From ad11c17b493c8f1d90c26e85385b2b2e97a87a73 Mon Sep 17 00:00:00 2001
From: Merill Fernando <merill@merill.net>
Date: Sat, 13 Jul 2024 16:00:11 +1000
Subject: [PATCH] Added Microsoft's recommendation as a note.

---
 powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md | 2 ++
 powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md   | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md
index fb669f17..8f2bcce8 100644
--- a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md
+++ b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskSignIn.md
@@ -11,6 +11,8 @@ Create a Conditional Access policy blocking sign-ins determined high risk by the
 * Conditions > Sign-in risk > **High**
 * Access controls > Grant > **Block Access**
 
+Note: While CISA recommends blocking, the [Microsoft recommendation](https://learn.microsoft.com/entra/id-protection/howto-identity-protection-configure-risk-policies#microsofts-recommendation) is to require multi-factor authentication for high-risk sign-ins.
+
 #### Related links
 
 * [CISA Risk Based Policies - MS.AAD.2.3](https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/aad.md#msaad23v1)
diff --git a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md
index 1f6a907f..aa5b6590 100644
--- a/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md
+++ b/powershell/public/cisa/entra/Test-MtCisaBlockHighRiskUser.md
@@ -11,6 +11,8 @@ Create a conditional access policy blocking users categorized as high risk by th
 * Conditions > User risk > **High**
 * Access controls > Grant > **Block Access**
 
+Note: While CISA recommends blocking, the [Microsoft recommendation](https://learn.microsoft.com/entra/id-protection/howto-identity-protection-configure-risk-policies#microsofts-recommendation) is to require multi-factor authentication for high-risk users.
+
 #### Related links
 
 * [CISA Risk Based Policies - MS.AAD.2.1](https://github.com/cisagov/ScubaGear/blob/main/PowerShell/ScubaGear/baselines/aad.md#msaad21v1)