Version: 2.1.1-preview

CISA.MS.AAD.1.1 - Legacy authentication SHALL be blocked.

Overview

Legacy authentication SHALL be blocked.

Rationale: The security risk of allowing legacy authentication protocols is they do not support MFA. Blocking legacy protocols reduces the impact of user credential theft.

Remediation action:

Follow the guide below to create a conditional access policy that blocks legacy authentication.

Block legacy authentication - Microsoft Learn

CISA Legacy Authentication - MS.AAD.1.1v1
CISA ScubaGear Rego Reference

Test Metadata

Field	Value
Test ID	CISA.MS.AAD.1.1
Severity	High
Suite	CISA
Category	Entra ID P1
PowerShell test	Test-MtCisaBlockLegacyAuth
Tags	CISA, CISA.MS.AAD.1.1, Entra ID P1, MS.AAD, MS.AAD.1.1

Source

Pester test: tests/cisa/entra/Test-MtCisaBlockLegacyAuth.Tests.ps1
PowerShell source: powershell/public/cisa/entra/Test-MtCisaBlockLegacyAuth.ps1

Overview​

Remediation action:​

Related links​

Test Metadata​

Source​

Overview

Remediation action:

Related links

Test Metadata

Source