SHELL/2.1.3.ps1
|
$CheckId = "2.1.3" $Title = "Ensure notifications for internal users sending malware is Enabled" try { $Policies = Get-MalwareFilterPolicy | Select-Object Identity,EnableInternalSenderAdminNotifications,InternalSenderAdminAddress $NonCompliant = $Policies | Where-Object { $_.EnableInternalSenderAdminNotifications -ne $true -or [string]::IsNullOrWhiteSpace($_.InternalSenderAdminAddress) } $Pass = @($Policies).Count -gt 0 -and @($NonCompliant).Count -eq 0 [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($Pass) { "PASS" } else { "FAIL" } Pass = $Pass Evidence = [pscustomobject]@{ Policies = @($Policies) NonCompliant = @($NonCompliant) } Error = $null Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = "ERROR" Pass = $null Evidence = $null Error = $_.Exception.Message Timestamp = Get-Date } } |