You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just started looking into Maester and have found some tests pass that should not pass, however i have no idea where the codebase for the tests can be found. as an example CISA.MS.EXO.16.1: Alerts SHALL be enabled. passes, but it should not pass. I can find the location of the test Test-MtCisaExoAlert.Tests.ps1 but when i open it I can see that it basically just runs Test-MtCisaExoAlert and i have no idea where i can find it.
The problem with this particular test is that one of the alerts (A potentially malicious URL click was detected.) is just not being tested. But the test details does mention this alert:
"
Test details
At a minimum, the following alerts SHALL be enabled:
Suspicious email sending patterns detected.
Suspicious Connector Activity.
Suspicious Email Forwarding Activity.
Messages have been delayed.
Tenant restricted from sending unprovisioned email.
Tenant restricted from sending email. A potentially malicious URL click was detected.
"
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I just started looking into Maester and have found some tests pass that should not pass, however i have no idea where the codebase for the tests can be found. as an example CISA.MS.EXO.16.1: Alerts SHALL be enabled. passes, but it should not pass. I can find the location of the test Test-MtCisaExoAlert.Tests.ps1 but when i open it I can see that it basically just runs
Test-MtCisaExoAlertand i have no idea where i can find it.The problem with this particular test is that one of the alerts (A potentially malicious URL click was detected.) is just not being tested. But the test details does mention this alert:
"
Test details
At a minimum, the following alerts SHALL be enabled:
Suspicious email sending patterns detected.
Suspicious Connector Activity.
Suspicious Email Forwarding Activity.
Messages have been delayed.
Tenant restricted from sending unprovisioned email.
Tenant restricted from sending email.
A potentially malicious URL click was detected.
"
Beta Was this translation helpful? Give feedback.
All reactions