Policy: Azure > CIS v5.0 > 5 - Identity Services > 5.01 - Security Defaults (Per-User MFA)

This section covers security recommendations for Microsoft Entra ID Security Defaults and Per-User MFA settings.

Security defaults provide secure default settings that Microsoft manages on behalf of organizations to keep customers safe until they are ready to manage their own identity security settings.

Primary Policy

This policy is used with the following primary policy:

Azure > CIS v5.0 > 5 - Identity Services

Policy Specification

Schema Type	`string`
Default	`Per Azure > CIS v5.0 > 05 - Identity Services`
Valid Values [YAML]	`Per Azure > CIS v5.0 > 05 - Identity Services` `Skip` `Check: All CIS Benchmarks except attestations` `Check: All CIS Benchmarks`
Examples [YAML]	`Skip`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/cis#/control/categories/cis

Policy Type URI

tmod:@turbot/azure-cisv5-0#/policy/types/s0501

GraphQL

query policyType(id: "tmod:@turbot/azure-cisv5-0#/policy/types/s0501") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-cisv5-0#/policy/types/s0501'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-cisv5-0#/policy/types/s0501'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-cisv5-0#/policy/types/s0501"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv5-0#/policy/types/s0501"

Policy: Azure > CIS v5.0 > 5 - Identity Services > 5.01 - Security Defaults (Per-User MFA)

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers