Merge remote-tracking branch 'refs/remotes/origin/master' into rs4

2025-05-29 21:57:23 +00:00 · 2018-03-13 07:48:03 -07:00 · 2018-03-13 07:48:03 -07:00 · 08b0562f3f
commit 08b0562f3f
parent 849ec669c4 d12118140d
12 changed files with 1128 additions and 730 deletions
--- a/education/windows/set-up-school-pcs-technical.md
+++ b/education/windows/set-up-school-pcs-technical.md
@ -1,312 +1,309 @@
---
+---
-title: Set up School PCs app technical reference
+title: Set up School PCs app technical reference
-description: Describes the changes that the Set up School PCs app makes to a PC.
+description: Describes the changes that the Set up School PCs app makes to a PC.
-keywords: shared cart, shared PC, school, set up school pcs
+keywords: shared cart, shared PC, school, set up school pcs
-ms.prod: w10
+ms.prod: w10
-ms.mktglfcycl: plan
+ms.mktglfcycl: plan
-ms.sitesec: library
+ms.sitesec: library
-ms.pagetype: edu
+ms.pagetype: edu
-ms.localizationpriority: high
+ms.localizationpriority: high
-author: CelesteDG
+author: CelesteDG
-ms.author: celested
+ms.author: celested
-ms.date: 02/02/2018
+ms.date: 03/12/2018
---
+---
-
+
-# Technical reference for the Set up School PCs app 
+# Technical reference for the Set up School PCs app 
-**Applies to:**
+**Applies to:**
-
+
-   Windows 10 
+-   Windows 10 
-
+
-
+
-
+
-The **Set up School PCs** app helps you set up new Windows 10 PCs that work great in your school by configuring shared PC mode. The latest Set up School PCs app is available for Windows 10, version 1703 (Creators Update). Set up School PCs also configures school-specific settings and policies, described in this topic.
+The **Set up School PCs** app helps you set up new Windows 10 PCs that work great in your school by configuring shared PC mode. The latest Set up School PCs app is available for Windows 10, version 1703 (Creators Update). Set up School PCs also configures school-specific settings and policies, described in this topic.
-
+
-If your school uses Azure Active Directory (Azure AD) or Office 365, the Set up School PCs app will create a setup file that joins the PC to your Azure Active Directory tenant. You can also use the app to set up school PCs that anyone can use, with or without Internet connectivity. 
+If your school uses Azure Active Directory (Azure AD) or Office 365, the Set up School PCs app will create a setup file that joins the PC to your Azure Active Directory tenant. You can also use the app to set up school PCs that anyone can use, with or without Internet connectivity. 
-
+
-Here's a list of what you get when using the Set up School PCs app in your school. 
+Here's a list of what you get when using the Set up School PCs app in your school. 
-
+
-| Feature | No Internet | Azure AD | Office 365 | Azure AD Premium |
+| Feature | No Internet | Azure AD | Office 365 | Azure AD Premium |
-| --- | :---: | :---: | :---: | :---: |
+| --- | :---: | :---: | :---: | :---: |
-| **Fast sign-in**<br/>Each student can sign in and start using the computer in less than a minute, even on their first sign-in. | X | X | X | X |
+| **Fast sign-in**<br/>Each student can sign in and start using the computer in less than a minute, even on their first sign-in. | X | X | X | X |
-| **Custom Start experience**<br/>The apps students need are pinned to Start, and unnecessary apps are removed. | X | X | X | X |
+| **Custom Start experience**<br/>The apps students need are pinned to Start, and unnecessary apps are removed. | X | X | X | X |
-| **Guest account, no sign-in required**<br/>This option sets up computers for common use. Anyone can use the computer without an account. | X | X | X | X |
+| **Guest account, no sign-in required**<br/>This option sets up computers for common use. Anyone can use the computer without an account. | X | X | X | X |
-| **School policies**<br/>Settings specific to education create a useful learning environment and the best computer performance. | X | X | X | X |
+| **School policies**<br/>Settings specific to education create a useful learning environment and the best computer performance. | X | X | X | X |
-| **Azure AD Join**<br/>The computers are  joined to your Azure AD or Office 365 subscription for centralized management. |   | X | X | X |
+| **Azure AD Join**<br/>The computers are  joined to your Azure AD or Office 365 subscription for centralized management. |   | X | X | X |
-| **Single sign-on to Office 365**<br/>By signing on with student IDs, students have fast access to Office 365 web apps or installed Office apps. |   |    | X | X |
+| **Single sign-on to Office 365**<br/>By signing on with student IDs, students have fast access to Office 365 web apps or installed Office apps. |   |    | X | X |
-| **Take a Test**<br/>Configure the Take a Test app and use it for taking quizzes and high-stakes assessments by some providers like Smarter Balanced. |   |    |  | X |
+| **Take a Test**<br/>Configure the Take a Test app and use it for taking quizzes and high-stakes assessments by some providers like Smarter Balanced. |   |    |  | X |
-| **[Settings roaming](https://azure.microsoft.com/en-us/documentation/articles/active-directory-windows-enterprise-state-roaming-overview/) via Azure AD**<br/>Student user and application settings data can be synchronized across devices for a personalized experience. |   |    |    | X |
+| **[Settings roaming](https://azure.microsoft.com/en-us/documentation/articles/active-directory-windows-enterprise-state-roaming-overview/) via Azure AD**<br/>Student user and application settings data can be synchronized across devices for a personalized experience. |   |    |    | X |
-
+
-
+
-> [!NOTE]  
+> [!NOTE]  
-> If your school uses Active Directory, use [Windows Configuration Designer](set-up-students-pcs-to-join-domain.md) to configure your PCs to join the domain. You can only use the Set up School PCs app to set up PCs that are connected to Azure AD.
