deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 23:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Add machine actions link to all machine actions API

Browse Source
This commit is contained in:
Zvi Avidor 2018-10-04 13:25:48 +03:00
parent d180a05566
commit 1ed3b286d6
8 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md
View File

@ -19,10 +19,10 @@ ms.date: 12/08/2017
[!include[Prerelease information](prerelease.md)]
Collect investigation package from a machine.
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)

9
windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md
View File

@ -21,8 +21,7 @@ ms.date: 12/08/2017
Isolates a machine from accessing external network.
>[!Note]
> This page focus on activating machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP.
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
@ -34,8 +33,8 @@ Delegated (work or school account) | Machine.Isolate | 'Isolate machine'
>[!Note]
> When obtaining a token using user credentials:
>- The user need to have at least the following role permission: 'Active remediation actions' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information)
>- The user need to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information)
>- The user needs to have at least the following role permission: 'Active remediation actions' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information)
>- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information)
## HTTP request
@ -60,7 +59,7 @@ IsolationType | String | Type of the isolation. Allowed values are: 'Full' or 'S
**IsolationType** controls the type of isolation to perform and can be one of the following:
- Full Full isolation
- Selective Restrict only limited set of applications from accessing the network
- Selective Restrict only limited set of applications from accessing the network (see [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network) for more details)
## Response

5
windows/security/threat-protection/windows-defender-atp/machineactionsnote.md Normal file
View File

@ -0,0 +1,5 @@
---
ms.date: 08/28/2017
---
>[!Note]
> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP.

2
windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md
View File

@ -21,6 +21,8 @@ ms.date: 12/08/2017
Offboard machine from WDATP.
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)

4
windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md
View File

@ -181,7 +181,7 @@ Depending on the severity of the attack and the sensitivity of the machine, you
This machine isolation feature disconnects the compromised machine from the network while retaining connectivity to the Windows Defender ATP service, which continues to monitor the machine.
On Windows 10, version 1709 or later, you'll have additional control over the network isolation level. You can also choose to enable Outlook and Skype for Business connectivity.
On Windows 10, version 1709 or later, you'll have additional control over the network isolation level. You can also choose to enable Outlook and Skype for Business connectivity (a.k.a 'Selective Isolation').
>[!NOTE]
>Youll be able to reconnect the machine back to the network at any time.
@ -197,7 +197,7 @@ On Windows 10, version 1709 or later, you'll have additional control over the ne
![Image of isolate machine](images/atp-actions-isolate-machine.png)
3. Select the check-box if you'd like to enable Outlook and Skype communication while the machine is isolated.
3. Select the check-box if you'd like to enable Outlook and Skype communication while the machine is isolated (a.k.a. 'Selective Isolation').
![Image of isolation confirmation](images/atp-confirm-isolate.png)

2
windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md
View File

@ -21,6 +21,8 @@ ms.date: 12/08/2017
Restrict execution of all applications on the machine except a predefined set (see [Response machine alerts](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information)
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)

2
windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md
View File

@ -21,6 +21,8 @@ ms.date: 12/08/2017
Initiate Windows Defender Antivirus scan on a machine.
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)

4
windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md
View File

@ -19,10 +19,10 @@ ms.date: 12/08/2017
[!include[Prerelease information](prerelease.md)]
Enable execution of any application on the machine.
[!include[Machine actions note](machineactionsnote.md)]
## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)