MT.1012 - At least one Conditional Access policy is configured to require MFA for risky sign-ins.
Overview
Checks if the tenant has at least one conditional access policy requiring multifactor authentication for risky sign-ins.
See Sign-in risk-based multifactor authentication - Microsoft Learn
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1012 |
| Severity | High |
| Suite | Maester |
| Category | CA |
| PowerShell test | Test-MtCaMfaForRiskySignIn |
| Tags | CA, Maester, MT.1012 |
Source
- Pester test:
tests/Maester/Entra/Test-ConditionalAccessBaseline.Tests.ps1 - PowerShell source:
powershell/public/maester/entra/Test-MtCaMfaForRiskySignIn.ps1