+> If your school uses Active Directory, use [Windows Configuration Designer](set-up-students-pcs-to-join-domain.md) to configure your PCs to join the domain. You can only use the Set up School PCs app to set up PCs that are connected to Azure AD.
-
+
-## Automated Azure AD join
+## Automated Azure AD join
-One of the most important features in Set up School PCs is the ability to create a provisioning package that performs automated Azure AD join. With this feature, you no longer have to spend minutes going through Windows setup, manually connecting to a network, and manually joining your Azure AD domain. With the automated Azure AD join feature in Set up School School PCs, this process is reduced to zero clicks! You can skip all of the Windows setup experience and the OS automatically joins the PC to your Azure AD domain and enrolls it into MDM if you have a MDM provider activated.
+One of the most important features in Set up School PCs is the ability to create a provisioning package that performs automated Azure AD join. With this feature, you no longer have to spend minutes going through Windows setup, manually connecting to a network, and manually joining your Azure AD domain. With the automated Azure AD join feature in Set up School School PCs, this process is reduced to zero clicks! You can skip all of the Windows setup experience and the OS automatically joins the PC to your Azure AD domain and enrolls it into MDM if you have a MDM provider activated.
-
+
-To make this as seamless as possible, in your Azure AD tenant:
+To make this as seamless as possible, in your Azure AD tenant:
- Allow your teacher and other IT staff to join devices to Azure AD so they can sucessfully request an automated Azure AD join token. 
+- Allow your teacher and other IT staff to join devices to Azure AD so they can sucessfully request an automated Azure AD join token. 
-
+
-    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and in **Users may join devices to Azure AD**, click **Selected** and choose the members you want to enable to join devices to Azure AD.
+    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and in **Users may join devices to Azure AD**, click **Selected** and choose the members you want to enable to join devices to Azure AD.
-
+
-    **Figure 1** - Select the users you want to enable to join devices to Azure AD
+    **Figure 1** - Select the users you want to enable to join devices to Azure AD
-
+
-    ![Select the users you want to enable to join devices to Azure AD](images/azuread_usersandgroups_devicesettings_usersmayjoin.png)
+    ![Select the users you want to enable to join devices to Azure AD](images/azuread_usersandgroups_devicesettings_usersmayjoin.png)
-
+
- Consider creating a special account that uses a username and password that you provide, and which has the rights to join devices if you don't want to add all teachers and IT staff.
+- Consider creating a special account that uses a username and password that you provide, and which has the rights to join devices if you don't want to add all teachers and IT staff.
-    - When teachers or IT staff need to set up PCs, they can use this account in the Set up School PCs app.
+    - When teachers or IT staff need to set up PCs, they can use this account in the Set up School PCs app.
-    - If you use a service to set up PCs for you, you can give them this special account so they can deliver PCs to you that are already Azure AD joined and ready to be given to a student.
+    - If you use a service to set up PCs for you, you can give them this special account so they can deliver PCs to you that are already Azure AD joined and ready to be given to a student.
-
+
- Turn off multifactor authentication.
+- Turn off multifactor authentication.
-
+
-    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and set **Require Multi-Factor Auth to join devices** to **No**.
+    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and set **Require Multi-Factor Auth to join devices** to **No**.
-
+
-    **Figure 2** - Turn off multi-factor authentication in Azure AD
+    **Figure 2** - Turn off multi-factor authentication in Azure AD
-
+
-    ![Turn off multi-factor authentication in Azure AD](images/azuread_usersandgroups_devicesettings_requiremultifactorauth.png)
+    ![Turn off multi-factor authentication in Azure AD](images/azuread_usersandgroups_devicesettings_requiremultifactorauth.png)
-
+
- Set the maximum number of devices a user can add to unlimited.
+- Set the maximum number of devices a user can add to unlimited.
-
+
-    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and set **Maximum number of devices per user** to **Unlimited**.
+    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > Device Settings** and set **Maximum number of devices per user** to **Unlimited**.
-
+
-    **Figure 3** - Set maximum number of devices per user to unlimited
+    **Figure 3** - Set maximum number of devices per user to unlimited
-
+
-    ![Set maximum number of devices per user to unlimited](images/azuread_usersandgroups_devicesettings_maxnumberofdevicesperuser.png)
+    ![Set maximum number of devices per user to unlimited](images/azuread_usersandgroups_devicesettings_maxnumberofdevicesperuser.png)
-
+
- Clear your Azure AD tokens from time to time. Your tenant can only have 500 automated Azure AD tokens active at any one time.
+- Clear your Azure AD tokens from time to time. Your tenant can only have 500 automated Azure AD tokens active at any one time.
-
+
-    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > All users** and look at the list of user names. User names that start with **package_** followed by a string of letters and numbers. These are the user accounts that are created automatically for the tokens and you can safely delete these. 
+    In the Azure portal, select **Azure Active Directory**. Go to **Users and groups > All users** and look at the list of user names. User names that start with **package_** followed by a string of letters and numbers. These are the user accounts that are created automatically for the tokens and you can safely delete these. 
-
+
-    **Figure 4** - Delete the accounts automatically created for the Azure AD tokens
+    **Figure 4** - Delete the accounts automatically created for the Azure AD tokens
-
+
-    ![Delete the accounts automatically created for the Azure AD tokens](images/azuread_usersandgroups_allusers_automaticaccounts.png)
+    ![Delete the accounts automatically created for the Azure AD tokens](images/azuread_usersandgroups_allusers_automaticaccounts.png)
-
+
- Note that automated Azure AD tokens have expiration dates. Set up School PCs creates them with an expiration date of one month. You will see the specific expiration date for the package in the **Review package summary** page in Set up School PCs.
+- Note that automated Azure AD tokens have expiration dates. Set up School PCs creates them with an expiration date of one month. You will see the specific expiration date for the package in the **Review package summary** page in Set up School PCs.
