Merge pull request #7471 from MicrosoftDocs/security3

add more missing values to security3

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Device Registration for Hybrid Azure AD joined key trust Windows Hello for Business
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Directory Synchronization for Hybrid Azure AD joined key trust Windows Hello for Business
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md

@@ -14,6 +14,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Hybrid Azure AD joined Key trust Windows Hello for Business Prerequisites
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Hybrid Azure AD joined Key Trust Deployment
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Hybrid Azure AD joined Windows Hello for Business Key Trust Provisioning
 ## Provisioning

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md

@@ -10,6 +10,7 @@ ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
 ms.date: 4/30/2021
+ms.technology: itpro-security
 ---
 # Configuring Hybrid Azure AD joined key trust Windows Hello for Business: Active Directory
 appliesto:

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Hybrid Azure AD joined Windows Hello for Business: Directory Synchronization
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Hybrid Azure AD joined Windows Hello for Business: Public Key Infrastructure
 
@@ -84,7 +85,7 @@ The certificate template is configured to supersede all the certificate template
 
 The certificate authority may only issue certificates for certificate templates that are published to that certificate authority.  If you have more than one certificate authority and you want that certificate authority to issue certificates based on a specific certificate template, then you must publish the certificate template to all certificate authorities that are expected to issue the certificate.
 
-Sign-in to the certificate authority or management workstations with an _enterprise administrator_ equivalent credentials.
+Sign-in to the certificate authority or management workstations with _enterprise administrator_ equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 2. Expand the parent node from the navigation pane.

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Hybrid Azure AD joined Windows Hello for Business: Group Policy
 
@@ -27,7 +28,7 @@ Alternatively, you can create copy the .ADMX and .ADML files from a Windows 10 C
 
 Domain controllers of Windows Hello for Business deployments need one Group Policy setting, which enables automatic certificate enrollment for the newly create domain controller authentication certificate. This policy setting ensures domain controllers (new and existing) automatically request and renew the correct domain controller certificate.  
 
-Hybrid Azure AD-joined devices needs one Group Policy setting:
+Hybrid Azure AD-joined devices need one Group Policy setting:
 * Enable Windows Hello for Business
 
 ### Configure Domain Controllers for Automatic Certificate Enrollment
@@ -123,13 +124,13 @@ The default configuration for Windows Hello for Business is to prefer hardware p
 
 You can enable and deploy the **Use a hardware security device** Group Policy Setting to force Windows Hello for Business to only create hardware protected credentials.  Users that sign-in from a computer incapable of creating a hardware protected credential do not enroll for Windows Hello for Business.
 
-Another policy setting becomes available when you enable the **Use a hardware security device** Group Policy setting that enables you to prevent Windows Hello for Business enrollment from using version 1.2 Trusted Platform Modules (TPM). Version 1.2 TPMs typically perform cryptographic operations slower than version 2.0 TPMs and are more unforgiving during anti-hammering and PIN lockout activities. Therefore, some organization may want not want slow sign-in performance and management overhead associated with version 1.2 TPMs. To prevent Windows Hello for Business from using version 1.2 TPMs, simply select the TPM 1.2 check box after you enable the Use a hardware security device Group Policy object.
+Another policy setting becomes available when you enable the **Use a hardware security device** Group Policy setting that enables you to prevent Windows Hello for Business enrollment from using version 1.2 Trusted Platform Modules (TPM). Version 1.2 TPMs typically perform cryptographic operations slower than version 2.0 TPMs and are more unforgiving during anti-hammering and PIN lockout activities. Some organizations may not want slow sign-in performance and management overhead associated with version 1.2 TPMs. To prevent Windows Hello for Business from using version 1.2 TPMs, select the TPM 1.2 check box after you enable the Use a hardware security device Group Policy object.
 
 #### Use biometrics
 
 Windows Hello for Business provides a great user experience when combined with the use of biometrics.  Rather than providing a PIN to sign-in, a user can use a fingerprint or facial recognition to sign-in to Windows, without sacrificing security.  
 
-The default Windows Hello for Business enables users to enroll and use biometrics. However, some organization may want more time before using biometrics and want to disable their use until they are ready. To not allow users to use biometrics, configure the **Use biometrics** Group Policy setting to disabled and apply it to your computers.  The policy setting disabled all biometrics. Currently, Windows does not provide granular policy setting that enable you to disable specific modalities of biometrics such as allow facial recognition, but disallow fingerprint.
+The default Windows Hello for Business enables users to enroll and use biometrics. However, some organization may want more time before using biometrics and want to disable their use until they are ready. To not allow users to use biometrics, configure the **Use biometrics** Group Policy setting to disabled and apply it to your computers.  The policy setting disabled all biometrics. Currently, Windows doesn't provide the ability to set granular policies that enable you to disable specific modalities of biometrics, such as allowing facial recognition but disallowing fingerprint recognition.
 
