Open IE-MP opened 4 months ago
MT.1008 checks both Authentication Strength as well as the "legacy setting" for MFA. So it should only fail if both are missing
Appreciate the quick reply, not sure what I'm missing.
I will repo this and let you know.
Should https://maester.dev/docs/tests/MT.1008/ be failed if a policy exists that requires authentication strength of Phish-resistant MFA for admins?
Or is the assumption both policies are needed?