-
+
-    **Figure 5** - Sample summary page showing the expiration date
+    **Figure 5** - Sample summary page showing the expiration date
-
+
-    ![Sample summary page showing the expiration date](images/suspc_choosesettings_summary.png)
+    ![Sample summary page showing the expiration date](images/suspc_choosesettings_summary.png)
-
+
-
+
-<!-- When the MSES Get Started goes live, add a link to it from here -->
+<!-- When the MSES Get Started goes live, add a link to it from here -->
-
+
-
+
-## Information about Windows Update
+## Information about Windows Update
-
+
-Shared PC mode helps ensure that computers are always up-to-date. If a PC is configured using the Set up School PCs app, shared PC mode sets the power states and Windows Update to: 
+Shared PC mode helps ensure that computers are always up-to-date. If a PC is configured using the Set up School PCs app, shared PC mode sets the power states and Windows Update to: 
-* Wake nightly
+* Wake nightly
-* Check and install updates
+* Check and install updates
-* Forcibly reboot if necessary to finish applying updates
+* Forcibly reboot if necessary to finish applying updates
-
+
-The PC is also configured to not interrupt the user during normal daytime hours with updates or reboots. Notfications are also blocked.
+The PC is also configured to not interrupt the user during normal daytime hours with updates or reboots. Notfications are also blocked.
-
+
-## Guidance for accounts on shared PCs
+## Guidance for accounts on shared PCs
-
+
-* We recommend no local admin accounts on the PC to improve the reliability and security of the PC.
+* We recommend no local admin accounts on the PC to improve the reliability and security of the PC.
-* When a PC is set up in shared PC mode with the default deletion policy, accounts will be cached automatically until disk space is low. Then, accounts will be deleted to reclaim disk space. This account management happens automatically. Both Azure AD and Active Directory domain accounts are managed in this way. Any accounts created through **Guest** or **Kiosk** will also be deleted automatically at sign out.
+* When a PC is set up in shared PC mode with the default deletion policy, accounts will be cached automatically until disk space is low. Then, accounts will be deleted to reclaim disk space. This account management happens automatically. Both Azure AD and Active Directory domain accounts are managed in this way. Any accounts created through **Guest** or **Kiosk** will also be deleted automatically at sign out.
-* On a Windows PC joined to Azure Active Directory:
+* On a Windows PC joined to Azure Active Directory:
-    * By default, the account that joined the PC to Azure AD will have an admin account on that PC. Global administrators for the Azure AD domain will also have admin accounts on the PC.
+    * By default, the account that joined the PC to Azure AD will have an admin account on that PC. Global administrators for the Azure AD domain will also have admin accounts on the PC.
-    * With Azure AD Premium, you can specify which accounts have admin accounts on a PC using the **Additional administrators on Azure AD Joined devices** setting on the Azure portal.
+    * With Azure AD Premium, you can specify which accounts have admin accounts on a PC using the **Additional administrators on Azure AD Joined devices** setting on the Azure portal.
-* Local accounts that already exist on a PC won’t be deleted when turning on shared PC mode. New local accounts created through **Settings > Accounts > Other people > Add someone else to this PC** after shared PC mode is turned on won't be deleted. However, any new local accounts created by the **Guest** or **Kiosk** selection on the sign-in screen, if enabled, will automatically be deleted at sign-out.
+* Local accounts that already exist on a PC won’t be deleted when turning on shared PC mode. New local accounts created through **Settings > Accounts > Other people > Add someone else to this PC** after shared PC mode is turned on won't be deleted. However, any new local accounts created by the **Guest** or **Kiosk** selection on the sign-in screen, if enabled, will automatically be deleted at sign-out.
-* If admin accounts are necessary on the PC
+* If admin accounts are necessary on the PC
-    * Ensure the PC is joined to a domain that enables accounts to be signed on as admin, or
+    * Ensure the PC is joined to a domain that enables accounts to be signed on as admin, or
-    * Create admin accounts before setting up shared PC mode, or 
+    * Create admin accounts before setting up shared PC mode, or 
-    * Create exempt accounts before signing out.
+    * Create exempt accounts before signing out.
-* The account management service supports accounts that are exempt from deletion.
+* The account management service supports accounts that are exempt from deletion.
-    * An account can be marked exempt from deletion by adding the account SID to the `HKEY_LOCAL_MACHINE\SOFTARE\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\` registry key.
+    * An account can be marked exempt from deletion by adding the account SID to the `HKEY_LOCAL_MACHINE\SOFTARE\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\` registry key.
-    * To add the account SID to the registry key using PowerShell:
+    * To add the account SID to the registry key using PowerShell:
-
+
-        ```
+        ```
-        $adminName = "LocalAdmin"
+        $adminName = "LocalAdmin"
-        $adminPass = 'Pa$$word123'
+        $adminPass = 'Pa$$word123'
-        iex "net user /add $adminName $adminPass"
+        iex "net user /add $adminName $adminPass"
-        $user = New-Object System.Security.Principal.NTAccount($adminName) 
+        $user = New-Object System.Security.Principal.NTAccount($adminName) 
-        $sid = $user.Translate([System.Security.Principal.SecurityIdentifier]) 
+        $sid = $user.Translate([System.Security.Principal.SecurityIdentifier]) 
-        $sid = $sid.Value;
+        $sid = $sid.Value;
-        New-Item -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\$sid" -Force
+        New-Item -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\$sid" -Force
-        ``` 
+        ``` 
-
+
-## Custom images
+## Custom images
-Shared PC mode is fully compatible with custom images that may be created by IT departments. Create a custom image and then use sysprep with the `/oobe` flag to create an image that teachers can then apply the Set up School PCs provisioning package to. [Learn more about sysprep](https://technet.microsoft.com/en-us/library/cc721940(v=ws.10).aspx).
