Added Microsoft's recommendation as a note.

maester365 · Jul 13, 2024 · ad11c17 · ad11c17
1 parent 0f4108f
commit ad11c17
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md
@@ -11,6 +11,8 @@ Create a Conditional Access policy blocking sign-ins determined high risk by the
 * Conditions > Sign-in risk > **High**
 * Access controls > Grant > **Block Access**
 
+Note: While CISA recommends blocking, the [Microsoft recommendation](https://learn.microsoft.com/entra/id-protection/howto-identity-protection-configure-risk-policies#microsofts-recommendation) is to require multi-factor authentication for high-risk sign-ins.
+
 #### Related links
 
 * [CISA Risk Based Policies - MS.AAD.2.3](https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/aad.md#msaad23v1)

diff --git a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md
@@ -11,6 +11,8 @@ Create a conditional access policy blocking users categorized as high risk by th
 * Conditions > User risk > **High**
 * Access controls > Grant > **Block Access**
 
+Note: While CISA recommends blocking, the [Microsoft recommendation](https://learn.microsoft.com/entra/id-protection/howto-identity-protection-configure-risk-policies#microsofts-recommendation) is to require multi-factor authentication for high-risk users.
+
 #### Related links
 
 * [CISA Risk Based Policies - MS.AAD.2.1](https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/aad.md#msaad21v1)