deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into asr-rules-19H1

Browse Source
This commit is contained in:
Justin Hall
2019-05-14 12:15:28 -07:00
committed by GitHub
parent 1fea68fd25 2a48e19222
commit 252ff14a89
8 changed files with 477 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
windows/security/information-protection/windows-information-protection/images/wip-azure-advanced-settings-optional.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 44 KiB

After

Width:  |  Height:  |  Size: 42 KiB

5
windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
View File

@ -59,9 +59,12 @@ For more information about disabling local list merging, see [Prevent or allow u
![Create endpoint protection profile](images/create-endpoint-protection-profile.png)
1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**.
1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**.
![Enable controlled folder access in Intune](images/enable-cfa-intune.png)
>[!NOTE]
>Wilcard is supported for applications, but not for folders. Subfolders are not protected. Allowed apps will continue to trigger events until they are restarted.
1. Click **OK** to save each open blade and click **Create**.
1. Click the profile **Assignments**, assign to **All Users & All Devices**, and click **Save**.
@ -93,7 +96,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
- **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
- **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
![Screenshot of group policy option with Enabled and then Enable selected in the drop down](images/cfa-gp-enable.png)
![Screenshot of group policy option with Enabled and then Enable selected in the drop-down](images/cfa-gp-enable.png)
>[!IMPORTANT]
>To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu.

2
windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: andreabichsel
ms.author: v-anbic
ms.date: 04/22/2019
ms.date: 05/09/2019
---
# Enable exploit protection

2
windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
View File

@ -101,7 +101,7 @@ You can enable the feature in audit mode using the following cmdlet:
Set-MpPreference -EnableNetworkProtection AuditMode
```
Use `Disabled` insead of `AuditMode` or `Enabled` to turn the feature off.
Use `Disabled` instead of `AuditMode` or `Enabled` to turn the feature off.
## Related topics

6
windows/security/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: andreabichsel
ms.author: v-anbic
ms.date: 04/02/2019
ms.date: 05/10/2019
---
# Evaluate network protection
@ -22,7 +22,7 @@ ms.date: 04/02/2019
[Network protection](network-protection-exploit-guard.md) helps prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
This topic helps you evaluate Network protection by enabling the feature and guiding you to a testing site. The site in this evaluation topic are not malicious, they are specially created websites that pretend to be malicious. The site will replicate the behavior that would happen if a user visted a malicious site or domain.
This topic helps you evaluate Network protection by enabling the feature and guiding you to a testing site. The site in this evaluation topic are not malicious, they are specially created websites that pretend to be malicious. The site will replicate the behavior that would happen if a user visited a malicious site or domain.
>[!TIP]
@ -34,7 +34,7 @@ You can enable network protection in audit mode to see which IP addresses and do
You might want to do this to make sure it doesn't affect line-of-business apps or to get an idea of how often blocks occur.
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**
2. Enter the following cmdlet:
```PowerShell