+Shared PC mode is fully compatible with custom images that may be created by IT departments. Create a custom image and then use sysprep with the `/oobe` flag to create an image that teachers can then apply the Set up School PCs provisioning package to. [Learn more about sysprep](https://technet.microsoft.com/en-us/library/cc721940(v=ws.10).aspx).
-
+
-## Provisioning package details
+## Provisioning package details
-
+
-The Set up School PCs app produces a specialized provisioning package that makes use of the [SharedPC configuration service provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723294%28v=vs.85%29.aspx). 
+The Set up School PCs app produces a specialized provisioning package that makes use of the [SharedPC configuration service provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723294%28v=vs.85%29.aspx). 
-
+
-### Education customizations set by local MDM policy
+### Education customizations set by local MDM policy
-
+
- By default, saving content locally to the PC is blocked, but you can choose to enable it. This prevents data loss by forcing students to save to the cloud.
+- By default, saving content locally to the PC is blocked, but you can choose to enable it. This prevents data loss by forcing students to save to the cloud.
- A custom Start layout, taskbar layout, and lock screen image are set.
+- A custom Start layout, taskbar layout, and lock screen image are set.
- Prohibits unlocking the PC to developer mode.
+- Prohibits unlocking the PC to developer mode.
- Prohibits untrusted Microsoft Store apps from being installed.
+- Prohibits untrusted Microsoft Store apps from being installed.
- Prohibits students from removing MDM.
+- Prohibits students from removing MDM.
- Prohibits students from adding new provisioning packages.
+- Prohibits students from adding new provisioning packages.
- Prohibits student from removing existing provisioning packages (including the one set by Set up School PCs).
+- Prohibits student from removing existing provisioning packages (including the one set by Set up School PCs).
- Sets Windows Update to update nightly.
+- Sets Windows Update to update nightly.
-
+
-
+
-### Uninstalled apps 
+### Uninstalled apps 
-
+
- 3D Builder (Microsoft.3DBuilder_8wekyb3d8bbwe)
+- 3D Builder (Microsoft.3DBuilder_8wekyb3d8bbwe)
- Weather (Microsoft.BingWeather_8wekyb3d8bbwe)
+- Weather (Microsoft.BingWeather_8wekyb3d8bbwe)
- Tips (Microsoft.Getstarted_8wekyb3d8bbwe)
+- Tips (Microsoft.Getstarted_8wekyb3d8bbwe)
- Get Office (Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe)
+- Get Office (Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe)
- Microsoft Solitaire Collection (Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe)
+- Microsoft Solitaire Collection (Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe)
- Paid Wi-Fi & Cellular (Microsoft.OneConnect_8wekyb3d8bbwe)
+- Paid Wi-Fi & Cellular (Microsoft.OneConnect_8wekyb3d8bbwe)
- Feedback Hub (Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe)
+- Feedback Hub (Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe)
- Xbox (Microsoft.XboxApp_8wekyb3d8bbwe)
+- Xbox (Microsoft.XboxApp_8wekyb3d8bbwe)
- Mail/Calendar (microsoft.windowscommunicationsapps_8wekyb3d8bbwe)
+- Mail/Calendar (microsoft.windowscommunicationsapps_8wekyb3d8bbwe)
-
+
-### Local Group Policies
+### Local Group Policies
-
+
-> [!IMPORTANT]  
+> [!IMPORTANT]  
-> We do not recommend setting additional policies on PCs configured with the Set up School PCs app. The shared PC mode is optimized to be fast and reliable over time with minimal to no manual maintenance required.
+> We do not recommend setting additional policies on PCs configured with the Set up School PCs app. The shared PC mode is optimized to be fast and reliable over time with minimal to no manual maintenance required.
-
+
-<table border="1"> 
+<table border="1"> 
-<thead><tr><th colspan="2"><p>Policy path</p></th></tr>
+<thead><tr><th colspan="2"><p>Policy path</p></th></tr>
-<tr><th><p>Policy name</p></th><th><p>Value</p></th> 
+<tr><th><p>Policy name</p></th><th><p>Value</p></th> 
-</tr> </thead>
+</tr> </thead>
-<tbody>
+<tbody>
-<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>Control Panel</strong> > <strong>Personalization</strong></p></td> 
+<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>Control Panel</strong> > <strong>Personalization</strong></p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Prevent enabling lock screen slide show</p></td><td><p>Enabled</p></td>
+<tr><td><p>Prevent enabling lock screen slide show</p></td><td><p>Enabled</p></td>
-</tr> 
+</tr> 
-<tr><td><p>Prevent changing lock screen and logon image</p></td><td><p>Enabled</p></td>
+<tr><td><p>Prevent changing lock screen and logon image</p></td><td><p>Enabled</p></td>
-</tr> 
+</tr> 
-<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>System</strong> > <strong>Power Management</strong> > <strong>Button Settings</strong></p></td> 
+<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>System</strong> > <strong>Power Management</strong> > <strong>Button Settings</strong></p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Select the Power button action (plugged in)</p></td><td><p>Sleep</p></td> 
+<tr><td><p>Select the Power button action (plugged in)</p></td><td><p>Sleep</p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Select the Power button action (on battery)</p></td><td><p>Sleep</p></td> 
+<tr><td><p>Select the Power button action (on battery)</p></td><td><p>Sleep</p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Select the Sleep button action (plugged in)</p></td><td><p>Sleep</p></td> 
+<tr><td><p>Select the Sleep button action (plugged in)</p></td><td><p>Sleep</p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Select the lid switch action (plugged in)</p></td><td><p>Sleep</p></td>
+<tr><td><p>Select the lid switch action (plugged in)</p></td><td><p>Sleep</p></td>
-</tr> 
+</tr> 
-<tr><td><p>Select the lid switch action (on battery)</p></td><td><p>Sleep</p></td>
+<tr><td><p>Select the lid switch action (on battery)</p></td><td><p>Sleep</p></td>
-</tr> 
+</tr> 
-<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>System</strong> > <strong>Power Management</strong> > <strong>Sleep Settings</strong></p></td> 
+<tr><td colspan="2"><p><strong>Admin Templates</strong> > <strong>System</strong> > <strong>Power Management</strong> > <strong>Sleep Settings</strong></p></td> 
-</tr> 
+</tr> 
-<tr><td><p>Require a password when a computer wakes (plugged in)</p></td><td><p>Enabled</p></td>
+<tr><td><p>Require a password when a computer wakes (plugged in)</p></td><td><p>Enabled</p></td>
-</tr> 
+</tr> 
