Controls / SCuBA / MS.DEFENDER.4.1v2
SCuBA MS.DEFENDER.4.1v2
4 Senserva Microsoft 365 security checks evidence CISA SCuBA policy MS.DEFENDER.4.1v2, part of the Microsoft Defender for Office 365 secure configuration baseline. Each is checked against your tenant, ranked by Severity, with validated remediation.
What MS.DEFENDER.4.1v2 is
CISA's Secure Cloud Business Applications (SCuBA) project publishes secure configuration baselines for the core Microsoft 365 services; policy MS.DEFENDER.4.1v2 belongs to the Microsoft Defender for Office 365 baseline. CISA Binding Operational Directive 25-01 directs federal civilian agencies to apply these baselines. Senserva evidences this policy with the 4 checks below. See the exact policy statement and implementation steps in the CISA baseline.
Ask your own AI about this control
Copy this prompt into Claude, ChatGPT, or Copilot. The facts are included, sourced from this page.
The 4 checks that evidence SCuBA MS.DEFENDER.4.1v2
Click any row for why it matters and how to fix it, with a link to the full check page.
| Senserva check | Severity | What it verifies |
|---|---|---|
| Link SCuBA Exo Link Protection | High | SCUBA/CISA baseline check: Exchange Online Safe Links protection configuration Verifies that URL detonation and click-time protection are enabled |
| Malware SCuBA Exo Malware Scanning | High | SCUBA/CISA baseline check: Exchange Online malware scanning configuration Verifies that anti-malware policies are properly configured |
| Phish SCuBA Exo Phishing Protections | High | SCUBA/CISA baseline check: Exchange Online anti-phishing protection configuration Verifies impersonation protection, mailbox intelligence, and spoof settings |
| Spam SCuBA Exo Inbound Anti Spam Protections | Low | SCUBA/CISA baseline check: Exchange Online inbound anti-spam protection configuration Verifies spam filter policies and actions are properly configured |
Every SCuBA policy and the checks that evidence it: the control reference. More on the baselines: SCuBA for Microsoft 365.