deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into pm-7847341-bitlocker-refresh

Browse Source
This commit is contained in:
Gary Moore 2023-11-02 11:41:56 -07:00 committed by GitHub
commit 2134d14e33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 36 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
education/windows/take-a-test-app-technical.md
View File

@ -1,7 +1,7 @@
--- ---
title: Take a Test app technical reference title: Take a Test app technical reference
description: List of policies and settings applied by the Take a Test app. description: List of policies and settings applied by the Take a Test app.
ms.date: 03/31/2023 ms.date: 11/02/2023
ms.topic: reference ms.topic: reference
--- ---
@ -11,11 +11,11 @@ Take a Test is an application that locks down a device and displays an online as
Whether you're a teacher or IT administrator, you can configure Take a Test to meet your testing needs. For high-stakes tests, the app creates a browser-based, locked-down environment. This environment means that students taking the tests that don't have copy/paste privileges, can't access to files and applications, and are free from distractions. For simple tests and quizzes, Take a Test can be configured to use the teacher's preferred assessment website to deliver digital assessments. Whether you're a teacher or IT administrator, you can configure Take a Test to meet your testing needs. For high-stakes tests, the app creates a browser-based, locked-down environment. This environment means that students taking the tests that don't have copy/paste privileges, can't access to files and applications, and are free from distractions. For simple tests and quizzes, Take a Test can be configured to use the teacher's preferred assessment website to deliver digital assessments.
Assessment vendors can use Take a Test as a platform to lock down the operating system. Take a Test supports the [SBAC browser API standard](https://www.smarterapp.org/documents/SecureBrowserRequirementsSpecifications_0-3.pdf) for high stakes common core testing. For more information, see [Take a Test Javascript API](/windows/uwp/apps-for-education/take-a-test-api). Assessment vendors can use Take a Test as a platform to lock down the operating system. Take a Test supports the [SBAC browser API standard](https://www.smarterapp.org/documents/SecureBrowserRequirementsSpecifications_0-3.pdf) for high stakes common core testing. For more information, see [Take a Test JavaScript API](/windows/uwp/apps-for-education/take-a-test-api).
## PC lock-down for assessment ## PC lock-down for assessment
When the assessment page initiates lock-down, the student's desktop will be locked and the app will be launched above the Windows lock screen to provide a sandbox that ensures the student can only interact with the Take a Test app. After transitioning to the lock screen, Take a Test will apply local MDM policies to further lock down the device. The whole process of going above the lock screen and applying policies is what defines lock-down. The lock-down process is atomic, which means that if any part of the lock-down operation fails, the app won't be above lock and won't have any of the policies applied. When the assessment page initiates lock-down, the student's desktop is locked and the app executes above the Windows lock screen. This provides a sandbox that ensures the student can only interact with the Take a Test app. After transitioning to the lock screen, Take a Test applies local MDM policies to further lock down the device. The whole process of going above the lock screen and applying policies is what defines lock-down. The lock-down process is atomic, which means that if any part of the lock-down operation fails, the app won't be above lock and won't have any of the policies applied.
When running above the lock screen: When running above the lock screen:
@ -25,7 +25,7 @@ When running above the lock screen:
- System clipboard is cleared - System clipboard is cleared
- Web apps can query the processes currently running in the user's device - Web apps can query the processes currently running in the user's device