-<tr><td><p>Require a password when a computer wakes (on battery)</p></td><td><p>Enabled</p></td>
+<tr><td><p>Require a password when a computer wakes (on battery)</p></td><td><p>Enabled</p></td>
-</tr>
+</tr>
-<tr><td><p>Specify the system sleep timeout (plugged in)</p></td><td><p> 5 minutes</p></td>
+<tr><td><p>Specify the system sleep timeout (plugged in)</p></td><td><p> 5 minutes</p></td>
-</tr> 
+</tr> 
-<tr><td><p>Specify the system sleep timeout (on battery)</p></td><td><p> 5 minutes</p></td>
+<tr><td><p>Specify the system sleep timeout (on battery)</p></td><td><p> 5 minutes</p></td>
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off hybrid sleep (plugged in) </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Turn off hybrid sleep (plugged in) </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off hybrid sleep (on battery) </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Turn off hybrid sleep (on battery) </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Specify the unattended sleep timeout (plugged in) </p> </td> <td> <p> 5 minutes </p> </td>
+<tr> <td> <p> Specify the unattended sleep timeout (plugged in) </p> </td> <td> <p> 5 minutes </p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Specify the unattended sleep timeout (on battery) </p> </td> <td> <p> 5 minutes</p> </td> 
+<tr> <td> <p> Specify the unattended sleep timeout (on battery) </p> </td> <td> <p> 5 minutes</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Allow standby states (S1-S3) when sleeping (plugged in) </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Allow standby states (S1-S3) when sleeping (plugged in) </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Allow standby states (S1-S3) when sleeping (on battery) </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Allow standby states (S1-S3) when sleeping (on battery) </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Specify the system hibernate timeout (plugged in) </p> </td> <td> <p> Enabled, 0</p> </td> 
+<tr> <td> <p> Specify the system hibernate timeout (plugged in) </p> </td> <td> <p> Enabled, 0</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Specify the system hibernate timeout (on battery) </p> </td> <td> <p> Enabled, 0</p> </td> 
+<tr> <td> <p> Specify the system hibernate timeout (on battery) </p> </td> <td> <p> Enabled, 0</p> </td> 
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Power Management</strong>><strong>Video and Display Settings</strong></p> </td> </tr> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Power Management</strong>><strong>Video and Display Settings</strong></p> </td> </tr> 
-<tr> <td> <p> Turn off the display (plugged in) </p> </td> <td> <p> 5 minutes</p> </td> 
+<tr> <td> <p> Turn off the display (plugged in) </p> </td> <td> <p> 5 minutes</p> </td> 
-</tr>
+</tr>
- <tr> <td> <p> Turn off the display (on battery) </p> </td> <td> <p> 5 minutes</p> </td>
+ <tr> <td> <p> Turn off the display (on battery) </p> </td> <td> <p> 5 minutes</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Power Management</strong>><strong>Energy Saver Settings</strong></p> </td> </tr> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Power Management</strong>><strong>Energy Saver Settings</strong></p> </td> </tr> 
-<tr> <td> <p> Energy Saver Battery Threshold (on battery) </p> </td> <td> <p> 70</p> </td> 
+<tr> <td> <p> Energy Saver Battery Threshold (on battery) </p> </td> <td> <p> 70</p> </td> 
-</tr>
+</tr>
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Logon</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>Logon</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Show first sign-in animation </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Show first sign-in animation </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Hide entry points for Fast User Switching </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Hide entry points for Fast User Switching </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Turn on convenience PIN sign-in </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Turn on convenience PIN sign-in </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off picture password sign-in </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Turn off picture password sign-in </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off app notification on the lock screen </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Turn off app notification on the lock screen </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Allow users to select when a password is required when resuming from connected standby</p> </td> <td> <p> Disabled</p> </td> 
+<tr> <td> <p> Allow users to select when a password is required when resuming from connected standby</p> </td> <td> <p> Disabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Block user from showing account details on sign-in </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Block user from showing account details on sign-in </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>User Profiles</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>System</strong>><strong>User Profiles</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off the advertising ID </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Turn off the advertising ID </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Biometrics</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Biometrics</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Allow the use of biometrics </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Allow the use of biometrics </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Allow users to log on using biometrics </p> </td> <td> <p> Disabled</p> </td> 
+<tr> <td> <p> Allow users to log on using biometrics </p> </td> <td> <p> Disabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Allow domain users to log on using biometrics </p> </td> <td> <p> Disabled</p> </td> 
+<tr> <td> <p> Allow domain users to log on using biometrics </p> </td> <td> <p> Disabled</p> </td> 
-</tr> 
+</tr> 
-<tr><td colspan="2"><strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Cloud Content</strong></td></tr>
+<tr><td colspan="2"><strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Cloud Content</strong></td></tr>
