deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 15:27:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

More tweaks

Browse Source
This commit is contained in:
lomayor 2018-03-01 15:33:53 +11:00
parent 03bc79fe15
commit 00c5a06a5b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/windows-defender-atp/attack-simulations-windows-defender-advanced-threat-protection.md
View File

@ -33,11 +33,11 @@ Read the walkthrough document provided with each attack scenario. Each document
## Run a simulation
1. In **Help** > **Simulations & tutorials**, select which of the available attack scenario you would like to simulate:
1. In **Help** > **Simulations & tutorials**, select which of the available attack scenarios you would like to simulate:
- **Scenario 1: Document drops backdoor** - simulates a fileless attack that relies on PowerShell, showcasing attack surface reduction and machine learning detection of malicious memory activity.
- **Scenario 1: Document drops backdoor** - simulates delivery of a socially engineered lure document. The document launches a specially crafted backdoor that gives attackers control.
- **Scenario 2: PowerShell script in fileless attack** - simulates delivery of a socially engineered lure document. The document launches a specially crafted backdoor that gives attackers control.
- **Scenario 2: PowerShell script in fileless attack** - simulates a fileless attack that relies on PowerShell, showcasing attack surface reduction and machine learning detection of malicious memory activity.
- **Scenario 3: Automated incident response** - triggers Automated investigation, which automatically hunts for and remediates breach artifacts to scale your incident response capacity.
@ -48,7 +48,7 @@ Read the walkthrough document provided with each attack scenario. Each document
4. Run the simulation file or script on the test machine as instructed in the walkthrough document.
>[!NOTE]
>Simulation files or scripts mimic attack activity but are actually benign and will not harm or compromise to your test machine.
>Simulation files or scripts mimic attack activity but are actually benign and will not harm or compromise the test machine.
## Related topics
- [Onboard and set up Windows Defender ATP](onboard-configure-windows-defender-advanced-threat-protection.md)