MT.1012 - At least one Conditional Access policy is configured to require MFA for risky sign-ins.
Overview
Checks if the tenant has at least one conditional access policy requiring multifactor authentication for risky sign-ins.
See Sign-in risk-based multifactor authentication - Microsoft Learn
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1012 |
| Severity | High |
| Suite | M365Advisor |
| Category | CA |
| PowerShell test | Test-MtCaMfaForRiskySignIn |
| Tags | CA, M365Advisor, MT.1012 |
Source
- Pester test:
tests/M365Advisor/Entra/Test-ConditionalAccessBaseline.Tests.ps1 - PowerShell source:
powershell/public/m365advisor/entra/Test-MtCaMfaForRiskySignIn.ps1