deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 23:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

More tweaks

Browse Source
This commit is contained in:
lomayor 2018-03-01 15:33:53 +11:00
parent 03bc79fe15
commit 00c5a06a5b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/windows-defender-atp/attack-simulations-windows-defender-advanced-threat-protection.md
View File

@ -33,11 +33,11 @@ Read the walkthrough document provided with each attack scenario. Each document
## Run a simulation ## Run a simulation
1. In **Help** > **Simulations & tutorials**, select which of the available attack scenario you would like to simulate: 1. In **Help** > **Simulations & tutorials**, select which of the available attack scenarios you would like to simulate:
- **Scenario 1: Document drops backdoor** - simulates a fileless attack that relies on PowerShell, showcasing attack surface reduction and machine learning detection of malicious memory activity. - **Scenario 1: Document drops backdoor** - simulates delivery of a socially engineered lure document. The document launches a specially crafted backdoor that gives attackers control.
- **Scenario 2: PowerShell script in fileless attack** - simulates delivery of a socially engineered lure document. The document launches a specially crafted backdoor that gives attackers control. - **Scenario 2: PowerShell script in fileless attack** - simulates a fileless attack that relies on PowerShell, showcasing attack surface reduction and machine learning detection of malicious memory activity.
- **Scenario 3: Automated incident response** - triggers Automated investigation, which automatically hunts for and remediates breach artifacts to scale your incident response capacity. - **Scenario 3: Automated incident response** - triggers Automated investigation, which automatically hunts for and remediates breach artifacts to scale your incident response capacity.
@ -48,7 +48,7 @@ Read the walkthrough document provided with each attack scenario. Each document
4. Run the simulation file or script on the test machine as instructed in the walkthrough document. 4. Run the simulation file or script on the test machine as instructed in the walkthrough document.
>[!NOTE] >[!NOTE]
>Simulation files or scripts mimic attack activity but are actually benign and will not harm or compromise to your test machine. >Simulation files or scripts mimic attack activity but are actually benign and will not harm or compromise the test machine.
## Related topics ## Related topics
- [Onboard and set up Windows Defender ATP](onboard-configure-windows-defender-advanced-threat-protection.md) - [Onboard and set up Windows Defender ATP](onboard-configure-windows-defender-advanced-threat-protection.md)