{"id":3841,"date":"2023-10-31T08:01:12","date_gmt":"2023-10-30T23:01:12","guid":{"rendered":"https:\/\/m365jp.xyz\/?p=3841"},"modified":"2023-10-31T08:11:44","modified_gmt":"2023-10-30T23:11:44","slug":"mc685930-microsoft-secure-score-new-microsoft-defender-for-identity-recommendations","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2023-10-31-mc685930-microsoft-secure-score-new-microsoft-defender-for-identity-recommendations","title":{"rendered":"MC685930 | Microsoft Secure Score &#8211; New Microsoft Defender for Identity recommendations"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC685930 | Microsoft Secure Score &#8211; New Microsoft Defender for Identity recommendations<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>stayInformed<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>10\/30\/2023 22:18:16<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>10\/30\/2023 22:18:04<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>01\/18\/2024 08:00:00<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>\n<p>We\u2019re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.<\/p>\n<p>The improvement actions listed below will be added to Microsoft Secure Score. Your score will be updated accordingly.<\/p>\n<p>[When this will happen:]<\/p>\n<p>This will begin rollout in mid-November 2023 and is expected to be complete by mid-December 2023.<\/p>\n<p>[How this will affect your organization:]<\/p>\n<p>The following new Microsoft Defender for Identity recommendations will be added as Microsoft Secure Score improvement actions:  <\/p>\n<ul>\n<li>Prevent users to request a certificate valid for arbitrary users based on the certificate template (ESC1)<\/li>\n<li>Edit overly permissive Certificate Template with privileged EKU (Any purpose EKU or No EKU) (ESC2)<\/li>\n<li>Edit misconfigured enrollment agent certificate template (ESC3)  <\/li>\n<li>Edit misconfigured certificate templates ACL (ESC4)<\/li>\n<li>Edit misconfigured certificate templates owner (ESC4)  <\/li>\n<li>Edit vulnerable Certificate Authority setting (ESC6)  <\/li>\n<li>Edit misconfigured Certificate Authority ACL (ESC7)  <\/li>\n<li>Enforce encryption for RPC certificate enrollment interface (ESC8)<\/li>\n<\/ul>\n<p>These are new security posture reports related to Active Directory Certificate Services (AD CS) that analyze the configurations of different AD CS components and guide remediation, if necessary.<\/p>\n<p>[What you need to do to prepare:]<\/p>\n<p>There&#8217;s no action needed to prepare for this change, your score will be updated accordingly. Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score. We will continue to add suggested security improvement actions on an ongoing   basis.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\n<p>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f53\u5236\u3092\u3088\u308a\u6b63\u78ba\u306b\u8868\u73fe\u3059\u308b\u305f\u3081\u306b\u3001Microsoft \u30bb\u30ad\u30e5\u30a2 \u30b9\u30b3\u30a2\u306e\u6539\u5584\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u66f4\u65b0\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u4ee5\u4e0b\u306b\u793a\u3059\u6539\u5584\u30a2\u30af\u30b7\u30e7\u30f3\u304c Microsoft \u30bb\u30ad\u30e5\u30a2 \u30b9\u30b3\u30a2\u306b\u8ffd\u52a0\u3055\u308c\u307e\u3059\u3002\u305d\u308c\u306b\u5fdc\u3058\u3066\u30b9\u30b3\u30a2\u304c\u66f4\u65b0\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>[\u3053\u308c\u304c\u3044\u3064\u8d77\u3053\u308b\u304b:]<\/p>\n<p>\u3053\u308c\u306f 2023 \u5e74 11 \u6708\u4e2d\u65ec\u306b\u30ed\u30fc\u30eb\u30a2\u30a6\u30c8\u3092\u958b\u59cb\u3057\u30012023 \u5e74 12 \u6708\u4e2d\u65ec\u307e\u3067\u306b\u5b8c\u4e86\u3059\u308b\u4e88\u5b9a\u3067\u3059\u3002<\/p>\n<p>[\u3053\u308c\u304c\u7d44\u7e54\u306b\u53ca\u307c\u3059\u5f71\u97ff:]<\/p>\n<p>\u6b21\u306e\u65b0\u3057\u3044Microsoft Defender for Identity\u306e\u63a8\u5968\u4e8b\u9805\u304c\u3001Microsoft \u30bb\u30ad\u30e5\u30a2 \u30b9\u30b3\u30a2\u306e\u6539\u5584\u30a2\u30af\u30b7\u30e7\u30f3\u3068\u3057\u3066\u8ffd\u52a0\u3055\u308c\u307e\u3059\u3002<\/p>\n<ul>\n<li>\u30e6\u30fc\u30b6\u304c\u8a3c\u660e\u66f8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8(ESC1)\u306b\u57fa\u3065\u3044\u3066\u4efb\u610f\u306e\u30e6\u30fc\u30b6\u306b\u6709\u52b9\u306a\u8a3c\u660e\u66f8\u3092\u8981\u6c42\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u3059\u308b<\/li>\n<li>\u7279\u6a29 EKU(\u4efb\u610f\u306e\u76ee\u7684\u306e EKU \u307e\u305f\u306f EKU \u306a\u3057)(ESC2)\u3092\u4f7f\u7528\u3057\u305f\u904e\u5ea6\u306b\u5bdb\u5bb9\u306a\u8a3c\u660e\u66f8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u306e\u7de8\u96c6<\/li>\n<li>\u6b63\u3057\u304f\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u306a\u3044\u767b\u9332\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u8a3c\u660e\u66f8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u306e\u7de8\u96c6(ESC3)<\/li>\n<li>\u8aa4\u3063\u3066\u8a2d\u5b9a\u3055\u308c\u305f\u8a3c\u660e\u66f8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8 ACL(ESC4)\u306e\u7de8\u96c6<\/li>\n<li>\u8aa4\u3063\u3066\u8a2d\u5b9a\u3055\u308c\u305f\u8a3c\u660e\u66f8\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u6240\u6709\u8005\u306e\u7de8\u96c6(ESC4)  <\/li>\n<li>\u8106\u5f31\u306a\u8a8d\u8a3c\u5c40\u8a2d\u5b9a\u306e\u7de8\u96c6(ESC6)<\/li>\n<li>\u8aa4\u3063\u3066\u8a2d\u5b9a\u3055\u308c\u305f\u8a8d\u8a3c\u5c40ACL(ESC7)\u306e\u7de8\u96c6<\/li>\n<li>RPC \u8a3c\u660e\u66f8\u767b\u9332\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9(ESC8)\u306e\u6697\u53f7\u5316\u3092\u5f37\u5236\u3059\u308b<\/li>\n<\/ul>\n<p>\u3053\u308c\u3089\u306f\u3001Active Directory \u8a3c\u660e\u66f8\u30b5\u30fc\u30d3\u30b9 (AD CS) \u306b\u95a2\u9023\u3059\u308b\u65b0\u3057\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f53\u5236\u30ec\u30dd\u30fc\u30c8\u3067\u3042\u308a\u3001\u3055\u307e\u3056\u307e\u306a AD CS \u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306e\u69cb\u6210\u3092\u5206\u6790\u3057\u3001\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u4fee\u5fa9\u3092\u30ac\u30a4\u30c9\u3057\u307e\u3059\u3002<\/p>\n<p>[\u6e96\u5099\u306b\u5fc5\u8981\u306a\u3053\u3068:]<\/p>\n<p>\u3053\u306e\u5909\u66f4\u306b\u5099\u3048\u308b\u305f\u3081\u306e\u30a2\u30af\u30b7\u30e7\u30f3\u306f\u4e0d\u8981\u3067\u3001\u305d\u308c\u306b\u5fdc\u3058\u3066\u30b9\u30b3\u30a2\u304c\u66f4\u65b0\u3055\u308c\u307e\u3059\u3002Microsoft \u3067\u306f\u3001\u300cMicrosoft Secure Score\u300d\u306b\u8a18\u8f09\u3055\u308c\u3066\u3044\u308b\u6539\u5584\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\u4eca\u5f8c\u3082\u3001\u63a8\u5968\u3055\u308c\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6539\u5584\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u7d99\u7d9a\u7684\u306b\u8ffd\u52a0\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC685930 | Microsoft Secure Score &#8211; New Microsoft Defender for Identity recommendations Classification s [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3841","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/3841","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=3841"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/3841\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=3841"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=3841"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=3841"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}