diff --git a/emu/questions.csv b/emu/questions.csv index 3ae5568..b16f7f6 100644 --- a/emu/questions.csv +++ b/emu/questions.csv @@ -1,30 +1,30 @@ -page,title,description,name,type,titleLocation,showCommentArea,commentText,helpURL,helpURLTitle,correctAnswer -Identity,Do you have more than one Enterprise Admin? ,This helps you make sure you do not lose access to your Enterprise,question1,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#about-organization-membership-management,About organization membership management,TRUE -Identity,Have you setup billing managers? ,This is a limited role to allow management of billing settings,question2,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#about-enterprise-managed-users,About Enterprise Managed Users,TRUE -Identity,Are you syncronizing IdP groups which you can link to GitHub Teams?,,question3,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups,Managing team memberships with identity provider groups,TRUE -Policies - repos,Have you selected the types of repos you want your users to create?,Private/Internal/Public,question4,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization,Restricting repository creation in your organization,TRUE -Policies - repos,Have you decided if you want forking enabled/disabled for all orgs?,,question5,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance, -Policies - repos,Have you considered who can change repo visibility between private and internal?,You can restrict users from changing repo visibility,question6,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE -Policies - repos,Do you allow deletion/transfer of repos by members or just org owners?,,question7,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE -Policies - repos,Do you allow issues to be deleted by members or just org owners?,,question8,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE -Codespaces,Are you enabling Codespaces enterprise wide?,,question9,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-codespaces-in-your-enterprise,Codespaces governance, -GitHub Copilot for Business,Will you block matching public code suggestions for all orgs? ,,question10,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information,TRUE -GitHub Copilot for Business,Have you decided if you will you enable copilot chat in the whole enterprise or set at org level?,At this time Copilot chat is in beta,question11,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information, -GitHub Copilot for Business,Have you chosen which organizations on which to enable Copilot?,You can select a subset of orgs or the whole enterprise,question12,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information,TRUE -Actions,Will you allow self-hosted runners at repo level? ,,question13,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise,Copilot information,TRUE -Actions,Will you allow Runners against personal EMU namespaces? ,,question14,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise,Copilot information,TRUE -Settings - Billing,Have you set a spending limit and enabled alerts?,You can set alerts at at 75/90/100%,question16,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Settings - Billing,Have you setup billing emails? ,,question17,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Settings - Billing,Have you added an Azure subscription to payment information? ,,question18,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Settings - Authentication Security,Do you have your recovery codes from the setup user somewhere very safe? ,,question19,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Settings - Authentication Security,Will you automatically redirect users to your sign in page?,This makes it easier for users to get to the login page if required,question20,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Settings - Authentication Security,Have you enabled the IP allow list for your IdP? (OIDC) or set restrictions (SAML) ,,question21,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/configuration/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list,IP Allow list information,TRUE -Code security and analysis,Will you get repo admins enable/disable secret scanning and code scanning?,,question15,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Code security and analysis,Have you enabled push protection for secrets? ,GitHub Advanced Security includes secret and code scanning as well as Dependabot,question22,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Code security and analysis,Have you enabled Dependabot by default to protect against supply chain attacks?,,question23,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Code security and analysis,Do you have a custom push protection URL to show to your users some help text?,,question24,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info, -Verified domains,Have you added approved domains so you can make sure alerts don't go to domains you don't want to share with?,,question25,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Audit log,Is Audit Log Streaming Enabled to keep over 3 months of logs if you require this?,This can help you meet your regulatory and compliance requirements,question26,boolean,top,FALSE,Comment,https://github.com/enterprises/stucorp/settings/audit-log/stream ,Audit Log Streaming,TRUE -Audit log,Is Source IP Disclosure enabled? ,,question27,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Audit log,Audit Log API Request Events Enabled? ,,question28,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE -Support,Have you set the members who can raise support cases with GitHub? (up to 20),,question29,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE \ No newline at end of file +page,title,description,type,titleLocation,showCommentArea,commentText,helpURL,helpURLTitle,correctAnswer +Identity,Do you have more than one Enterprise Admin? ,This helps you make sure you do not lose access to your Enterprise,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#about-organization-membership-management,About organization membership management,TRUE +Identity,Have you setup billing managers? ,This is a limited role to allow management of billing settings,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#about-enterprise-managed-users,About Enterprise Managed Users,TRUE +Identity,Are you syncronizing IdP groups which you can link to GitHub Teams?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups,Managing team memberships with identity provider groups,TRUE +Policies - repos,Have you selected the types of repos you want your users to create?,Private/Internal/Public,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization,Restricting repository creation in your organization,TRUE +Policies - repos,Have you decided if you want forking enabled/disabled for all orgs?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance, +Policies - repos,Have you considered who can change repo visibility between private and internal?,You can restrict users from changing repo visibility,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE +Policies - repos,Do you allow deletion/transfer of repos by members or just org owners?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE +Policies - repos,Do you allow issues to be deleted by members or just org owners?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise,Repository governance,TRUE +Codespaces,Are you enabling Codespaces enterprise wide?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-codespaces-in-your-enterprise,Codespaces governance, +GitHub Copilot for Business,Will you block matching public code suggestions for all orgs? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information,TRUE +GitHub Copilot for Business,Have you decided if you will you enable copilot chat in the whole enterprise or set at org level?,At this time Copilot chat is in beta,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information, +GitHub Copilot for Business,Have you chosen which organizations on which to enable Copilot?,You can select a subset of orgs or the whole enterprise,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-copilot-in-your-enterprise,Copilot information,TRUE +Actions,Will you allow self-hosted runners at repo level? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise,Copilot information,TRUE +Actions,Will you allow Runners against personal EMU namespaces? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise,Copilot information,TRUE +Settings - Billing,Have you set a spending limit and enabled alerts?,You can set alerts at at 75/90/100%,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Settings - Billing,Have you setup billing emails? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Settings - Billing,Have you added an Azure subscription to payment information? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Settings - Authentication Security,Do you have your recovery codes from the setup user somewhere very safe? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Settings - Authentication Security,Will you automatically redirect users to your sign in page?,This makes it easier for users to get to the login page if required,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Settings - Authentication Security,Have you enabled the IP allow list for your IdP? (OIDC) or set restrictions (SAML) ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/admin/configuration/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list,IP Allow list information,TRUE +Code security and analysis,Will you get repo admins enable/disable secret scanning and code scanning?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Code security and analysis,Have you enabled push protection for secrets? ,GitHub Advanced Security includes secret and code scanning as well as Dependabot,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Code security and analysis,Have you enabled Dependabot by default to protect against supply chain attacks?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Code security and analysis,Do you have a custom push protection URL to show to your users some help text?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info, +Verified domains,Have you added approved domains so you can make sure alerts don't go to domains you don't want to share with?,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Audit log,Is Audit Log Streaming Enabled to keep over 3 months of logs if you require this?,This can help you meet your regulatory and compliance requirements,boolean,top,FALSE,Comment,https://github.com/enterprises/stucorp/settings/audit-log/stream ,Audit Log Streaming,TRUE +Audit log,Is Source IP Disclosure enabled? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Audit log,Audit Log API Request Events Enabled? ,,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE +Support,Have you set the members who can raise support cases with GitHub? (up to 20),,boolean,top,FALSE,Comment,https://docs.github.com/en/enterprise-cloud@latest/,More info,TRUE \ No newline at end of file