Checks/check-ORCA222.ps1

using module "..\ORCA.psm1"

class ORCA222 : ORCACheck
{
    <#
     
        CONSTRUCTOR with Check Header Data
     
    #>


    ORCA222()
    {
        $this.Control=222
        $this.Services=[ORCAService]::MDO
        $this.Area="Microsoft Defender for Office 365 Policies"
        $this.Name="Domain Impersonation Action"
        $this.PassText="Domain Impersonation action is set to move to Quarantine"
        $this.FailRecommendation="Configure domain impersonation action to Quarantine"
        $this.Importance="Domain Impersonation can detect impersonation attempts against your domains or domains that look very similiar to your domains. Move messages that are caught using this impersonation protection to Quarantine."
        $this.ExpandResults=$True
        $this.CheckType=[CheckType]::ObjectPropertyValue
        $this.ObjectType="Antiphishing Policy"
        $this.ItemName="Setting"
        $this.DataType="Current Value"
        $this.ChiValue=[ORCACHI]::Medium
        $this.Links= @{
            "Microsoft 365 Defender Portal - Anti-phishing"="https://security.microsoft.com/antiphishing"
            "Recommended settings for EOP and Microsoft Defender for Office 365"="https://aka.ms/orca-atpp-docs-7"
        }
    }

    <#
     
        RESULTS
     
    #>


    GetResults($Config)
    {

        <#
         
        This check does not need a default fail if no policies exist
         
        #>


        ForEach($Policy in ($Config["AntiPhishPolicy"] | Where-Object {$_.Enabled -eq $True}))
        {
            $IsPolicyDisabled = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies

            $EnableTargetedDomainsProtection = $($Policy.EnableTargetedDomainsProtection)
            $EnableOrganizationDomainsProtection = $($Policy.EnableOrganizationDomainsProtection)
            $TargetedDomainProtectionAction = $($Policy.TargetedDomainProtectionAction)

            $policyname = $Config["PolicyStates"][$Policy.Guid.ToString()].Name

            <#
             
            EnableTargetedDomainsProtection / EnableOrgainizationDomainsProtection
             
            #>


            If($EnableTargetedDomainsProtection -eq $False -and $EnableOrganizationDomainsProtection -eq $False)
            {
                # Check objects
                $ConfigObject = [ORCACheckConfig]::new()

                $ConfigObject.Object=$policyname
                $ConfigObject.ConfigItem="EnableTargetedDomainsProtection"
                $ConfigObject.ConfigData=$EnableTargetedDomainsProtection
                $ConfigObject.ConfigDisabled = $Config["PolicyStates"][$Policy.Guid.ToString()].Disabled
                $ConfigObject.ConfigWontApply = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies
                $ConfigObject.ConfigReadonly = $Policy.IsPreset
                $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString()

                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail")

                $this.AddConfig($ConfigObject)
                
                # Check objects
                $ConfigObject = [ORCACheckConfig]::new()

                $ConfigObject.Object=$policyname
                $ConfigObject.ConfigItem="EnableOrganizationDomainsProtection"
                $ConfigObject.ConfigData=$EnableOrganizationDomainsProtection
                $ConfigObject.ConfigDisabled = $Config["PolicyStates"][$Policy.Guid.ToString()].Disabled
                $ConfigObject.ConfigWontApply = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies
                $ConfigObject.ConfigReadonly = $Policy.IsPreset
                $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString()

                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail")

                $this.AddConfig($ConfigObject)       
            }
            
            If($EnableTargetedDomainsProtection -eq $True)
            {

                $ConfigObject = [ORCACheckConfig]::new()
                $ConfigObject.Object=$policyname
                $ConfigObject.ConfigItem="EnableTargetedDomainsProtection"
                $ConfigObject.ConfigData=$EnableTargetedDomainsProtection
                $ConfigObject.ConfigDisabled = $Config["PolicyStates"][$Policy.Guid.ToString()].Disabled
                $ConfigObject.ConfigWontApply = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies
                $ConfigObject.ConfigReadonly = $Policy.IsPreset
                $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString()

                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass")

                $this.AddConfig($ConfigObject)