 ### PIN Complexity
 

windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>Hybrid deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Hybrid Azure AD joined Windows Hello for Business key trust settings
 

windows/security/identity-protection/hello-for-business/hello-identity-verification.md

@@ -12,6 +12,7 @@ ms.collection:
 ms.topic: article
 localizationpriority: medium
 ms.date: 2/15/2022
+ms.technology: itpro-security
 ---
 
 # Windows Hello for Business Deployment Prerequisite Overview

windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>On-premises deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Prepare and Deploy Windows Server 2016 Active Directory Federation Services with Key Trust
 
@@ -28,7 +29,7 @@ If your environment has an existing instance of Active Directory Federation Serv
 
 Ensure you apply the Windows Server 2016 Update to all nodes in the farm after you have successfully completed the upgrade. 
 
-A new Active Directory Federation Services farm should have a minimum of two federation servers for proper load balancing, which can be accomplished with an external networking peripherals, or with using the Network Load Balancing Role included in Windows Server.
+A new Active Directory Federation Services farm should have a minimum of two federation servers for proper load balancing, which can be accomplished with external networking peripherals, or with using the Network Load Balancing Role included in Windows Server.
 
 Prepare the Active Directory Federation Services deployment by installing and updating two Windows Server 2016 Servers. Ensure the update listed below is applied to each server before continuing. 
 
@@ -114,7 +115,7 @@ The service account used for the device registration server depends on the domai
 
 ### Windows Server 2012 or later Domain Controllers
 
-Windows Server 2012 or later domain controllers support Group Managed Service Accounts—the preferred way to deploy service accounts for services that support them.  Group Managed Service Accounts, or GMSA have security advantages over normal user accounts because Windows handles password management.  This means the password is long, complex, and changes periodically.  The best part of GMSA is all this happens automatically.  AD FS supports GMSA and should be configured using them for additional defense in depth security.
+Windows Server 2012 or later domain controllers support Group Managed Service Accounts—the preferred way to deploy service accounts for services that support them. Group Managed Service Accounts, or GMSA, have security advantages over normal user accounts because Windows handles password management. This means the password is long, complex, and changes periodically. The best part of GMSA is all this happens automatically. AD FS supports GMSA and should be configured using them for additional defense in depth security.
 
 GSMA uses the Microsoft Key Distribution Service that is located on Windows Server 2012 or later domain controllers. Windows uses the Microsoft Key Distribution Service to protect secrets stored and used by the GSMA. Before you can create a GSMA, you must first create a root key for the service. You can skip this if your environment already uses GSMA.
 
@@ -126,7 +127,7 @@ Sign-in a domain controller with _Enterprise Admin_ equivalent credentials.
 
 ### Windows Server 2008 or 2008 R2 Domain Controllers
 
-Windows Server 2008 and 2008 R2 domain controllers do not host the Microsoft Key Distribution Service, nor do they support Group Managed Service Accounts.  Therefore, you must use create a normal user account as a service account where you are responsible for changing the password on a regular basis.
+Windows Server 2008 and 2008 R2 domain controllers do not host the Microsoft Key Distribution Service, nor do they support Group Managed Service Accounts. Therefore, you must use or create a normal user account as a service account where you are responsible for changing the password on a regular basis.
 
 #### Create an AD FS Service Account
 

windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>On-premises deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Configure Windows Hello for Business Policy settings - Key Trust
 
@@ -76,13 +77,13 @@ The default configuration for Windows Hello for Business is to prefer hardware p
 
 You can enable and deploy the **Use a hardware security device** Group Policy Setting to force Windows Hello for Business to only create hardware protected credentials.  Users that sign-in from a computer incapable of creating a hardware protected credential do not enroll for Windows Hello for Business.
 
-Another policy setting becomes available when you enable the **Use a hardware security device** Group Policy setting that enables you to prevent Windows Hello for Business enrollment from using version 1.2 Trusted Platform Modules (TPM). Version 1.2 TPMs typically perform cryptographic operations slower than version 2.0 TPMs and are more unforgiving during anti-hammering and PIN lockout activities. Therefore, some organization may want not want slow sign-in performance and management overhead associated with version 1.2 TPMs. To prevent Windows Hello for Business from using version 1.2 TPMs, simply select the TPM 1.2 check box after you enable the Use a hardware security device Group Policy object.
+Another policy setting becomes available when you enable the **Use a hardware security device** Group Policy setting that enables you to prevent Windows Hello for Business enrollment from using version 1.2 Trusted Platform Modules (TPM). Version 1.2 TPMs typically perform cryptographic operations slower than version 2.0 TPMs and are more unforgiving during anti-hammering and PIN lockout activities. Some organizations may not want slow sign-in performance and management overhead associated with version 1.2 TPMs. To prevent Windows Hello for Business from using version 1.2 TPMs, select the TPM 1.2 check box after you enable the Use a hardware security device Group Policy object.
 
 ### Use biometrics
 
 Windows Hello for Business provides a great user experience when combined with the use of biometrics.  Rather than providing a PIN to sign-in, a user can use a fingerprint or facial recognition to sign-in to Windows, without sacrificing security.  
 
-The default Windows Hello for Business enables users to enroll and use biometrics. However, some organization may want more time before using biometrics and want to disable their use until they are ready. To not allow users to use biometrics, configure the **Use biometrics** Group Policy setting to disabled and apply it to your computers.  The policy setting disabled all biometrics. Currently, Windows does not provide granular policy setting that enable you to disable specific modalities of biometrics such as allow facial recognition, but disallow fingerprint.
+The default Windows Hello for Business enables users to enroll and use biometrics. However, some organization may want more time before using biometrics and want to disable their use until they are ready. To not allow users to use biometrics, configure the **Use biometrics** Group Policy setting to disabled and apply it to your computers.  The policy setting disabled all biometrics.  Currently, Windows does not provide the ability to set granular policies that enable you to disable specific modalities of biometrics, such as allowing facial recognition, but disallowing fingerprint recognition.
 
 ### PIN Complexity
 

windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>On-premises deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Validate Active Directory prerequisites - Key Trust
 

windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>On-premises deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Validate and Deploy Multifactor Authentication (MFA)
 

windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 11</b>
   - ✅ <b>On-premises deployment</b>
   - ✅ <b>Key trust</b>
+ms.technology: itpro-security
 ---
 # Validate and Configure Public Key Infrastructure - Key Trust
 
@@ -22,13 +23,13 @@ Windows Hello for Business must have a public key infrastructure regardless of t
 
 ## Deploy an enterprise certificate authority
 
-This guide assumes most enterprise have an existing public key infrastructure.  Windows Hello for Business depends on a Windows enterprise public key infrastructure running the Active Directory Certificate Services role from Windows Server 2012 or later.
+This guide assumes most enterprises have an existing public key infrastructure.  Windows Hello for Business depends on a Windows enterprise public key infrastructure running the Active Directory Certificate Services role from Windows Server 2012 or later.
 
 ### Lab-based public key infrastructure
 
 The following instructions may be used to deploy simple public key infrastructure that is suitable for a lab environment.
 
-Sign-in using _Enterprise Admin_ equivalent credentials on Windows Server 2012 or later server where you want the certificate authority installed.
+Sign in using **Enterprise Admin** equivalent credentials on Windows Server 2012 or later server where you want the certificate authority installed.
 
 >[!NOTE]
 >Never install a certificate authority on a domain controller in a production environment.
@@ -56,7 +57,7 @@ Domain controllers automatically request a domain controller certificate (if pub
 
 By default, the Active Directory Certificate Authority provides and publishes the Kerberos Authentication certificate template.  However, the cryptography configuration included in the provided template is based on older and less performant cryptography APIs.  To ensure domain controllers request the proper certificate with the best available cryptography, use the Kerberos Authentication certificate template as a baseline to create an updated domain controller certificate template.
 
-Sign-in to a certificate authority or management workstations with _Domain Admin_ equivalent credentials.
+Sign in to a certificate authority or management workstations with **Domain Admin** equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 
@@ -83,7 +84,7 @@ Many domain controllers may have an existing domain controller certificate.  The
 
 The Kerberos Authentication certificate template is the most current certificate template designated for domain controllers and should be the one you deploy to all your domain controllers (2008 or later).   The autoenrollment feature in Windows enables you to effortlessly replace these domain controller certificates.  You can use the following configuration to replace older domain controller certificates with a new certificate using the Kerberos Authentication certificate template. 
 
-Sign-in to a certificate authority or management workstations with _Enterprise Admin_ equivalent credentials.
+Sign in to a certificate authority or management workstations with _Enterprise Admin_ equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 
@@ -109,7 +110,7 @@ The certificate template is configured to supersede all the certificate template
 
 Windows clients use the https protocol when communicating with Active Directory Federation Services.  To meet this need, you must issue a server authentication certificate to all the nodes in the Active Directory Federation Services farm.  On-premises deployments can use a server authentication certificate issued by their enterprise PKI.  You must configure a server authentication certificate template so the host running the Active Directory Federation Service can request the certificate. 
 