- Extended display shows up as black - Extended display shows up as black
- Auto-fill is disabled - Autofill is disabled
## Mobile device management (MDM) policies ## Mobile device management (MDM) policies
@ -36,7 +36,7 @@ When Take a Test is running, the following MDM policies are applied to lock down
| AllowToasts | Disables toast notifications from being shown | 0 | | AllowToasts | Disables toast notifications from being shown | 0 |
| AllowAppStoreAutoUpdate | Disables automatic updates for Store apps that are installed on the PC | 0 | | AllowAppStoreAutoUpdate | Disables automatic updates for Store apps that are installed on the PC | 0 |
| AllowDeviceDiscovery | Disables UI for screen sharing | 0 | | AllowDeviceDiscovery | Disables UI for screen sharing | 0 |
| AllowInput Panel | Disables the onscreen keyboard, which will disable auto-fill | 0 | | AllowInput Panel | Disables the onscreen keyboard, which disables autofill | 0 |
| AllowCortana | Disables Cortana functionality | 0 | | AllowCortana | Disables Cortana functionality | 0 |
| AllowAutoupdate | Disables Windows Update from starting OS updates | 5 | | AllowAutoupdate | Disables Windows Update from starting OS updates | 5 |
@ -61,7 +61,7 @@ When Take a Test is running, the following functionality is available to student
- Magnifier is available through <kbd>Win</kbd>+<kbd>+</kbd> - Magnifier is available through <kbd>Win</kbd>+<kbd>+</kbd>
- The student can press <kbd>Alt</kbd>+<kbd>Tab</kbd> when locked down. This key press results in the student being able to switch between the following elements: - The student can press <kbd>Alt</kbd>+<kbd>Tab</kbd> when locked down. This key press results in the student being able to switch between the following elements:
- Take a Test - Take a Test
- Assistive technology that may be running - Assistive technology that might be running
- Lock screen (not available if student is using a dedicated test account) - Lock screen (not available if student is using a dedicated test account)
> [!NOTE] > [!NOTE]
@ -77,22 +77,22 @@ When permissive mode is triggered in lock-down mode, Take a Test transitions fro
When running tests in this mode, keep the following points in mind: When running tests in this mode, keep the following points in mind:
- Permissive mode isn't supported in kiosk mode (dedicated test account) - Permissive mode isn't supported in kiosk mode (dedicated test account)
- Permissive mode can be triggered from the web app running within Take a Test. Alternatively, you can create a link or shortcut without "#enforcelockdown" and it will launch in permissive mode - Permissive mode can be triggered from the web app running within Take a Test. Alternatively, you can create a link or shortcut without "#enforcelockdown" and it launches in permissive mode
## Troubleshoot Take a Test with the event viewer ## Troubleshoot Take a Test with the event viewer
You can use the Event Viewer to view Take a Test events and errors. Take a Test logs events when a lock-down request has been received, device enrollment has succeeded, lock-down policies were successfully applied, and more. You can use the Event Viewer to view Take a Test events and errors. Take a Test logs events when it receives a lock-down request, device enrollment completes, lock-down policies are successfully applied, and more.
To enable viewing events in the Event Viewer: To enable viewing events in the Event Viewer:
1. Open the `Event Viewer` 1. Open the Event Viewer
1. Navigate to `Applications and Services Logs > Microsoft > Windows > Management-SecureAssessment` 1. Navigate to **Applications and Services Logs** > **Microsoft** > **Windows** > **Management-SecureAssessment**
1. Select `Operational` > `Enable Log` 1. Select **Operational** > **Enable Log**
To save the event logs: To save the event logs:
1. Select `Operational` > `Save All Events As…` 1. Select **Operational** > **Save All Events As…**
## Learn more ## Learn more
[Take a Test API](/windows/uwp/apps-for-education/take-a-test-api) [Take a Test API](/windows/uwp/apps-for-education/take-a-test-api)

