MT.1009 - At least one Conditional Access policy is configured to block other legacy authentication.
Overview
Legacy authentication is an unsecure method to authenticate. This function checks if the tenant has at least one conditional access policy that blocks legacy authentication.
Learn more: https://learn.microsoft.com/entra/identity/conditional-access/howto-conditional-access-policy-block-legacy
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1009 |
| Severity | High |
| Suite | Maester |
| Category | CA |
| PowerShell test | Test-MtCaBlockLegacyOtherAuthentication |
| Tags | CA, Maester, MT.1009 |
Source
- Pester test:
tests/Maester/Entra/Test-ConditionalAccessBaseline.Tests.ps1 - PowerShell source:
powershell/public/maester/entra/Test-MtCaBlockLegacyOtherAuthentication.ps1