SHELL/1.3.5.ps1
|
$CheckId = "1.3.5" $Title = "Ensure internal phishing protection for Forms is enabled" $Uri = "https://graph.microsoft.com/beta/admin/forms/settings" try { $FormsSettings = Invoke-MgGraphRequest -Method GET -Uri $Uri $Enabled = [bool]$FormsSettings.isInOrgFormsPhishingScanEnabled [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($Enabled) { "PASS" } else { "FAIL" } Pass = $Enabled Evidence = [pscustomobject]@{ Uri = $Uri isInOrgFormsPhishingScanEnabled = $Enabled RecommendedState = "True" } Error = $null Timestamp = Get-Date } } catch { $Message = $_.Exception.Message $IsPermissionIssue = $Message -match "(?i)forbidden|insufficient|authorization|access denied" [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($IsPermissionIssue) { "MANUAL_REVIEW" } else { "ERROR" } Pass = $null Evidence = [pscustomobject]@{ Uri = $Uri RequiredGraphScope = "OrgSettings-Forms.Read.All" ReviewAction = "Verify isInOrgFormsPhishingScanEnabled is True." } Error = $Message Timestamp = Get-Date } } |