40
education/windows/windows-11-se-overview.md
View File

@ -2,7 +2,7 @@
title: Windows 11 SE Overview title: Windows 11 SE Overview
description: Learn about Windows 11 SE, and the apps that are included with the operating system. description: Learn about Windows 11 SE, and the apps that are included with the operating system.
ms.topic: overview ms.topic: overview
ms.date: 08/03/2023 ms.date: 11/02/2023
appliesto: appliesto:
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a> - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
ms.collection: ms.collection:
@ -13,7 +13,7 @@ ms.collection:
# Windows 11 SE Overview # Windows 11 SE Overview
Windows 11 SE is an edition of Windows that's designed for education. Windows SE runs on web-first devices that use essential education apps, and it comes with Microsoft Office 365 preinstalled (subscription sold separately). Windows 11 SE is an edition of Windows designed for education. Windows SE runs on web-first devices that use essential education apps, and it comes with Microsoft Office 365 preinstalled (subscription sold separately).
For education customers seeking cost-effective devices, Microsoft Windows 11 SE is a great choice. Windows 11 SE includes the following benefits: For education customers seeking cost-effective devices, Microsoft Windows 11 SE is a great choice. Windows 11 SE includes the following benefits:
@ -35,8 +35,8 @@ The following table lists the different application types available in Windows o
| --- | --- | :---: | ---| | --- | --- | :---: | ---|
|Progressive Web Apps (PWAs) | PWAs are web-based applications that can run in a browser and that can be installed as standalone apps. |✅|PWAs are enabled by default in Windows 11 SE.| |Progressive Web Apps (PWAs) | PWAs are web-based applications that can run in a browser and that can be installed as standalone apps. |✅|PWAs are enabled by default in Windows 11 SE.|
| Web apps | Web apps are web-based applications that run in a browser. | ✅ | Web apps are enabled by default in Windows 11 SE. | | Web apps | Web apps are web-based applications that run in a browser. | ✅ | Web apps are enabled by default in Windows 11 SE. |
|`Win32`| `Win32` applications are Windows classic applications that may require installation |⛔| If users try to install or execute `Win32` applications that haven't been allowed to run, they fail.| |`Win32`| `Win32` applications are Windows classic applications that might require installation |⛔| If users try to install or execute `Win32` applications that aren't allowed to run, they fail.|
|Universal Windows Platform (UWP)/Store apps |UWP apps are commonly obtained from the Microsoft Store and may require installation |⛔|If users try to install or execute UWP applications that haven't been allowed to run, they fail.| |Universal Windows Platform (UWP)/Store apps |UWP apps are commonly obtained from the Microsoft Store and might require installation |⛔|If users try to install or execute UWP applications that haven't been allowed to run, they fail.|
> [!IMPORTANT] > [!IMPORTANT]
> If there are specific `Win32` or UWP applications that you want to allow, work with Microsoft to get them enabled. For more information, see [Add your own applications](#add-your-own-applications). > If there are specific `Win32` or UWP applications that you want to allow, work with Microsoft to get them enabled. For more information, see [Add your own applications](#add-your-own-applications).
@ -48,33 +48,33 @@ The following table lists all the applications included in Windows 11 SE and the
| App name | App type | Pinned to Start? | Pinned to taskbar? | | App name | App type | Pinned to Start? | Pinned to taskbar? |
|:-----------------------------|:--------:|:----------------:|:------------------:| |:-----------------------------|:--------:|:----------------:|:------------------:|
| Alarm & Clock | UWP | | | | Alarm & Clock | UWP | | |
| Calculator | UWP | ✅ | | | Calculator | UWP | ✅ | |
| Camera | UWP | ✅ | | | Camera | UWP | ✅ | |
| Microsoft Edge | `Win32` | ✅ | ✅ | | Microsoft Edge | `Win32` | ✅ | ✅ |
| Excel | `Win32` | ✅ | | | Excel | `Win32` | ✅ | |
| Feedback Hub | UWP | | | | Feedback Hub | UWP | | |
| File Explorer | `Win32` | | ✅ | | File Explorer | `Win32` | | ✅ |
| FlipGrid | PWA | | | | FlipGrid | PWA | | |
| Get Help | UWP | | | | Get Help | UWP | | |
| Media Player | UWP | ✅ | | | Media Player | UWP | ✅ | |
| Maps | UWP | | | | Maps | UWP | | |
| Minecraft: Education Edition | UWP | | | | Minecraft: Education Edition | UWP | | |
| Movies & TV | UWP | | | | Movies & TV | UWP | | |
| News | UWP | | | | News | UWP | | |
| Notepad | `Win32` | | | | Notepad | `Win32` | | |
| OneDrive | `Win32` | | | | OneDrive | `Win32` | | |
| OneNote | `Win32` | ✅ | | | OneNote | `Win32` | ✅ | |
| Outlook | PWA | ✅ | | | Outlook | PWA | ✅ | |
| Paint | `Win32` | ✅ | | | Paint | `Win32` | ✅ | |
| Photos | UWP | | | | Photos | UWP | | |
| PowerPoint | `Win32` | ✅ | | | PowerPoint | `Win32` | ✅ | |
| Settings | UWP | ✅ | | | Settings | UWP | ✅ | |
| Snip & Sketch | UWP | | | | Snip & Sketch | UWP | | |
| Sticky Notes | UWP | | | | Sticky Notes | UWP | | |
| Teams | `Win32` | ✅ | | | Teams | `Win32` | ✅ | |
| To Do | UWP | | | | To Do | UWP | | |
| Whiteboard | UWP | ✅ | | | Whiteboard | UWP | ✅ | |
| Word | `Win32` | ✅ | | | Word | `Win32` | ✅ | |
## Available applications ## Available applications

