Merge remote-tracking branch 'origin/master' into atp-fix

.openpublishing.redirection.json

@@ -11,13 +11,83 @@
 "redirect_document_id": true
 },
 {
-"source_path": "windows/deployment/update/waas-windows-insider-for-business.md",
-"redirect_url": "/windows-insider/at-work-pro/wip-4-biz-get-started",
+"source_path": "windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows.md",
+"redirect_url": "/windows/security/identity-protection/how-hardware-based-containers-help-protect-windows",
 "redirect_document_id": true
 },
 {
-"source_path": "windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows.md",
-"redirect_url": "/windows/security/identity-protection/how-hardware-based-containers-help-protect-windows",
+"source_path": "windows/security/hardware-protection/encrypted-hard-drive.md",
+"redirect_url": "/windows/security/information-protection/encrypted-hard-drive",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/secure-the-windows-10-boot-process.md",
+"redirect_url": "/windows/security/information-protection/secure-the-windows-10-boot-process",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md",
+"redirect_url": "/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/change-the-tpm-owner-password.md",
+"redirect_url": "/windows/security/information-protection/tpm/change-the-tpm-owner-password",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/how-windows-uses-the-tpm.md",
+"redirect_url": "/windows/security/information-protection/tpm/how-windows-uses-the-tpm",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md",
+"redirect_url": "/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/manage-tpm-commands.md",
+"redirect_url": "/windows/security/information-protection/tpm/manage-tpm-commands",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/manage-tpm-lockout.md",
+"redirect_url": "/windows/security/information-protection/tpm/manage-tpm-lockout",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md",
+"redirect_url": "/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/tpm-fundamentals.md",
+"redirect_url": "/windows/security/information-protection/tpm/tpm-fundamentals",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/tpm-recommendations.md",
+"redirect_url": "/windows/security/information-protection/tpm/tpm-recommendations",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-overview.md",
+"redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-overview",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-services-group-policy-settings.md",
+"redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-top-node.md",
+"redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-top-node",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/deployment/update/waas-windows-insider-for-business.md",
+"redirect_url": "/windows-insider/at-work-pro/wip-4-biz-get-started",
 "redirect_document_id": true
 },
 {

browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md

@@ -4,23 +4,24 @@
 
 [!INCLUDE [configure-browser-telemetry-for-m365-analytics-shortdesc](../shortdesc/configure-browser-telemetry-for-m365-analytics-shortdesc.md)]
 
-### Supported values
-
-|Group Policy  |MDM |Registry |Description |Most restricted |
-|---|:---:|:---:|---|:---:|
-|Disabled or not configured<br>**(default)** |0 |0 |No data collected or sent |![Most restricted value](../images/check-gn.png) |
-|Enabled |1 |1 |Send intranet history only | |
-|Enabled |2 |2 |Send Internet history only | |
-|Enabled |3 |3 |Send both intranet and Internet history | |
----
-
->>You can find this setting in the following location of the Group Policy Editor:
->> 
->>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**_Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection and Preview Builds\\_**
-
 >[!IMPORTANT]
 >For this policy to work, enable the Allow Telemetry policy with the _Enhanced_ option and enable the Configure the Commercial ID policy by providing the Commercial ID.
 
+### Supported values
+
+>[!div class="mx-tableFixed"]
+>|Group Policy  |MDM |Registry |Description |Most restricted |
+>|---|:---:|:---:|---|:---:|
+>|Disabled or not configured<br>**(default)** |0 |0 |No data collected or sent |![Most restricted value](../images/check-gn.png) |
+>|Enabled |1 |1 |Send intranet history only | |
+>|Enabled |2 |2 |Send Internet history only | |
+>|Enabled |3 |3 |Send both intranet and Internet history | |
+---
+
+>>You can find this policy and the related policies in the following location of the Group Policy Editor:
+>> 
+>>**_Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection and Preview Builds\\_**
+>><ul><li>Allow Telemetry = Enabled, _Enhanced_</li><li>Configure the Commercial ID = String of the Commercial ID</li><li>Configure collection of browsing data for Microsoft 365 Analytics</li></ul> 
 
 ### ADMX info and settings
 #### ADMX info

windows/client-management/mdm/assignedaccess-csp.md

@@ -19,6 +19,9 @@ For a step-by-step guide for setting up devices to run in kiosk mode, see [Set u
 
  In Windows 10, version 1709, the AssignedAccess configuration service provider (CSP) has been expanded to make it easy for administrators to create kiosks that run more than one app. You can configure multi-app kiosks using a provisioning package. For a step-by-step guide, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps).
 
