Policy: Azure > CIS v2.0 > 01 - Identity and Access Management > 1.01 - Security Defaults
The Azure "Security Defaults" recommendations represent an entry-level set of recommendations which will be relevant to organizations and tenants that are either just starting to use Azure as an IaaS solution, or are only utilizing a bare minimum feature set such as the freely licensed tier of Azure Active Directory. Security Defaults recommendations are intended to ensure that these entry-level use cases are still capable of establishing a strong baseline of secure configuration.
If your subscription is licensed to use Azure AD Premium P1 or P2, it is strongly recommended that the "Security Defaults" section (this section and the recommendations therein) be bypassed in favor of the use of "Conditional Access."
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Related Policies
- 1.01.01 - Ensure Security Defaults is enabled on Azure Active Directory
- 1.01.02 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users
- 1.01.03 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users
- 1.01.04 Ensure that 'Allow users to remember multi-factor authentication on devices they trust' is Disabled
Controls
- Azure > CIS v2.0
- Azure > CIS v2.0 > 01 - Identity and Access Management
- Azure > CIS v2.0 > 01 - Identity and Access Management > 1.01 - Security Defaults
Policy Specification
Schema Type | |
|---|---|
Default | |
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv2-0#/policy/types/s0101
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv2-0#/policy/types/s0101"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv2-0#/policy/types/s0101"
Get Policy TypeGet Policy Settings