            }
    
            If($EnableOrganizationDomainsProtection -eq $True)
            {

                $ConfigObject = [ORCACheckConfig]::new()
                $ConfigObject.Object=$policyname
                $ConfigObject.ConfigItem="EnableOrganizationDomainsProtection"
                $ConfigObject.ConfigData=$EnableOrganizationDomainsProtection
                $ConfigObject.ConfigDisabled = $Config["PolicyStates"][$Policy.Guid.ToString()].Disabled
                $ConfigObject.ConfigWontApply = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies
                $ConfigObject.ConfigReadonly = $Policy.IsPreset
                $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString()

                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass")

                $this.AddConfig($ConfigObject)
         
            }

            
            # Check objects
            $ConfigObject = [ORCACheckConfig]::new()
            $ConfigObject.Object=$policyname
            $ConfigObject.ConfigItem="TargetedDomainProtectionAction"
            $ConfigObject.ConfigData=$TargetedDomainProtectionAction
            $ConfigObject.ConfigDisabled = $Config["PolicyStates"][$Policy.Guid.ToString()].Disabled
            $ConfigObject.ConfigWontApply = !$Config["PolicyStates"][$Policy.Guid.ToString()].Applies
            $ConfigObject.ConfigReadonly = $Policy.IsPreset
            $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString()

            If($TargetedDomainProtectionAction -eq "Quarantine")
            {
                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass")          
            }
            Else 
            {
                $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") 
            }

            If($TargetedDomainProtectionAction -eq "Delete" -or $TargetedDomainProtectionAction -eq "Redirect")
            {
                # For either Delete or Quarantine we should raise an informational
                $ConfigObject.SetResult([ORCAConfigLevel]::Informational,"Fail")
                $ConfigObject.InfoText = "The $($TargetedDomainProtectionAction) option may impact the users ability to release emails and may impact user experience."
            }

            $this.AddConfig($ConfigObject)
    
