Defender functional test plan fixes (#1057)

* Remove IsNotChecked flag from G3 3.1 Non-compliant - No defender license test * Move impersonation protection tests from standard to g5 variant
cisagov · Apr 12, 2024 · b89ab31 · b89ab31
1 parent 5b6923e
commit b89ab31
Show file tree

Hide file tree

Showing 3 changed files with 126 additions and 127 deletions.
diff --git a/Testing/Functional/Products/TestPlans/defender.g3.testplan.yaml b/Testing/Functional/Products/TestPlans/defender.g3.testplan.yaml
@@ -72,5 +72,4 @@ TestPlan:
       - TestDescription: MS.DEFENDER.3.1v1 Non-compliant - No defender license
         Preconditions: []
         Postconditions: []
-        IsNotChecked: true
         ExpectedResult: false
diff --git a/Testing/Functional/Products/TestPlans/defender.g5.testplan.yaml b/Testing/Functional/Products/TestPlans/defender.g5.testplan.yaml
@@ -384,6 +384,132 @@ TestPlan:
         Postconditions: []
         ExpectedResult: true
 
+  - PolicyId: MS.DEFENDER.2.1v1
+    TestDriver: RunScuba
+    Tests:
+      - TestDescription: MS.DEFENDER.2.1v1 Non-compliant - Sensitive user not listed
+        ConfigFileName: MismatchedUser.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.1v1 Non-compliant - Sensitive user partial coverage
+        ConfigFileName: MatchedUser.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.1v1 Compliant - All Listed sensitive users (mix-cased) are protected
+        ConfigFileName: MatchedWithMixedCase.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
+        Postconditions: []
+        ExpectedResult: true
+      - TestDescription: MS.DEFENDER.2.1v1 Compliant - All Listed sensitive users are protected
+        ConfigFileName: MatchedUser.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
+        Postconditions: []
+        ExpectedResult: true
+      - TestDescription: MS.DEFENDER.2.1v1 Compliant - No sensitive users identified but all users covered
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
+        Postconditions: []
+        ExpectedResult: true
+
+  - PolicyId: MS.DEFENDER.2.2v1
+    TestDriver: RunScuba
+    Tests:
+      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - Agency domain not listed
+        ConfigFileName: AgencyDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - Agency domain partial coverage
+        ConfigFileName: AgencyDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - All domains No list
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.2v1 Compliant - All Listed are protected
+        ConfigFileName: AgencyDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
+        Postconditions: []
+        ExpectedResult: true
+
+  - PolicyId: MS.DEFENDER.2.3v1
+    TestDriver: RunScuba
+    Tests:
+      - TestDescription: MS.DEFENDER.2.3v1 Non-compliant - Agency domain not listed
+        ConfigFileName: PartnerDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.3v1 Non-compliant - Agency domain partial coverage
+        ConfigFileName: PartnerDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
+        Postconditions: []
+        ExpectedResult: false
+      - TestDescription: MS.DEFENDER.2.3v1 Compliant - All domains No list of domains in config
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect @{}}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect @{}}'
+        Postconditions: []
+        ExpectedResult: true
+      - TestDescription: MS.DEFENDER.2.3v1 Compliant - All Listed are protected
+        ConfigFileName: PartnerDomainList.yaml
+        Preconditions:
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
+          # yamllint disable-line rule:line-length
+          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
+        Postconditions: []
+        ExpectedResult: true
+
   - PolicyId: MS.DEFENDER.3.1v1
     TestDriver: RunScuba
     Tests:

diff --git a/Testing/Functional/Products/TestPlans/defender.testplan.yaml b/Testing/Functional/Products/TestPlans/defender.testplan.yaml
@@ -118,132 +118,6 @@ TestPlan:
         Postconditions: []
         ExpectedResult: true
 
-  - PolicyId: MS.DEFENDER.2.1v1
-    TestDriver: RunScuba
-    Tests:
-      - TestDescription: MS.DEFENDER.2.1v1 Non-compliant - Sensitive user not listed
-        ConfigFileName: MismatchedUser.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.1v1 Non-compliant - Sensitive user partial coverage
-        ConfigFileName: MatchedUser.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.1v1 Compliant - All Listed sensitive users (mix-cased) are protected
-        ConfigFileName: MatchedWithMixedCase.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-        Postconditions: []
-        ExpectedResult: true
-      - TestDescription: MS.DEFENDER.2.1v1 Compliant - All Listed sensitive users are protected
-        ConfigFileName: MatchedUser.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-        Postconditions: []
-        ExpectedResult: true
-      - TestDescription: MS.DEFENDER.2.1v1 Compliant - No sensitive users identified but all users covered
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedUsersToProtect "AgencyUserGlobalReader;[email protected]"}'
-        Postconditions: []
-        ExpectedResult: true
-
-  - PolicyId: MS.DEFENDER.2.2v1
-    TestDriver: RunScuba
-    Tests:
-      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - Agency domain not listed
-        ConfigFileName: AgencyDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - Agency domain partial coverage
-        ConfigFileName: AgencyDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.2v1 Non-compliant - All domains No list
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.2v1 Compliant - All Listed are protected
-        ConfigFileName: AgencyDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodguys.com"}'
-        Postconditions: []
-        ExpectedResult: true
-
-  - PolicyId: MS.DEFENDER.2.3v1
-    TestDriver: RunScuba
-    Tests:
-      - TestDescription: MS.DEFENDER.2.3v1 Non-compliant - Agency domain not listed
-        ConfigFileName: PartnerDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.3v1 Non-compliant - Agency domain partial coverage
-        ConfigFileName: PartnerDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.3v1 Non-compliant - All domains No list of domains in config
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect $null}'
-        Postconditions: []
-        ExpectedResult: false
-      - TestDescription: MS.DEFENDER.2.3v1 Compliant - All Listed are protected
-        ConfigFileName: PartnerDomainList.yaml
-        Preconditions:
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Strict Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
-          # yamllint disable-line rule:line-length
-          - Command: 'Get-AntiPhishPolicy | Where-Object {$_.Identity -like "Standard Preset Security Policy*"} | % {Set-AntiPhishPolicy -Identity $($_.Identity) -TargetedDomainsToProtect "goodparnter.com"}'
-        Postconditions: []
-        ExpectedResult: true
-
   - PolicyId: MS.DEFENDER.4.1v1
     TestDriver: RunCached
     Tests: