tests/Test-ModernAuthExchangeOnline.ps1

function Test-ModernAuthExchangeOnline {
    [CmdletBinding()]
    param (
        # Define your parameters here
    )

    begin {

        $auditResults = [CISAuditResult]::new()
        # Initialization code
    }

    process {
        try {
            # Ensuring the ExchangeOnlineManagement module is available


            # 6.5.1 (L1) Ensure modern authentication for Exchange Online is enabled
            $orgConfig = Get-OrganizationConfig | Select-Object -Property Name, OAuth2ClientProfileEnabled

            # Create an instance of CISAuditResult and populate it

            $auditResults.CISControlVer = "v8"
            $auditResults.CISControl = "3.10"
            $auditResults.CISDescription = "Encrypt Sensitive Data in Transit"
            $auditResults.IG1 = $false # As per CIS Control v8 mapping for IG1
            $auditResults.IG2 = $true # As per CIS Control v8 mapping for IG2
            $auditResults.IG3 = $true # As per CIS Control v8 mapping for IG3
            $auditResults.ELevel = "E3" # Based on your environment (E3, E5, etc.)
            $auditResults.ProfileLevel = "L1"
            $auditResults.Rec = "6.5.1"
            $auditResults.RecDescription = "Ensure modern authentication for Exchange Online is enabled (Automated)"
            $auditResults.Result = $orgConfig.OAuth2ClientProfileEnabled
            $auditResults.Details = $auditResults.Details = $orgConfig.Name + " OAuth2ClientProfileEnabled: " + $orgConfig.OAuth2ClientProfileEnabled
            $auditResults.FailureReason = if (-not $orgConfig.OAuth2ClientProfileEnabled) { "Modern authentication is disabled" } else { "N/A" }
            $auditResults.Status = if ($orgConfig.OAuth2ClientProfileEnabled) { "Pass" } else { "Fail" }


        }
        catch {
            Write-Error "An error occurred while testing modern authentication for Exchange Online: $_"
        }
    }

    end {
        # Return auditResults
        return $auditResults
    }
}