SHELL/2.1.7.ps1
|
$CheckId = "2.1.7" $Title = "Ensure that an anti-phishing policy has been created" try { $PolicyFields = @( "Name", "Enabled", "PhishThresholdLevel", "EnableTargetedUserProtection", "EnableOrganizationDomainsProtection", "EnableMailboxIntelligence", "EnableMailboxIntelligenceProtection", "EnableSpoofIntelligence", "TargetedUserProtectionAction", "TargetedDomainProtectionAction", "MailboxIntelligenceProtectionAction", "EnableFirstContactSafetyTips", "EnableSimilarUsersSafetyTips", "EnableSimilarDomainsSafetyTips", "EnableUnusualCharactersSafetyTips", "TargetedUsersToProtect", "HonorDmarcPolicy" ) $Policies = Get-AntiPhishPolicy | Select-Object -Property $PolicyFields $Rules = Get-AntiPhishRule | Select-Object AntiPhishPolicy,Priority,State,SentToMemberOf,RecipientDomainIs $EnabledPolicies = $Policies | Where-Object { $_.Enabled -eq $true } $Pass = @($EnabledPolicies).Count -gt 0 -and @($Rules).Count -gt 0 [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($Pass) { "PASS" } else { "FAIL" } Pass = $Pass Evidence = [pscustomobject]@{ Policies = @($Policies) EnabledPolicies = @($EnabledPolicies) Rules = @($Rules) } Error = $null Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = "ERROR" Pass = $null Evidence = $null Error = $_.Exception.Message Timestamp = Get-Date } } |