💼 1.2 Conditional Access

• Contextual name: 💼 1.2 Conditional Access
• ID: /frameworks/cis-azure-v1.5.0/01/02
• Located in: 💼 1 Identity and Access Management

Description

For most Azure tenants, and certainly for organizations with a significant use of Azure Active Directory, Conditional Access policies are recommended and preferred. To use conditional access policies, a licensing plan is required, and Security Defaults must be disabled.

Conditional Access requires one of the following plans:

• Azure Active Directory Premium P1 or P2
• Microsoft 365 Business Premium
• Microsoft 365 E3 or E5
• Enterprise Mobility & Security E3 or E5

Similar

• Internal
  • ID: dec-b-8cf149a5

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 1.2.1 Ensure Trusted Locations Are Defined - Level 1 (Manual)
💼 1.2.2 Ensure that an exclusionary Geographic Access Policy is considered - Level 1 (Manual)
💼 1.2.3 Ensure that A Multi-factor Authentication Policy Exists for Administrative Groups - Level 1 (Manual)
💼 1.2.4 Ensure that A Multi-factor Authentication Policy Exists for All Users - Level 1 (Manual)
💼 1.2.5 Ensure Multi-factor Authentication is Required for Risky Sign-ins - Level 1 (Manual)
💼 1.2.6 Ensure Multi-factor Authentication is Required for Azure Management - Level 1 (Manual)