+> [!Warning]  
+> You can only assign one single app kiosk profile to an individual user account on a device. The single app profile does not support domain groups.
+
 > [!Note]
 > The AssignedAccess CSP is supported in Windows 10 Enterprise and Windows 10 Education. Starting from Windows 10, version 1709 it is also supported in Windows 10 Pro and Windows 10 S. Starting in Windows 10, version 1803, it is also supported in Windows Holographic for Business edition.
 

windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md

@@ -1638,6 +1638,13 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 </thead>
 <tbody>
 <tr>
+<td style="vertical-align:top">[AssignedAccess CSP](assignedaccess-csp.md)</td>
+<td style="vertical-align:top"><p>Added the following note:</p>
+<ul>
+<li>You can only assign one single app kiosk profile to an individual user account on a device. The single app profile does not support domain groups.</li>
+</ul>
+</td></tr>
+<tr>
 <td style="vertical-align:top">[PassportForWork  CSP](passportforwork-csp.md)</td>
 <td style="vertical-align:top"><p>Added new settings in Windows 10, next major version.</p>
 </td></tr>
@@ -1675,18 +1682,23 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 <ul>
 <li>ApplicationManagement/LaunchAppAfterLogOn</li>
 <li>ApplicationManagement/ScheduleForceRestartForUpdateFailures </li>
+<li>Authentication/EnableFastFirstSignIn</li>
+<li>Authentication/EnableWebSignIn</li>
+<li>Authentication/PreferredAadTenantDomainName</li>
 <li>Defender/CheckForSignaturesBeforeRunningScan</li>
 <li>Defender/DisableCatchupFullScan </li>
 <li>Defender/DisableCatchupQuickScan </li>
 <li>Defender/EnableLowCPUPriority</li>
-<li>Defender/SignatureUpdateFallbackOrder </li>
-<li>Defender/SignatureUpdateFileSharesSources </li>
+<li>Defender/SignatureUpdateFallbackOrder</li>
+<li>Defender/SignatureUpdateFileSharesSources</li>
+<li>DeviceGuard/EnableSystemGuard</li>
 <li>DeviceInstallation/AllowInstallationOfMatchingDeviceIDs</li>
 <li>DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</li>
 <li>DeviceInstallation/PreventDeviceMetadataFromNetwork</li>
 <li>DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</li>
 <li>DmaGuard/DeviceEnumerationPolicy</li>
 <li>Experience/AllowClipboardHistory</li>
+<li>Security/RecoveryEnvironmentAuthentication</li>
 <li>TaskManager/AllowEndTask</li>
 <li>WindowsDefenderSecurityCenter/DisableClearTpmButton</li>
 <li>WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning</li>

windows/deployment/upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md

@@ -6,7 +6,7 @@ ms.localizationpriority: medium
 ms.prod: w10
 author: jaimeo
 ms.author: jaimeo
-ms.date: 08/30/2017
+ms.date: 07/31/2018
 ---
 
 # Use Upgrade Readiness to manage Windows upgrades
@@ -22,7 +22,7 @@ When you are ready to begin the upgrade process, a workflow is provided to guide
 
 Each step in the workflow is enumerated using blue tiles. Helpful data is provided on white tiles to help you get started, to monitor your progress, and to complete each step.
 
->**Important**: You can use the [Target version](#target-version) setting to evaluate computers that are runnign a specified version of Windows before starting the Upgrade Readiness workflow. By default, the Target version is configured to the released version of Windows 10 for the Current Branch for Business (CBB).
+>**Important**: You can use the [Target version](#target-version) setting to evaluate computers that are running a specified version of Windows before starting the Upgrade Readiness workflow. By default, the Target version is configured to the released version of Windows 10 for the Current Branch for Business (CBB).
 
