Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Conditional Access Policy not being recognized as implemented
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 4%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Andrew Roper
0
Reputation points
Whenever I get the Threat Analytics report from MS, I check them out. Most times, I am not affected. But, just recently, there was a report that required some CAPs enabled to mitigate said threat. I viewed the recommendations, and it is suggesting that I enable 3 CAPs. However, those CAPs are already configured and deployed to all my users. Why isn't this being recognized so that I no longer see it as a recommendation and get the points for my security score?
Microsoft Security | Microsoft Entra | Microsoft Entra ID
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Gudivada Adi Navya Sri 21,095 Reputation points Moderator2024-10-22T15:15:27.33+00:00 Thank you for posting this in Microsoft Q&A.
We have noticed that this issue has occurred for many customers since October 4th, affecting all users in the tenant.
The affected recommendations with score regression is mentioned below:
- Use least privileged administrative roles
- Designate more than one global admin
- Ensure multifactor authentication is enabled for all users in administrative roles
- Ensure the 'Password expiration policy' is set to 'Set passwords to never expire (recommended)'
- Ensure user consent for apps accessing company data on their behalf is not allowed.
My team has investigated this issue, and a hotfix is being rolled out. Correct data will be generated and available on some scores.
Can you please check and let me know whether you are able to see the correct data or not?
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
-
Gudivada Adi Navya Sri 21,095 Reputation points Moderator
2024-11-05T14:30:49.8166667+00:00 Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Sign in to comment
Sign in to answer