MT.1010 - At least one Conditional Access policy is configured to block legacy authentication for Exchange ActiveSync.
Overview
Legacy authentication is an unsecure method to authenticate. This function checks if the tenant has at least one conditional access policy that blocks legacy authentication.
Learn more: https://learn.microsoft.com/entra/identity/conditional-access/howto-conditional-access-policy-block-legacy
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1010 |
| Severity | High |
| Suite | Maester |
| Category | CA |
| PowerShell test | Test-MtCaBlockLegacyExchangeActiveSyncAuthentication |
| Tags | CA, Maester, MT.1010 |
Source
- Pester test:
tests/Maester/Entra/Test-ConditionalAccessBaseline.Tests.ps1 - PowerShell source:
powershell/public/maester/entra/Test-MtCaBlockLegacyExchangeActiveSyncAuthentication.ps1