-<tr> <td> <p> Do not show Windows Tips </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Do not show Windows Tips </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Turn off Microsoft consumer experiences </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Turn off Microsoft consumer experiences </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Data Collection and Preview Builds</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong>><strong>Windows Components</strong>><strong>Data Collection and Preview Builds</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Toggle user control over Insider builds </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Toggle user control over Insider builds </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Disable pre-release features or settings </p> </td> <td> <p> Disabled</p> </td> 
+<tr> <td> <p> Disable pre-release features or settings </p> </td> <td> <p> Disabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Do not show feedback notifications </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Do not show feedback notifications </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Allow Telemetry </p> </td> <td> <p> Basic, 0</p> </td> 
+<tr> <td> <p> Allow Telemetry </p> </td> <td> <p> Basic, 0</p> </td> 
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>File Explorer</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>File Explorer</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Show lock in the user tile menu </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Show lock in the user tile menu </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>Maintenance Scheduler</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>Maintenance Scheduler</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Automatic Maintenance Activation Boundary </p> </td> <td> <p> *MaintenanceStartTime*</p> </td>
+<tr> <td> <p> Automatic Maintenance Activation Boundary </p> </td> <td> <p> *MaintenanceStartTime*</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Automatic Maintenance Random Delay </p> </td> <td> <p> Enabled, 2 hours</p> </td> 
+<tr> <td> <p> Automatic Maintenance Random Delay </p> </td> <td> <p> Enabled, 2 hours</p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Automatic Maintenance WakeUp Policy </p> </td> <td> <p> Enabled</p> </td> 
+<tr> <td> <p> Automatic Maintenance WakeUp Policy </p> </td> <td> <p> Enabled</p> </td> 
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>OneDrive</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>OneDrive</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Prevent the usage of OneDrive for file storage </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Prevent the usage of OneDrive for file storage </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>Windows Hello for Business</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Admin Templates</strong> > <strong>Windows Components</strong> > <strong>Windows Hello for Business</strong></p> </td> 
-</tr> 
+</tr> 
-<tr> <td> <p> Use phone sign-in </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Use phone sign-in </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Use Windows Hello for Business </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Use Windows Hello for Business </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Use biometrics </p> </td> <td> <p> Disabled</p> </td>
+<tr> <td> <p> Use biometrics </p> </td> <td> <p> Disabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td colspan="2"> <p> <strong>Windows Settings</strong> > <strong>Security Settings</strong> > <strong>Local Policies</strong> > <strong>Security Options</strong></p> </td> 
+<tr> <td colspan="2"> <p> <strong>Windows Settings</strong> > <strong>Security Settings</strong> > <strong>Local Policies</strong> > <strong>Security Options</strong></p> </td> 
-</tr> 
+</tr> 
-<tr><td><p>Accounts: Block Microsoft accounts</p><p>**Note** Microsoft accounts can still be used in apps.</p></td><td><p>Enabled</p></td></tr>
+<tr><td><p>Accounts: Block Microsoft accounts</p><p>**Note** Microsoft accounts can still be used in apps.</p></td><td><p>Enabled</p></td></tr>
-<tr> <td> <p> Interactive logon: Do not display last user name </p> </td> <td> <p> Enabled</p> </td>
+<tr> <td> <p> Interactive logon: Do not display last user name </p> </td> <td> <p> Enabled</p> </td>
-</tr> 
+</tr> 
-<tr> <td> <p> Interactive logon: Sign-in last interactive user automatically after a system-initiated restart</p> </td> <td> <p> Disabled</p> </td> 
+<tr> <td> <p> Interactive logon: Sign-in last interactive user automatically after a system-initiated restart</p> </td> <td> <p> Disabled</p> </td> 
-</tr> 
+<tr> <td> <p> User Account Control: Behavior of the elevation prompt for standard users </p> </td> <td> <p> Auto deny</p> </td>
-<tr> <td> <p> Shutdown: Allow system to be shut down without having to log on </p> </td> <td> <p> Enabled</p> </td> 
+</tr> 
-</tr> 
+</tbody>
-<tr> <td> <p> User Account Control: Behavior of the elevation prompt for standard users </p> </td> <td> <p> Auto deny</p> </td>
+</table> </br>
-</tr> 
+
-</tbody>
+## Use the app
-</table> </br>
+When you're ready to use the app, see [Use Set up School PCs app](use-set-up-school-pcs-app.md). 
-
+
-## Use the app
+## Related topics
-When you're ready to use the app, see [Use Set up School PCs app](use-set-up-school-pcs-app.md). 
+
-
+[Set up Windows devices for education](set-up-windows-10.md)
-## Related topics
+
-
+
-[Set up Windows devices for education](set-up-windows-10.md)
+
-
+
-
+
--- a/windows/client-management/mdm/configuration-service-provider-reference.md
+++ b/windows/client-management/mdm/configuration-service-provider-reference.md
@ -7,7 +7,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 03/02/2018
+ms.date: 03/12/2018
 ---
 # Configuration service provider reference
@ -2136,7 +2136,7 @@ Footnotes:
 <!--EndCSP-->
 <!--StartCSP-->
-[Uefi CSP](uefi-csp.md)  
+[UEFI CSP](uefi-csp.md)  
 <!--StartSKU-->
 <table>
@ -2151,7 +2151,7 @@ Footnotes:
 </tr>
 <tr>
 	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
 	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
 	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
 	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
@ -2596,6 +2596,7 @@ Footnotes:
 -   [Reporting CSP](reporting-csp.md)
 -   [RootCATrustedCertificates CSP](rootcacertificates-csp.md)
 -   [SurfaceHub CSP](surfacehub-csp.md)
 -   [UEFI CSP](uefi-csp.md)  
 -   [WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md)
--- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md
+++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
@ -63,14 +63,14 @@ ms.date: 03/12/2018
 <!--/Scope-->
 <!--Description-->
-Allows for the configuration of the default clock setting to be the 24 hour format. Selecting 'Set 24 hour Clock' enables this setting. Selecting 'Locale default setting' uses the default clock as prescribed by the current locale setting.