 The following information and workflow is provided:
 
@@ -41,11 +41,11 @@ The target version setting is used to evaluate the number of computers that are
 
 ![Upgrade overview showing target version](../images/ur-target-version.png)
 
-As mentioned previously, the default target version in Upgrade Readiness is set to the released version of the Current Branch for Business (CBB). CBB can be determined by reviewing [Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx). The target version setting is used to evaluate the number of computers that are already running this version of Windows, or a later version. 
+The default target version in Upgrade Readiness is set to the released version of the Current Branch for Business (CBB). CBB can be determined by reviewing [Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx). The target version setting is used to evaluate the number of computers that are already running this version of Windows, or a later version. 
 
 The number displayed under **Computers upgraded** in the Upgrade Overview blade is the total number of computers that are already running the same or a later version of Windows compared to the target version. It also is used in the evaluation of apps and drivers: Known issues and guidance for the apps and drivers in Upgrade Readiness is based on the target operating system version.
 
-You now have the ability to change the Windows 10 version you wish to target. The available options currently are: Windows 10 version 1507, Windows 10 version 1511, Windows 10 version 1607, and Windows 10 version 1703.
+You now have the ability to change the Windows 10 version you wish to target. The available options currently are: Windows 10 version 1507, Windows 10 version 1511, Windows 10 version 1607, Windows 10 version 1703, Windows 10 version 1709 and Windows 10 version 1803.
 
 To change the target version setting, click on **Solutions Settings**, which appears at the top when you open you Upgrade Readiness solution:
 

windows/security/TOC.md

@@ -1,7 +1,6 @@
 # [Security](index.yml)
 ## [Identity and access management](identity-protection/index.md)
 ## [Information protection](information-protection/index.md)
-## [Hardware-based protection](hardware-protection/index.md)
 ## [Threat protection](threat-protection/index.md)
 
 

windows/security/hardware-protection/TOC.md

@@ -1,21 +0,0 @@
-# [Hardware-based protection](index.md)
-
-## [Encrypted Hard Drive](encrypted-hard-drive.md)
-
-## [Windows Defender System Guard](how-hardware-based-containers-help-protect-windows.md)
-
-## [Secure the Windows 10 boot process](secure-the-windows-10-boot-process.md)
-
-## [Trusted Platform Module](tpm/trusted-platform-module-top-node.md)
-### [Trusted Platform Module Overview](tpm/trusted-platform-module-overview.md)
-### [TPM fundamentals](tpm/tpm-fundamentals.md)
-### [How Windows 10 uses the TPM](tpm/how-windows-uses-the-tpm.md)
-### [TPM Group Policy settings](tpm/trusted-platform-module-services-group-policy-settings.md)
-### [Back up the TPM recovery information to AD DS](tpm/backup-tpm-recovery-information-to-ad-ds.md)
-### [Manage TPM commands](tpm/manage-tpm-commands.md)
-### [Manage TPM lockout](tpm/manage-tpm-lockout.md)
-### [Change the TPM owner password](tpm/change-the-tpm-owner-password.md)
-### [View status, clear, or troubleshoot the TPM](tpm/initialize-and-configure-ownership-of-the-tpm.md)
-### [Understanding PCR banks on TPM 2.0 devices](tpm/switch-pcr-banks-on-tpm-2-0-devices.md)
-### [TPM recommendations](tpm/tpm-recommendations.md)
-

