| ๐ผ 1.1 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.2 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.3 Ensure guest users are reviewed on a monthly basis - Level 1 (Manual _ Assessment requires a manual procedure. Hover over the title for the full description) | | | | |
| ๐ผ 1.4 Ensure that 'Restore multi-factor authentication on all remembered devices' is Enabled - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.5 Ensure That 'Number of methods required to reset' is set to '2' - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.6 Ensure that 'Number of days before users are asked to re-confirm their authentication information' is not set to '0' - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.7 Ensure that 'Notify users on password resets?' is set to 'Yes' - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.8 Ensure That 'Notify all admins when other admins reset their password?' is set to 'Yes' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.9 Ensure that 'Users can consent to apps accessing company data on their behalf' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.10 Ensure that 'Users can add gallery apps to My Apps' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.11 Ensure that 'Users can register applications' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.12 Ensure That 'Guest users access restrictions' is set to 'Guest user access is restricted to properties and memberships of their own directory objects'' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.13 Ensure that 'Guest invite restrictions' is set to "Only users assigned to specific admin roles can invite guest users" - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.14 Ensure That 'Restrict access to Azure AD administration portal' is Set to "Yes" - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.15 Ensure that 'Restrict user ability to access groups features in the Access Pane' is Set to 'Yes' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.16 Ensure that 'Users can create security groups in Azure portals, API or PowerShell' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.17 Ensure that 'Owners can manage group membership requests in the Access Panel' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.18 Ensure that 'Users can create Microsoft 365 groups in Azure portals, API or PowerShell' is set to 'No' - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.19 Ensure that 'Require Multi-Factor Authentication to register or join devices with Azure AD' is set to 'Yes' - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.20 Ensure That No Custom Subscription Owner Roles Are Created - Level 2 (Automated) | | | | |
| ๐ผ 1.21 Ensure Security Defaults is enabled on Azure Active Directory - Level 1 (Manual _ Not supported, no API/CLI available by Azure) | | | | |
| ๐ผ 1.22 Ensure a Custom Role is Assigned Permissions for Administering Resource Locks - Level 2 (Manual _ Not supported, no API/CLI available by Azure) | | | | |