Microsoft Entra ID must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the application.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-270209 | ENTR-ID-000150 | SV-270209r1085618_rule | Medium |
| Description |
| STIG | Date |
| Microsoft Entra ID Security Technical Implementation Guide | 2025-03-17 |
Details
| Check Text (C-74242r1084667_chk) |
| Verify Entra ID has been configured to display the DOD logon banner when a user logs on. 1. Sign in to the Microsoft Entra admin center as a Global Administrator. 2. Browse to or search "Company Branding". 3. Browse to the "Sign-in form" tab and review the required DOD banner text in the "Sign-in page text". Note: This field is limited to 1024 characters. If the DOD logon banner text is not present in the "Sign-in page text" field, this is a finding. |
| Fix Text (F-74143r1085617_fix) |
| To create the standard DOD banner in Entra ID: 1. Sign in to the Microsoft Entra admin center as a Global Administrator. 2. Browse to or search "Company Branding". 3. Select "Customize" under "Default sign-in experience". 4. Browse to the "Sign-in form" tab and place the required DOD banner text in the "Sign-in page text". Note: This field is limited to 1024 characters. 5. Populate all required fields. 6. Click "Review + Create". |