4
includes/licensing/_licensing-requirements.md
View File

@ -1,7 +1,7 @@
--- ---
author: paolomatarazzo author: paolomatarazzo
ms.author: paoloma ms.author: paoloma
ms.date: 09/18/2023 ms.date: 11/02/2023
ms.topic: include ms.topic: include
--- ---
@ -30,7 +30,7 @@ ms.topic: include
|**[Enhanced phishing protection with SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection)**|Yes|Yes|Yes|Yes|Yes| |**[Enhanced phishing protection with SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection)**|Yes|Yes|Yes|Yes|Yes|
|**[Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection)**|Yes|Yes|Yes|Yes|Yes| |**[Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection)**|Yes|Yes|Yes|Yes|Yes|
|**[Federal Information Processing Standard (FIPS) 140 validation](/windows/security/security-foundations/certification/fips-140-validation)**|Yes|Yes|Yes|Yes|Yes| |**[Federal Information Processing Standard (FIPS) 140 validation](/windows/security/security-foundations/certification/fips-140-validation)**|Yes|Yes|Yes|Yes|Yes|
|**[Federated sign-in](/education/windows/federated-sign-in)**|❌|Yes|Yes|❌|❌| |**[Federated sign-in](/education/windows/federated-sign-in)**|❌|❌|❌|Yes|Yes|
|**[FIDO2 security key](/azure/active-directory/authentication/howto-authentication-passwordless-security-key)**|Yes|Yes|Yes|Yes|Yes| |**[FIDO2 security key](/azure/active-directory/authentication/howto-authentication-passwordless-security-key)**|Yes|Yes|Yes|Yes|Yes|
|**[Hardware-enforced stack protection](https://techcommunity.microsoft.com/t5/windows-os-platform-blog/understanding-hardware-enforced-stack-protection/ba-p/1247815)**|Yes|Yes|Yes|Yes|Yes| |**[Hardware-enforced stack protection](https://techcommunity.microsoft.com/t5/windows-os-platform-blog/understanding-hardware-enforced-stack-protection/ba-p/1247815)**|Yes|Yes|Yes|Yes|Yes|
|**[Hypervisor-protected Code Integrity (HVCI)](/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity)**|Yes|Yes|Yes|Yes|Yes| |**[Hypervisor-protected Code Integrity (HVCI)](/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity)**|Yes|Yes|Yes|Yes|Yes|

2
includes/licensing/federated-sign-in.md
View File

@ -17,6 +17,6 @@ Federated sign-in license entitlements are granted by the following licenses:
|Windows Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5| |Windows Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5|
|:---:|:---:|:---:|:---:|:---:| |:---:|:---:|:---:|:---:|:---:|
|Yes|Yes|Yes|No|No| |Yes|No|No|Yes|Yes|
For more information about Windows licensing, see [Windows licensing overview](/windows/whats-new/windows-licensing). For more information about Windows licensing, see [Windows licensing overview](/windows/whats-new/windows-licensing).