Skip to main content
日本語 简体中文 繁體中文

[Cloud Protection] Post-Connection Operation Test

Target

  • Customers implementing Cloud Protection

Purpose

  • Confirm whether the connected Cloud Protection is functioning properly.

Notes

  1. The display may vary depending on the OS, version, and model of your device.
  2. This article is based on the product specifications as of August 2025 and may change without notice thereafter.

  3. The processing of files and URLs varies depending on the policy settings.
    This procedure describes the processing when the initial policy is set.
    Reference: [Cloud Protection] Creating and Assigning Initial Policy
    If other settings are made, the processing in the part of this procedure 【Notification is sent to the admin】 will change.
    The settings are as follows.
    Please confirm the details in each policy setting.
    Policy Settings (General)
    Policy Settings (Exchange)
    Policy Settings (SharePoint)
    Policy Settings (OneDrive)
    Policy Settings (Teams)

    Processing Content Processing Performed
    Notify Admin Notification is sent to the admin.
    Notify users of the next severity detection results Notification is sent to the users.
    Quarantine malicious attachments
    Quarantine entire item    		 Files or items (such as emails) are removed from the user's environment.
    ※ Items can be restored from the Administration.
    Delete malicious attachments
    Delete entire item    		 Files or items (such as emails) are removed from the user's environment.
    Change subject and remove URL link The email subject is changed, and the URL hyperlink is removed.
  4. Only when the [Quarantine] setting is applied to files uploaded to SharePoint / OneDrive / Teams, the following notes apply.
    Reference: Managing Quarantined Items
    • Uploaded files are moved to the [Quarantine] section.
    • If a quarantined file is [Released], it will be recorded as a safe file within Cloud Protection, and even if the same file is uploaded again, it will be [Detected] but not [Quarantined].
      ※ In Exchange protection, even a released file will be quarantined again.
    • This action cannot be reverted (cannot be set to quarantine again).

Procedure

Preparation

Confirm that the malware scan and URL scan functions are enabled in the policy set in Cloud Protection.
To perform this procedure, you need to configure protection for Microsoft 365 with Cloud Protection.

Refer to the following article for how to confirm the policy.
How to Edit Cloud Protection Policy

Exchange Online − Confirm Malware Scan Function

  1. Download one of the following files.
    ※ These are test malware provided by WithSecure
    The downloaded file will not adversely affect your system.
    ExampleScanboxVirusTest.doc
    malwareTest.doc

  2. Create a calendar in a mailbox belonging to the domain connected to Cloud Protection and attach the file downloaded in step 1 and save it.

  3. Confirm 【Notification is sent to the admin】 for the calendar created in step 2.

Exchange Online − Confirm Suspicious URL Scan Function

  1. Send an email containing one of the URLs in the following text file to a mailbox belonging to the domain connected to Cloud Protection.
    URL Samples.txt
    ※ The URLs in the text file are test URLs provided by WithSecure.
    Accessing them will not adversely affect your system.
    ※ When sending from a domain connected to Cloud Protection, confirm 【Notification is sent to the admin】 on the sender's side as well.

  2. Confirm 【Notification is sent to the admin】 for the email sent in step 1.
    ※ Since Cloud Protection functions after being received in the Microsoft 365 inbox, emails containing suspicious URLs may be viewable depending on the confirmation timing.

SharePoint Online − Confirm Malware Scan Function

This is for those who have a SharePoint site and have set up SharePoint Online protection features.

  1. Prepare the test file downloaded in step 1 of Exchange Online − Confirm Malware Scan Function.

  2. Upload the prepared file to the SharePoint site belonging to the domain connected to Cloud Protection.

  3. Confirm 【Notification is sent to the admin】 for the file uploaded in step 2.
    This action may take a few minutes.

OneDrive − Confirm Malware Scan Function

This is for those using OneDrive and have set up OneDrive protection features.

  1. Prepare the test file downloaded in step 1 of Exchange Online − Confirm Malware Scan Function.

  2. Upload the prepared file to OneDrive belonging to the domain connected to Cloud Protection.

  3. Re-upload the test file.
    ※ This step is performed as a countermeasure to a known issue.
    Due to an issue with Microsoft's API specifications, even if the first file scanned after connecting OneDrive is malware, it may not be detected.
    Files from the second onward will be correctly detected, so it is necessary to perform two uploads.
  4. Confirm 【Notification is sent to the admin】 for the file uploaded in step 3.
    ※ This action may take a few minutes.

Teams − Confirm Malware Scan Function

This is for those who have a Teams channel and have set up Teams channel protection features.

  1. Prepare the test file downloaded in step 1 of Exchange Online − Confirm Malware Scan Function.

  2. Upload the prepared file to the Teams channel belonging to the domain connected to Cloud Protection.

  3. Confirm 【Notification is sent to the admin】 for the file uploaded in step 2.
    This action may take a few minutes.

Contact the Implementation Guide

Once the above confirmations are complete, please contact our implementation guide.