windows/security/hardware-protection/index.md

@@ -1,21 +0,0 @@
----
-title: Hardware-based Protection (Windows 10)
-description: Learn more about how to help protect against threats in Windows 10 and Windows 10 Mobile.
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: brianlic-msft
-ms.date: 02/05/2018
----
-
-# Hardware-based protection
-
-Windows 10 leverages these hardware-based security features to protect and maintain system integrity.
-
-| Section | Description |
-|-|-|
-| [Encrypted Hard Drive](encrypted-hard-drive.md) | Provides information about Encrypted Hard Drive, which uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management.|
-|[How hardware-based containers help protect Windows 10](how-hardware-based-containers-help-protect-windows.md) |Learn about how hardware-based containers can isolate sensitive system services and data, enabling them to remain secure even when the operating system has been compromised.|
-|[Secure the Windows 10 boot process](secure-the-windows-10-boot-process.md) |Learn about the Windows 10 security features that help to protect your PC from malware, including rootkits and other applications.|
-| [Trusted Platform Module](tpm/trusted-platform-module-top-node.md)| Provides links to information about the Trusted Platform Module (TPM), which is a secure crypto-processor that helps you with actions such as generating, storing, and limiting the use of cryptographic keys. |

windows/security/identity-protection/TOC.md

@@ -28,7 +28,6 @@
 ### [Credential Guard: Additional mitigations](credential-guard/additional-mitigations.md)
 ### [Credential Guard: Known issues](credential-guard/credential-guard-known-issues.md)
 
-
 ## [Protect Remote Desktop credentials with Remote Credential Guard](remote-credential-guard.md)
 
 ## [Smart Cards](smart-cards/smart-card-windows-smart-card-technical-reference.md)

windows/security/identity-protection/how-hardware-based-containers-help-protect-windows.md

@@ -7,9 +7,10 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 author: justinha
-ms.date: 07/31/2018
+ms.date: 08/01/2018
 ---
 
+
 # Windows Defender System Guard: How hardware-based containers help protect Windows 10
 
 Windows 10 uses containers to isolate sensitive system services and data, enabling them to remain secure even when the operating system has been compromised. 
@@ -25,13 +26,13 @@ Windows Defender System Guard reorganizes the existing Windows 10 system integri
 
 With Windows 7, one of the means attackers would use to persist and evade detection was to install what is often referred to as a bootkit or rootkit on the system. This malicious software would start before Windows started, or during the boot process itself, enabling it to start with the highest level of privilege.
 
-With Windows 10 running on modern hardware (that is, Windows 8-certified or greater) we have a hardware-based root of trust that helps us ensure that no unauthorized firmware or software (such as a bootkit) can start before the Windows bootloader. This hardware-based root of trust comes from the device’s [Secure Boot feature](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-8.1-and-8/hh824987), which is part of the Unified Extensible Firmware Interface (UEFI). 
+With Windows 10 running on modern hardware (that is, Windows 8-certified or greater) we have a hardware-based root of trust that helps us ensure that no unauthorized firmware or software (such as a bootkit) can start before the Windows bootloader. This hardware-based root of trust comes from the device’s Secure Boot feature, which is part of the Unified Extensible Firmware Interface (UEFI). 
 
 After successful verification and startup of the device’s firmware and Windows bootloader, the next opportunity for attackers to tamper with the system’s integrity is while the rest of the Windows operating system and defenses are starting. As an attacker, embedding your malicious code using a rootkit within the boot process enables you to gain the maximum level of privilege and gives you the ability to more easily persist and evade detection. 
 
 This is where Windows Defender System Guard protection begins with its ability to ensure that only properly signed and secure Windows files and drivers, including third party, can start on the device. At the end of the Windows boot process, System Guard will start the system’s antimalware solution, which scans all third party drivers, at which point the system boot process is completed. In the end, Windows Defender System Guard helps ensure that the system securely boots with integrity and that it hasn’t been compromised before the remainder of your system defenses start.
 
-![Boot time integrity](../hardware-protection/images/windows-defender-system-guard-boot-time-integrity.png)
+![Boot time integrity](images/windows-defender-system-guard-boot-time-integrity.png)
 
 ## Maintaining integrity of the system after it’s running (run time)
 
@@ -47,5 +48,5 @@ While Windows Defender System Guard provides advanced protection that will help
 
 As Windows 10 boots, a series of integrity measurements are taken by Windows Defender System Guard using the device’s Trusted Platform Module 2.0 (TPM 2.0). This process and data are hardware-isolated away from Windows to help ensure that the measurement data is not subject to the type of tampering that could happen if the platform was compromised. From here, the measurements can be used to determine the integrity of the device’s firmware, hardware configuration state, and Windows boot-related components, just to name a few. After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or System Center Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
 
