| Ensure that SPF records are published for all Exchange Domains | EXO | 5 |
| Ensure additional storage providers are restricted in Outlook on the web | EXO | 5 |
| Ensure 'External sharing' of calendars is not available | EXO | 5 |
| Ensure users installing Outlook add-ins is not allowed | EXO | 3 |
| Ensure Spam confidence level (SCL) is configured in mail transport rules with specific domains | EXO | 3 |
| Ensure modern authentication for Exchange Online is enabled | EXO | 3 |
| Ensure MailTips are enabled for end users | EXO | 3 |
| Ensure mailbox auditing for all users is Enabled | EXO | 3 |
| Ensure the customer lockbox feature is enabled | EXO | 1 |