# Exchange
**Section Purpose:** The security section shows recommend security controls for Teams based on the CIS Controls. Each control contains the following subsections:
* Description
* Policy Definition
* Licensing Considerations
* Set Up Instructions
* End-User Impact
* PowerShell Scripts
* Video Tutorials
| Policy | End-User Impact | License |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- | --------------------------------------------------------------- |
| [Automatic Forwarding to External Domains SHALL Be Disabled](/security/exchange/automatic-forwarding-to-external-domains-shall-be-disabled.md) | Low | Standard |
| [Sender Policy Framework SHALL Be Enabled](/security/exchange/sender-policy-framework-shall-be-enabled.md) | Low | Standard |
| [DomainKeys Identified Mail SHOULD Be Enabled](/security/exchange/domainkeys-identified-mail-should-be-enabled.md) | Low | Standard |
| [Domain-Based Message Authentication, Reporting, and Conformance SHALL Be Enabled](/security/exchange/domain-based-message-authentication-reporting-and-conformance-shall-be-enabled.md) | Low | Standard |
| | | |
| [Enable Email Encryption](/security/exchange/enable-email-encryption.md) | Low | Azure Information Protection Plan 1/Business Premium/Enterprise |
| [Simple Mail Transfer Protocol Authentication SHALL Be Disabled](/security/exchange/simple-mail-transfer-protocol-authentication-shall-be-disabled.md) | Low | Standard |
| [Calendar and Contact Sharing SHALL Be Restricted](/security/exchange/calendar-and-contact-sharing-shall-be-restricted.md) | Low | Standard |
| [External Sender Warnings SHALL Be Implemented](/security/exchange/external-sender-warnings-shall-be-implemented.md) | Low | Standard |
| [Data Loss Prevention Solutions SHALL Be Enabled](/security/exchange/data-loss-prevention-solutions-shall-be-enabled.md) | Medium | Business Premium/Enterprise |
| [Emails SHALL Be Filtered by Attachment File Type](/security/exchange/emails-shall-be-filtered-by-attachment-file-type.md) | Low | Defender for Office 365 |
| [Zero-Hour Auto Purge for Malware SHOULD Be Enabled](/security/exchange/zero-hour-auto-purge-for-malware-should-be-enabled.md) | Low | Standard |
| [Phishing Protections SHOULD Be Enabled](/security/exchange/phishing-protections-should-be-enabled.md) | Medium | Defender for Office 365 |
| [Inbound Anti-Spam Protections SHALL Be Enabled](/security/exchange/inbound-anti-spam-protections-shall-be-enabled.md) | Medium | Standard |
| [Safe Link Policies SHOULD Be Enabled](/security/exchange/safe-link-policies-should-be-enabled.md) | Medium | Defender for Office 365 |
| [Safe Attachments SHALL Be Enabled](/security/exchange/safe-attachments-shall-be-enabled.md) | Medium | Defender for Office 365 |
| [IP Allow Lists SHOULD NOT be Implemented](/security/exchange/ip-allow-lists-should-not-be-implemented.md) | Low | Standard |
| [Mailbox Auditing SHALL Be Enabled](/security/exchange/mailbox-auditing-shall-be-enabled.md) | None | Standard |
| [Alerts SHALL Be Enabled](/security/exchange/alerts-shall-be-enabled.md) | None | Defender for Office 365 |
| [Audit Logging SHALL Be Enabled](/security/exchange/audit-logging-shall-be-enabled.md) | None | Standard |
| [Enhanced Filtering Shall be configured if a 3rd party email filtering tool is being used](/security/exchange/enhanced-filtering-shall-be-configured-if-a-3rd-party-email-filtering-tool-is-being-used.md) | Low | Standard |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.tminus365.com/security/exchange.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.