b5cQrBnqF0gUwZHXKNfK5dwIh/iKpa/NasS8ggTdrSDnbddJww7C1IDTmQXHwW # 3IjZwajZvs4KtHhnLtDfFYwZMMeZ7o0vYFypPx0VkYYnrgMt6jIsHvSNF168p8a+ # ixJfTwW6MYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIw # MTACEzMAAAGMAZdiRzZ2ZjsAAQAAAYwwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqG # SIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgYY3YknLA7css # z+O9r/VkVxnHeEUCdcZheXSS78BkQhAwgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHk # MIG9BCDVrYv4FSqQzwZ/xOYhBZ2B4pNOthcjA6h864mIGJhpnjCBmDCBgKR+MHwx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1p # Y3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABjAGXYkc2dmY7AAEAAAGM # MCIEIAmlJc+WzSZ32I8iST7Clpkemh39QczmpeoDO0LxDv9MMA0GCSqGSIb3DQEB # CwUABIICABJNggJQSnCGnBdwNpHxS3eqfwzjMZ2eyrHxqi3pwC87RNfzsPeRQi5G # KYk2wTh7GA2zy7SzJXQp9WXBZzPCWARBuLCW4aGX2kZxiZMX8/kbtiNoG8FIaN9i # RnE4pjCc/oNpJTsvTmp1bHHF1Q+piSwXxlXE2AFOqRtKiAEaasziFqs1F2ReSTtI # ZYmQTpU3Ut+Zz0sdaQcAkBEldxLkMAJixP0ark8JnG3StlvOwchyYHH4Tfu2Q8cb # Go7LdbomI0wWU83NbX0TyHVr9vSOWI3HDS6DoYCK745Kvw18xVv1LgM/Zx/WUlZx # IgZawPy9dCZiiHs7jy6v+WGOLshMWRif+fipeSg5lgJEkGVazh9LPAGmgVyEp4rv # jTlC5OzNdklKYluPpe9gPNSq7BLHUUObAjGfnh+UxJ6GdClwvHy3+3EX1mLav5ws # lcIVJ5pRNDb/mJ3+a+KufnswGrjbt9WwXDgSiQDemiaElonpCV071d52F3BEGJys # udMza4MXCc7vOaOxS3vu2TEVNnz4Yvlqf/zlmCfA6HaVjm8vXe09J2ZcR1V+qw0v # 4KT1iYuOjHCXCY9vKy7UpcI4oE8XBUrVmsFliLfza4MtLDNJBcg7U3JxDOQcrdrv # aaaklhb7uiAuXx/0AdORQa89H/yKevf6zM4vq9JlCXc1fP7Ojita # SIG # End signature block |