+Allows for the configuration of the default clock setting to be the 24 hour format.  If set to 0 (zero), the device uses the default clock as prescribed by the current locale setting.
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
-   0 – Locale default setting.
+-   0 (default) – Current locale setting.
-   1 (default) – Set 24 hour clock.
+-   1 – Set 24 hour clock.
 <!--/SupportedValues-->
 <!--/Policy-->
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@ -39,7 +39,7 @@
 ### [Understand the Windows Defender ATP portal](windows-defender-atp\use-windows-defender-advanced-threat-protection.md)
 #### [Portal overview](windows-defender-atp\portal-overview-windows-defender-advanced-threat-protection.md)
 #### [View the Security operations dashboard](windows-defender-atp\dashboard-windows-defender-advanced-threat-protection.md)
-#### [View the Security analytics dashboard](windows-defender-atp\security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
+#### [View the Secure score dashboard](windows-defender-atp\security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
 #### [View the Threat analytics dashboard](windows-defender-atp\threat-analytics-windows-defender-advanced-threat-protection.md)
 ###Investigate and remediate threats
--- a/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md
@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 11/09/2017
+ms.date: 03/12/2018
 ---
 # View and organize the Windows Defender Advanced Threat Protection Alerts queue
@ -135,7 +135,7 @@ Select multiple alerts (Ctrl or Shift select) and manage or edit alerts together
 ## Related topics
 - [View the Windows Defender Advanced Threat Protection Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md)
- [View the Windows Defender Advanced Threat Protection Security analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
+- [View the Windows Defender Advanced Threat Protection Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
 - [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
 - [Investigate a file associated with a Windows Defender ATP alert](investigate-files-windows-defender-advanced-threat-protection.md)
 - [Investigate an IP address associated with a Windows Defender ATP alert](investigate-ip-windows-defender-advanced-threat-protection.md)
--- a/windows/security/threat-protection/windows-defender-atp/enable-security-analytics-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/enable-security-analytics-windows-defender-advanced-threat-protection.md
@ -1,7 +1,7 @@
 ---
-title: Enable Security Analytics in Windows Defender ATP
+title: Enable Secure score security controls in Windows Defender ATP
-description: Set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard.
+description: Set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard.
-keywords: enable security analytics, baseline, calculation, analytics, score, security analytics dashboard, dashboard
+keywords: secure score, baseline, calculation, score, secure score dashboard, dashboard, windows defender antivirus, av, exploit guard, application guard, smartscreen
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@ -10,10 +10,10 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 10/16/2017
+ms.date: 03/12/2018
 ---
-# Enable Security Analytics security controls
+# Enable Secure score security controls
 **Applies to:**
@ -25,21 +25,21 @@ ms.date: 10/16/2017
-Set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard. If you use third-party solutions, consider excluding the corresponding controls from the calculations.
+Set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard. If you use third-party solutions, consider excluding the corresponding controls from the calculations.
  >[!NOTE]
  >Changes might take up to a few hours to reflect on the dashboard. 
-1. In the navigation pane, select **Preferences setup** > **Security Analytics**.
+1. In the navigation pane, select **Preferences setup** > **Secure score**.
-    ![Image of Security Analytics controls from Preferences setup menu](images/atp-enable-security-analytics.png)
+    ![Image of Secure score controls from Preferences setup menu](images/atp-enable-security-analytics.png)
 2. Select the security control, then toggle the setting between **On** and **Off**.
 3. Click **Save preferences**.
 ## Related topics
- [View the Security Analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
+- [View the Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
 - [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md)
 - [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md)
 - [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md)
--- a/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md
@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 10/23/2017
+ms.date: 03/12/2018
 ---
 # View and organize the Windows Defender ATP Machines list
@ -80,7 +80,7 @@ Filter the list to view specific machines that are well configured or require at
 - **Well configured** - Machines have the Windows Defender security controls well configured. 
 - **Requires attention** - Machines where improvements can be made to increase the overall security posture of your organization.
-For more information, see [View the Security Analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md).
+For more information, see [View the Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md).
 **Malware category alerts**</br>
 Filter the list to view specific machines grouped together by the following malware categories:
--- a/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md
@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: DulceMV
 ms.localizationpriority: high
-ms.date: 10/19/2017
+ms.date: 03/12/2018
 ---
 # Windows Defender Advanced Threat Protection portal overview
@ -51,11 +51,11 @@ You can navigate through the portal using the menu options available in all sect
 Area | Description
 :---|:---
 (1) Navigation pane | Use the navigation pane to move between the **Dashboards**, **Alerts queue**, **Machines list**, **Service health**, **Preferences setup**, and **Endpoint management**.
-**Dashboards**	| Enables you to view the Security operations or the Security analytics dashboard.
+**Dashboards**	| Allows you to access the Security operations or the Secure score dashboard.
-**Alerts queue** | Enables you to view separate queues of new, in progress, resolved alerts, alerts assigned to you, and suppression rules.
+**Alerts queue** | Allows you to view separate queues: new, in progress, resolved alerts, alerts assigned to you, and suppression rules.
 **Machines list** | Displays the list of machines that are onboarded to Windows Defender ATP, some information about them, and the corresponding number of alerts.
 **Service health** | Provides information on the current status of the Window Defender ATP service. You'll be able to verify that the service health is healthy or if there are current issues.
-**Preferences setup** |	Shows the settings you selected during onboarding and lets you update your industry preferences and retention policy period. You can also set other configuration settings such as email notifications, activate the preview experience, enable or turn off advanced features, SIEM integration, threat intel API, build Power BI reports, and set baselines for the Security analytics dashboard.