        } 

    }

}
# SIG # Begin signature block
# MIIl7wYJKoZIhvcNAQcCoIIl4DCCJdwCAQExDzANBglghkgBZQMEAgEFADB5Bgor
# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG
# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCl9u1CTwjp0wyJ
# EdDlADxlSiGBKv4+s89P2+UomKg2V6CCC6YwggULMIID86ADAgECAhMzAAAFwlgA
# 087+f22BAAEAAAXCMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD
# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD
# QSAyMDEwMB4XDTIzMDkyMTE4MTE0M1oXDTI0MDkxODE4MTE0M1owfDELMAkGA1UE
# BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc
# BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu
# IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
# AoIBAQD5++3gGQURCZ5RFx3f6hxBcryv+l9JDcB/ue8Nf4lxtCZ3BYkCuFTxGzQs
# lXh4SBgmfcoDr8X9mqmYlAhGlQn5WdhIlIjY7cyO+Jj9qH6ir7kKmqnxX5UMl2e8
# 1Xd78imtyJHeK3X/mReHaJItcbdObmRrJeq1cJm2qgiadjJK9aFPIGTd/2jgBIMc
# G1LVd+lHU7fPU+wlvJshXoo7rj82PhSGoMqTN4s30oaUlIpKwhyn6eO7UIlD77Ez
# NikN8J35LSlUGAWR7UW/qBrlVM9JURkIsAFfHUdZbsCu0wB3dHMBru+oDim+X/R9
# ko+B0F3Me40uod5i5D8m8HqIazstAgMBAAGjggGHMIIBgzAOBgNVHQ8BAf8EBAMC
# B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFJfRokzB8QH6nZ8MnJQI
# ahPRxmYhMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNyb3NvZnQgQ29ycG9y
# YXRpb24xFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjYwHwYDVR0jBBgwFoAUv2Wiq291
# o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZLaHR0cDovL3d3dy5taWNy
# b3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwVGVzdGluZyUyMFBDQSUy
# MDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggrBgEFBQcwAoZNaHR0cDov
# L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUZXN0
# aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B
# AQsFAAOCAQEAMmCxC2x6fhzNJHnCk9zTlYQo0e/MzR5BHxJul6XfH7L2K+EOr+Wv
# wiAvkkA47zgupON7XKs+NQFkTQAAw/tgzpZ95d2KyRUxbwfik44uLSqvgVNlSDSk
# Ant8qiTj3+EhxYhcHQJwA4vz4Ow+rLIQOvPIHB0cOj1bJ/Z0olgCXfo/oORtXQe3
# 9M6dO7XvQ2i0SRvnfn95hodbpPWDmSvyHvZU5rHVLTBwyh9oTQ4v30P8eeAONxp6
# Sp6X7hLDy14Q0L4nfBeRFdf9M/DK6LjJ3bUWlYcqRpFwqMjAJQkW8RMtWuV8uSgD
# PAR/tnqsaUFRAILpmfqPUwgXIVGT0/89iDCCBpMwggR7oAMCAQICEzMAAAAtNXpG
# iMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJBgNVBAYTAlVTMRMwEQYD
# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jvc29mdCBUZXN0aW5nIFJv
# b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjAxMjEwMjA0MzIwWhcN
# MzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv
# bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0
# aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMDCCASIwDQYJ
# KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/1xdj8qZC0RNinLAXzrpG
# GnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGpNAoE18UFhvIQ9U3Tlghm
# hdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGzSDr8RC5fEcVWOv/KDs2I
# CMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEFz3cS/qHcB+kNW3gJbDJV
# EEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbBSvbjetQRCrLeLp4Ql+CB
# rhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX2l0OyU7bjW0CAwEAAaOC
# AfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG
# AQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAdBgNVHQ4EFgQUv2Wiq291
# o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAAMEEwPwYIKwYBBQUHAgEW
# M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5
# Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAPBgNVHRMBAf8EBTADAQH/
# MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTRMFkGA1UdHwRSMFAwTqBM
# oEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01p
# Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYIKwYBBQUHAQEEgYAwfjBN
# BggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9N
# aWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6
# Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkqhkiG9w0BAQsFAAOCAgEA
# J7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5rybo/Ep5vcFnsIgDeWXP
# NTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BGBnoiGmkrZCy5izmADOqC
# JyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0unIj0ZlvW0VkU+KVlPG2
# SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyNvCf2dfuM1tTWqNaa1Qjq
# q6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaBDgXAy3nX3D62vfjS3RBd
# +jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjCSWPRMBxYn5tqYGommnyh
# dRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+LbPUE8fkZgyggQzExS4B
# ZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2EB137rJZ8qfsroVswEpw
# EDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40Q1esCNGMzFR6xMkNIWeT
# ZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDRJ2YroCSmEsJoc6GBzNZ4
# IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIxghmfMIIZmwIBATCBkDB5
# MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk
# bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN
# aWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcJYANPO/n9tgQABAAAFwjAN
# BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor
# BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgEi0A+KYV
# WCkEA5XKSbLrD6kNeZ66THzmvyzbCxn1c6wwRAYKKwYBBAGCNwIBDDE2MDSgFIAS
# AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g
# MA0GCSqGSIb3DQEBAQUABIIBABdSEtsjjOwmE5x2nXprTbM2rX5/4xar2vRDNVzd
# ZoqMtbqIbbc6gxhos3ehO8p3jPtcC+Y0WlWmLuU4iUVYRATLLrIzuUFcUI5RsEj3
# HTDUpOby5eapFM/VxzyZn06adBFFttmjmC3xhPXjihzd+1BTxDOOD3LtLSeRs4xI
# GEJiddo1e6N5o91g9YzuaGt+6ko9rLyAjA4SqAOy+R6tEXI9d5ukvRnQPUnqog9K
# Ru7+tiShL2YlU0VdvoYLEgShtFSm19YSHje9CsFmmd4dMg6D/+FKoJLnOTZQcva9
# 6qlmwBrJDftJSyUQpvCsANtpLviOomKGgALoj4WuGborV6uhghcsMIIXKAYKKwYB
# BAGCNwMDATGCFxgwghcUBgkqhkiG9w0BBwKgghcFMIIXAQIBAzEPMA0GCWCGSAFl
# AwQCAQUAMIIBWQYLKoZIhvcNAQkQAQSgggFIBIIBRDCCAUACAQEGCisGAQQBhFkK
# AwEwMTANBglghkgBZQMEAgEFAAQguuJiETAEUCLERUUdgWx7WJS2Ji/beaLen2H8
# ZMBLw7kCBmVeBZgQaxgTMjAyMzEyMDMyMzM1MTUuNTU3WjAEgAIB9KCB2KSB1TCB
# 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl
# ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk
# TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U
# aGFsZXMgVFNTIEVTTjo4RDQxLTRCRjctQjNCNzElMCMGA1UEAxMcTWljcm9zb2Z0
# IFRpbWUtU3RhbXAgU2VydmljZaCCEXswggcnMIIFD6ADAgECAhMzAAAB49+9m5oc
# aIMiAAEAAAHjMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
# EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
# ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD
# QSAyMDEwMB4XDTIzMTAxMjE5MDcyOVoXDTI1MDExMDE5MDcyOVowgdIxCzAJBgNV
# BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w
# HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29m
# dCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRT
# UyBFU046OEQ0MS00QkY3LUIzQjcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0
# YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+pA1o
# Hkafn8UgVA+jf8rhCaV4IMwXjRuSgfDPQGyFnhKJCYDoIZTIPCZqpDbAeFpdTRF0
# e3C+r5TwrFhizIcqprHELt+v/Idm8ek1ODPHVWRHeleFPpfYKbXvlRfdZDiN+Xzq
# ienkAzMEgUOXPRJTxVIo0wO81e2OT0WK0uBS/aePeE4nQqQRB+TegDubvMDQP4yj
# veGZH44Lu7CxfElHa3NRkTRJNhfdS96cUft9hbLkE2YvIaraxaRDkcW8koIkAT93
# B+3z5XjdTcp4TEX+k+1wtS9D0cisvTGekwVq7th3lor5MSLntZy0G/zv59I9kFXe
# NmX9AK1wf1aueIEPCSL1B9HG78ljPD6JoRYuqthe4XuN44a8cr59V4tacBzlbGx9
# umMQyk1sZdtIX0C3c8+EVU6PHBUTHUAsZSpEp6HD1qn1f+B+QD0j15NK/AnP3DJr
# 2t4OBL7qReBK20jtFDZwkb+1A8ZUhosIhpJp8ud5qrQGezS3j4RbcH8aegEyKI5f
# CV469/m50FlAgwneTmqeeHxnhmFPCsTqIZs+tOAYE9eHt7EVgAaVvqF2EgshUN0m
# UN/yzU1W8vRDbLhIdlCECllO5b+3Iawaxwg8NIzPlsDo2FEu2MTAIWksjmoaW7nQ
# C70VF6UIRCxaDurTsf+uoc6oI0kzhGN6buOgRQIDAQABo4IBSTCCAUUwHQYDVR0O
# BBYEFLGuDWa+NRW3oWfGPnqdptmImKkDMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl
# 0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0
# LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAy
# MDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93
# d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1T
# dGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/
# BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IC
# AQC3vpsuqdTTzBFtbe9GvGNoRsY+rIg0rpRgLOFMZpH88TAInOI9Phkz2x8ZNfd5
# kNBUT2vXbW0W2ns1dBi5BLFFkxhdrT+lrA3Zef5Q+MFEO+gKxTnp3AqSubLxNLDt
# BcoayR2cTCwjnJb3erwCDzpGQGIoQR/0V3Mc24pYjgq//98O0RJ7C7jqf+75VyQL
# Bs5iXrAT/9BEasYyrnT1rgRs/6nUZSbTpeZ7/TWZMi4oOA+YcvadhHNc2qLYi4h5
# yfZpbCRHFA4WI/D52JyY47Asb/sic2qNmlB4iEMzGxavjNPHPLgRH/rN+2G2UO1w
# BccHthFSQFMKVo5rSd2980lkzJhVrpxa9mi5Or1XktLtTMhHxL/tGw5Pjd45rAsG
# y5DPRWg4u6th7VJ98+pOwJxE3NvHQLy3/4qKlK1WE8Aa20R+F1RRL2iEPou3rA0I
# nFltXQgwPyd8TqAhAlevOtdY64mo33VYPKNFqfhQoOQgFLbJYDhbomFC4HMZ6s5J
# j9oufGRGtK5uC2cphwc7CDFNMjJrlZgJGMW3RA4uV6pWSLqT6apg+v3y4w+Lm9Eh
# BLbTqYNJ6dK2vzDQn7/7VYSbc+cIIhCCl/rOGpGsC32PtesQweuDZtB6BrPxsvNt
# 7pSJuBsq1HKTWcZ17xOjmTIyP1dQIEgIPFP4XjFrmU1lVDCCB3EwggVZoAMCAQIC
# EzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYT
# AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD
# VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBS
# b290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4MjIyNVoX
# DTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0
# b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh
# dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggIi
# MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvXJHm9DtWC
# 0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa/rg2Z4VG
# Iwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AKOG6N7dcP
# 2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rboYiXcag/P
# XfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIckw+DJj361
# VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbnijYjklqwB
# Sru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F37ZyL9t9
# X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZfD9M269e
# wvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIzGHLXpyDw
# wvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR/bLUHMVr
# 9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1Hode2o+e
# FnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUCAwEAATAj
# BgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0OBBYEFJ+n
# FV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yDfQEBMEEw
# PwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9j
# cy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkrBgEEAYI3
# FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAf
# BgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBH
# hkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNS
# b29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUF
# BzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0Nl
# ckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9/Cqt4Swf
# ZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5bbsPMeTC
# j/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvfam++Kctu
# 2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn0CS9QKC/
# GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlSdYo2wh3D
# YXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0j/aRAfbO
# xnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5JL5zbcqO
# Cb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakURR6nxt67I
# 6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4O+S3Fb+0
# zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVnK+ANuOaM
# mdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNT
# TY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLXMIICQAIBATCCAQChgdikgdUwgdIx
# CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt
# b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1p
# Y3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhh
# bGVzIFRTUyBFU046OEQ0MS00QkY3LUIzQjcxJTAjBgNVBAMTHE1pY3Jvc29mdCBU
# aW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVAD2Il7vDkUOIbynLhOxi
# tAjoMVp6oIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0
# b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh
# dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJ
# KoZIhvcNAQEFBQACBQDpFwO2MCIYDzIwMjMxMjAzMjE0MDA2WhgPMjAyMzEyMDQy
# MTQwMDZaMHcwPQYKKwYBBAGEWQoEATEvMC0wCgIFAOkXA7YCAQAwCgIBAAICAcsC
# Af8wBwIBAAICEVUwCgIFAOkYVTYCAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYB
# BAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOB
# gQC8aIkvmtgCr2gCdrLBvYesA4lImJzTkUU07+F4QjNYQa1YEQzIC58Fwwrske3o
# QBnPu4eXLK81+3DRDK+iG+9567wfuRNVme13bTrrSsGShhkw1FD4vG//HY0Anwqv
# sht+L7gx82Wup72Gm+oCs7ViXhUOYN2XoB0ox69/nub0ZjGCBA0wggQJAgEBMIGT
# MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS
# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT
# HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB49+9m5ocaIMiAAEA
# AAHjMA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQ
# AQQwLwYJKoZIhvcNAQkEMSIEIIzJO3DVd2L2vf14Ra1sOto/5oMacS4uO/6uEZY+
# 3RJmMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCBvQQgM9Qjq+Ww/mT3RIEI1r3C
# FrgyXEG3YKvDXY9McjLmJiowgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UE
# CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z
# b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ
# Q0EgMjAxMAITMwAAAePfvZuaHGiDIgABAAAB4zAiBCA9kaIAHW0L+C6YwllqVGBd
# 8zd4WUjoi6MWVqZ9/dK/7zANBgkqhkiG9w0BAQsFAASCAgCmKDmeKyC65VyfWXDv
# SON1c5nj+fdvDpCl18ql4x4qn+8I9H9uWcKPwficv/brnVuiAQ86UsZfKvwLxG1t
# C6Kjpfb23Eb5EpCx5QVm9+9Ne2xwTGRvP1w6UQYMCkeRNj/0Jh69Z9fI9WWXjBK+
# P6/T3DwxtVtNViA2aE5O0XC1CecGK5IG95RWLXMr//mGRGTfGM/Sqj8vB8fAmEmx
# T2T/sN9o/KRZu4e2fHvu3Bdu44uT9+aru53Q1G9H4t2GxB+yiKoHp/ep22BDg29u
# kjyEwSdGP1ZJjG8UnqAWlphfbeP84nX92Ry02Oc7RP0PFSZk8uPC69qRJXl6bj72
# EULVDwnFAJVF2dkiCXLU8Bt7Q8evLBapXB6LXiDtpeHCabrhJctyO6gGAweG850E
# c22ShQXtaU3DBZjhuOgJLUVP8/arbVww27RCoAMMtYJNHPzclCRPxTfvuzI1knyZ
# snfzMpQBqmGZVGxof9vzxz6jcZH0b2W9E9tDKeLvnmZN9cxXkUI5fHDeayrTZwxq
# 320ANwDhXqwpYgsNzq4jCVW8RZH8sVc3wnH9nOCIfwS+vhnJiwjRsTPp5kH7NZNc
# ZBgK4kc4GSNBelNit4pPRvqcD7t6JiMKhHmxh2dhDuJj2WDaH04uv8OeVucSlzSw
# N4Q6kgcaVBQfg4HSNVke44DtKg==
# SIG # End signature block