You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This cmdlet is available only in the cloud-based service.
16
16
17
-
Use the Get-ConfigAnalyzerPolicyRecommendation cmdlet to policies (and the corresponding users) who have settings configured that fall below the suggested values for Standard and Strict preset security policies.
17
+
Use the Get-ConfigAnalyzerPolicyRecommendation cmdlet to compare the settings in your existing security policies to the settings that are used in the Standard or Strict preset security policies. Settings that are below the recommend value are returned in the results.
18
18
19
19
**Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Use the Exchange Online PowerShell V2 module](https://docs.microsoft.com/powershell/exchange/exchange-online-powershell-v2).
For information about the policies and their recommended Standard and Strict values, see [Recommended settings for EOP and Office 365 ATP security](https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365-atp).
34
+
35
+
The output of this cmdlet only returns settings that fall below the value that you've specified as a baseline (Standard or Strict).
36
+
37
+
The output contains the following information for each setting:
38
+
39
+
- PolicyGroup: The type of policy. The value will be Anti-Spam, Anti-Phishing, Anti-Malware, ATP Safe Links, or ATP Safe Attachments
40
+
- SettingName: The name of the setting in the policy.
41
+
- SettingNameDescription: A description of the setting.
42
+
- Policy: The name of the policy.
43
+
- AppliedTo: The number of users or domains that the policy applies to. If the policy isn't applied to anyone (for example, it's disabled), this value will be blank.
44
+
- CurrentConfiguration: The current value of the setting.
45
+
- LastModified: When the policy was last modified.
46
+
- Recommendation: The recommended Standard or Strict value for the setting.
47
+
- SettingType: For example, Boolean, String, or Integer.
48
+
49
+
If a setting is configured at or better than the Standard or Strict protection profile that you're comparing to, those settings/policies aren't returned in the results
50
+
51
+
This cmdlet returns the following output for each setting in each policy that falls below the recommended value.
52
+
33
53
You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
34
54
35
55
## EXAMPLES
@@ -39,12 +59,12 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
The IsAppliedToDisabled switch filters the results by policies that aren't applied to anyone. You don't need to specify a value with this switch.
102
+
The IsAppliedToDisabled switch filters the results by policies that aren't applied to anyone (the AppliedTo property is blank). You don't need to specify a value with this switch.
83
103
84
104
If you don't use this switch, the results include policies that are applied to users and policies that aren't applied to anyone.
85
105
@@ -110,4 +130,3 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
0 commit comments