+**Preferences setup** |	Shows the settings you selected during onboarding and lets you update your industry preferences and retention policy period. You can also set other configuration settings such as email notifications, activate the preview experience, enable or turn off advanced features, SIEM integration, threat intel API, build Power BI reports, and set baselines for the Secure score dashboard.
 **Endpoint management** |	Provides access to endpoints such as clients and servers. Allows you to download the onboarding configuration package for endpoints. It also provides access to endpoint offboarding.
 **Community center** | Access the Community center to learn, collaborate, and share experiences about the product. 
 (2) Main portal| Main area where you will see the different views such as the Dashboards, Alerts queue, and Machines list.
--- a/windows/security/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md
@ -1,7 +1,7 @@
 ---
-title: View the Security Analytics dashboard in Windows Defender ATP
+title: View the Secure score dashboard in Windows Defender ATP
-description: Use the Security Analytics dashboard to assess and improve the security state of your organization by analyzing various security control tiles. 
+description: Use the Secure score dashboard to assess and improve the security state of your organization by analyzing various security control tiles. 
-keywords: security analytics, dashboard, security recommendations, security control state, security score, score improvement, organizational security score, security coverage, security control, improvement opportunities, edr, antivirus, av, os security updates
+keywords: secure score, dashboard, security recommendations, security control state, security score, score improvement, organizational security score, security coverage, security control, improvement opportunities, edr, antivirus, av, os security updates
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@ -9,10 +9,10 @@ ms.sitesec: library
 ms.pagetype: security
 author: mjcaparas
 localizationpriority: high
-ms.date: 11/17/2017
+ms.date: 03/12/2018
 ---
-# View the Windows Defender Advanced Threat Protection Security analytics dashboard
+# View the Windows Defender Advanced Threat Protection Secure score dashboard
 **Applies to:**
@ -27,18 +27,18 @@ ms.date: 11/17/2017
 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-sadashboard-abovefoldlink) 
-The Security Analytics dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines.
+The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines.
 >[!IMPORTANT]
 > This feature is available for machines on Windows 10, version  1703 or later. 
-The **Security analytics dashboard** displays a snapshot of:
+The **Secure score dashboard** displays a snapshot of:
 - Organizational security score
 - Security coverage
 - Improvement opportunities
 - Security score over time
-![Security analytics dashboard](images/atp-dashboard-security-analytics-full.png)
+![Secure score dashboard](images/atp-dashboard-security-analytics-full.png)
 ## Organizational security score
 The organization security score is reflective of the average score of all the Windows Defender security controls that are configured according to the recommended baseline. You can improve this score by taking the steps in configuring each of the security controls in the optimal settings.
@ -52,7 +52,7 @@ The denominator is reflective of the organizational score potential and calculat
 In the example image, the total points from the **Improvement opportunities** tile add up to 321 points for the six pillars from the **Security coverage** tile.
-You can set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard through the **Preferences settings**. For more information, see [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md).
+You can set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard through the **Preferences settings**. For more information, see [Enable Secure score security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md).
 ## Security coverage
 The security coverage tile shows a bar graph where each bar represents a Windows Defender security control. Each bar reflects the number of machines that are well configured and those that require **any kind of attention** for each security control. Hovering on top of the individual bars will show exact numbers for each category. Machines that are green are well configured, while machines that are orange require some level of attention. 
@ -241,7 +241,7 @@ For more information, see [Windows Defender SmartScreen](../windows-defender-sma
 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-sadashboard-belowfoldlink) 
 ## Related topics
- [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md)
+- [Enable Secure score security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md)
 - [View the Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md)
 - [View and organize the Windows Defender Advanced Threat Protection Alerts queue ](alerts-queue-windows-defender-advanced-threat-protection.md)
 - [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
--- a/windows/security/threat-protection/windows-defender-atp/use-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/use-windows-defender-advanced-threat-protection.md
@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 02/13/2018
+ms.date: 03/12/2018
 ---
 # Use the Windows Defender Advanced Threat Protection portal
@ -31,7 +31,7 @@ You can use the Windows Defender ATP portal to carry out an end-to-end security
 Use the **Security operations** dashboard to gain insight on the various alerts on machines and users in your network.
-Use the **Security analytics** dashboard to expand your visibility on the overall security posture of your organization. You'll see machines that require attention and recommendations that can help you reduce the attack surface in your organization.
+Use the **Secure score** dashboard to expand your visibility on the overall security posture of your organization. You'll see machines that require attention and recommendations that can help you reduce the attack surface in your organization.
 ### In this section
@ -40,6 +40,6 @@ Topic | Description
 :---|:---
 [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md) | Understand the portal layout and area descriptions.
 [View the Windows Defender Advanced Threat Protection Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md) | The Windows Defender ATP  **Security operations dashboard** provides a snapshot of your network. You can view aggregates of alerts, the overall status of the service of the endpoints on your network, investigate machines, files, and URLs, and see snapshots of threats seen on machines.
-[View the Windows Defender Advanced Threat Protection Security analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md) | The **Security Analytics dashboard** expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place.
+[View the Windows Defender Advanced Threat Protection Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md) | The **Secure score dashboard** expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place.
--- a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
@ -1,7 +1,7 @@
 ---
 title: Windows Defender Advanced Threat Protection - Windows Defender
 description: Windows Defender Advanced Threat Protection is an enterprise security service that helps detect and respond to possible cybersecurity threats related to advanced persistent threats.
-keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, endpoint behavioral sensor, cloud security, analytics, threat intelligence
+keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, endpoint behavioral sensor, cloud security, score, threat intelligence
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 11/13/2017
+ms.date: 03/12/2018
 ---
 # Windows Defender Advanced Threat Protection