-![Windows Defender System Guard](../hardware-protection/images/windows-defender-system-guard-validate-system-integrity.png)
+![Windows Defender System Guard](images/windows-defender-system-guard-validate-system-integrity.png)
 

windows/security/index.yml

@@ -85,7 +85,7 @@ sections:
       Prevent, detect, investigate, and respond to advanced threats. The following capabilities are available across multiple products that make up the Windows Defender ATP platform.
       <br>&nbsp;<br>
       <table border='0'><tr><td><b>Attack surface reduction</b></td><td><b>Next generation protection</b></td><td><b>Endpoint detection and response</b></td><td><b>Auto investigation and remediation</b></td><td><b>Security posture</b></td></tr>
-      <tr><td>[Hardware based isolation](https://docs.microsoft.com/en-us/windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows)<br><br>[Application control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)<br><br>[Exploit protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard)<br><br>[Network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)<br><br>[Device restrictions](https://docs.microsoft.com/en-us/intune/device-restrictions-configure)<br><br>[Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)<br><br>[Network firewall](https://docs.microsoft.com/en-us/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security)<br><br>[Attack surface reduction controls](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)</td>
+      <tr><td>[Hardware based isolation](https://docs.microsoft.com/en-us/windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows)<br><br>[Application control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)<br><br>[Exploit protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard)<br><br>[Network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)<br><br>[Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)<br><br>[Network firewall](https://docs.microsoft.com/en-us/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security)<br><br>[Attack surface reduction controls](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)</td>
       <td>[Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)<br><br>[Machine learning](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus)<br><br>[Automated sandbox service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus)</td>
       <td>[Alerts queue](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection)<br><br>[Historical endpoint data](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection#machine-timeline)<br><br>[Realtime and historical threat hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)<br><br>[API and SIEM integration](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection)<br><br>[Response orchestration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/response-actions-windows-defender-advanced-threat-protection)<br><br>[Forensic collection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection#collect-investigation-package-from-machines)<br><br>[Threat intelligence](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection)<br><br>[Advanced detonation and analysis service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection#deep-analysis)</td>
       <td>[Automated investigation and remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)<br><br>[Threat remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#how-threats-are-remediated)<br><br>[Manage automated investigations](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#manage-automated-investigations)<br><br>[Analyze automated investigation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#analyze-automated-investigations)</td>

windows/security/information-protection/TOC.md

@@ -28,6 +28,7 @@
 #### [Choose the Right BitLocker Countermeasure](bitlocker\choose-the-right-bitlocker-countermeasure.md)
 ### [Protecting cluster shared volumes and storage area networks with BitLocker](bitlocker\protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)
 
+## [Encrypted Hard Drive](encrypted-hard-drive.md)
 
 ## [Protect your enterprise data using Windows Information Protection (WIP)](windows-information-protection\protect-enterprise-data-using-wip.md)
 ### [Create a Windows Information Protection (WIP) policy using Microsoft Intune](windows-information-protection\overview-create-wip-policy.md)
@@ -53,3 +54,20 @@
 #### [Using Outlook Web Access with Windows Information Protection (WIP)](windows-information-protection\using-owa-with-wip.md)
 ### [Fine-tune Windows Information Protection (WIP) with WIP Learning](windows-information-protection\wip-learning.md)
 
+## [Secure the Windows 10 boot process](secure-the-windows-10-boot-process.md)
+
+## [Trusted Platform Module](tpm/trusted-platform-module-top-node.md)
+### [Trusted Platform Module Overview](tpm/trusted-platform-module-overview.md)
+### [TPM fundamentals](tpm/tpm-fundamentals.md)
+### [How Windows 10 uses the TPM](tpm/how-windows-uses-the-tpm.md)
+### [TPM Group Policy settings](tpm/trusted-platform-module-services-group-policy-settings.md)
+### [Back up the TPM recovery information to AD DS](tpm/backup-tpm-recovery-information-to-ad-ds.md)
+### [Manage TPM commands](tpm/manage-tpm-commands.md)
+### [Manage TPM lockout](tpm/manage-tpm-lockout.md)
+### [Change the TPM owner password](tpm/change-the-tpm-owner-password.md)
+### [View status, clear, or troubleshoot the TPM](tpm/initialize-and-configure-ownership-of-the-tpm.md)
+### [Understanding PCR banks on TPM 2.0 devices](tpm/switch-pcr-banks-on-tpm-2-0-devices.md)
+### [TPM recommendations](tpm/tpm-recommendations.md)
+
+
+

windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md

@@ -127,14 +127,14 @@ Verify the proxy configuration completed successfully, that WinHTTP can discover
 
 6. Open *WDATPConnectivityAnalyzer.txt* and verify that you have performed the proxy configuration steps to enable server discovery and access to the service URLs. <br><br>
 The tool checks the connectivity of Windows Defender ATP service URLs that Windows Defender ATP client is configured to interact with. It then prints the results into the *WDATPConnectivityAnalyzer.txt* file for each URL that can potentially be used to communicate with the Windows Defender ATP  services. For example:
-  ```text
-  Testing URL : https://xxx.microsoft.com/xxx
-  1 - Default proxy: Succeeded (200)
-  2 - Proxy auto discovery (WPAD): Succeeded (200)
-  3 - Proxy disabled: Succeeded (200)
-  4 - Named proxy: Doesn't exist
-  5 - Command line proxy: Doesn't exist              
-  ```
+      ```text
+      Testing URL : https://xxx.microsoft.com/xxx
+      1 - Default proxy: Succeeded (200)
+      2 - Proxy auto discovery (WPAD): Succeeded (200)
+      3 - Proxy disabled: Succeeded (200)
+      4 - Named proxy: Doesn't exist
+      5 - Command line proxy: Doesn't exist              
+      ```
 
 If at least one of the connectivity options returns a (200) status, then the Windows Defender ATP client can communicate with the tested URL properly using this connectivity method. <br><br>
 

windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md

@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 05/30/2018
+ms.date: 08/01/2018
 ---
 
 # Investigate machines in the Windows Defender ATP Machines list
@@ -178,6 +178,9 @@ Use the following registry key entry to add a tag on a machine:
 -	Registry key: `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection\DeviceTagging\`
 -	Registry key value (string): Group
 
+>[!NOTE]
+>The device tag is part of the machine information report that’s generated once a day. As an alternative, you may choose to restart the endpoint that would transfer a new machine information report. 
+
 
 ### Add machine tags using the portal
 Dynamic context capturing is achieved using tags. By tagging machines, you can keep track of individual machines in your organization. After adding tags on machines, you can apply the Tags filter on the Machines list to get a narrowed list of machines with the tag.

windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md

@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: v-tanewt
 author: tbit0001
 ms.localizationpriority: medium
-ms.date: 11/28/2017
+ms.date: 08/01/2018
 ---
 
 # Troubleshoot subscription and portal access issues
@@ -72,5 +72,14 @@ If the portal dashboard, and other sections show an error message such as "Data
 You'll need to whitelist the `securitycenter.windows.com` and all sub-domains under it. For example `*.securitycenter.windows.com`.
 
 
+## Portal communication issues
+If you encounter issues with accessing the portal, missing data, or restricted access to portions of the portal, you'll need to verify that the following urls are whitelisted and open for communciation.
+
+- `*.blob.core.windows.net 
+crl.microsoft.com`
+- `https://*.microsoftonline-p.com`
- `https://*.securitycenter.windows.com` 
- `https://automatediracs-eus-prd.securitycenter.windows.com`
- `https://login.microsoftonline.com`
- `https://login.windows.net`
- `https://onboardingpackagescusprd.blob.core.windows.net`
+- `https://secure.aadcdn.microsoftonline-p.com` 
+- `https://securitycenter.windows.com` 
- `https://static2.sharepointonline.com` 
+
 ## Related topics
 - [Validate licensing provisioning and complete setup for Windows Defender ATP](licensing-windows-defender-advanced-threat-protection.md)