-Sign-in to a certificate authority or management workstations with _Domain Admin_ equivalent credentials.
+Sign in to a certificate authority or management workstations with _Domain Admin_ equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 
@@ -140,7 +141,7 @@ The certificate authority only issues certificates based on published certificat
 
 The newly created domain controller authentication certificate template supersedes previous domain controller certificate templates.  Therefore, you need to unpublish these certificate templates from all issuing certificate authorities.
 
-Sign-in to the certificate authority or management workstation with _Enterprise Admin_ equivalent credentials.
+Sign in to the certificate authority or management workstation with _Enterprise Admin_ equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 
@@ -156,7 +157,7 @@ Sign-in to the certificate authority or management workstation with _Enterprise
 
 The certificate authority may only issue certificates for certificate templates that are published to that certificate authority.  If you have more than one certificate authority and you want that certificate authority to issue certificates based on a specific certificate template, then you must publish the certificate template to all certificate authorities that are expected to issue the certificate.
 
-Sign-in to the certificate authority or management workstations with an _Enterprise Admin_ equivalent credentials.
+Sign in to the certificate authority or management workstations with **Enterprise Admin** equivalent credentials.
 
 1. Open the **Certificate Authority** management console.
 
@@ -204,7 +205,7 @@ Domain controllers automatically request a certificate from the domain controlle
 
 ### Deploy the Domain Controller Auto Certificate Enrollment Group Policy Object
 
-Sign-in to a domain controller or management workstations with _Domain Admin_ equivalent credentials.
+Sign in to domain controller or management workstations with _Domain Admin_ equivalent credentials.
 
 1. Start the **Group Policy Management Console** (gpmc.msc).
 

windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md

@@ -15,6 +15,7 @@ ms.date: 2/15/2022
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # Manage Windows Hello for Business in your organization

windows/security/identity-protection/hello-for-business/hello-overview.md

@@ -15,6 +15,7 @@ appliesto:
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
   - ✅ <b>Windows Holographic for Business</b>
+ms.technology: itpro-security
 ---
 # Windows Hello for Business Overview
 

windows/security/identity-protection/hello-for-business/hello-planning-guide.md

@@ -14,6 +14,7 @@ ms.date: 09/16/2020
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # Planning a Windows Hello for Business Deployment
 

windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md

@@ -13,6 +13,7 @@ ms.date: 08/19/2018
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # Prepare people to use Windows Hello
 

windows/security/identity-protection/hello-for-business/hello-videos.md

@@ -13,6 +13,7 @@ ms.date: 07/26/2022
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # Windows Hello for Business Videos
 ## Overview of Windows Hello for Business and Features

windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md

@@ -15,6 +15,7 @@ ms.date: 10/23/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # Why a PIN is better than an online password
 

windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md

@@ -10,6 +10,7 @@ ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
 ms.date: 11/14/2018
+ms.technology: itpro-security
 ---
 # What is a Microsoft-compatible security key?
 
@@ -26,6 +27,6 @@ A security key **MUST** implement the following features and extensions from the
 | #</br> | Feature / Extension trust</br> | Why is this required? </br> |
 | --- | --- | --- | 
 | 1 | Resident key | This feature enables the security key to be portable, where your credential is stored on the security key |
-| 2 | Client pin | This feature enables you to protect your credentials with a second factor and applies to security keys that do not have an user interface|
+| 2 | Client pin | This feature enables you to protect your credentials with a second factor and applies to security keys that do not have a user interface|
 | 3 | hmac-secret | This extension ensures you can sign-in to your device when it's off-line or in airplane mode |
 | 4 | Multiple accounts per RP | This feature ensures you can use the same security key across multiple services like Microsoft Account (MSA) and Azure Active Directory (AAD) |

windows/security/identity-protection/hello-for-business/passwordless-strategy.md

@@ -13,6 +13,7 @@ ms.date: 05/24/2022
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # Password-less strategy

windows/security/identity-protection/hello-for-business/reset-security-key.md

@@ -10,6 +10,7 @@ ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
 ms.date: 11/14/2018
+ms.technology: itpro-security
 ---
 # How to reset a Microsoft-compatible security key? 
 > [!Warning]

windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md

@@ -11,6 +11,7 @@ ms.topic: article
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # How Windows Hello for Business works in Windows devices
 

windows/security/identity-protection/hello-for-business/webauthn-apis.md

@@ -13,6 +13,7 @@ ms.date: 09/15/2022
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # WebAuthn APIs for passwordless authentication on Windows
 <!--MAXADO-6021798-->

windows/security/identity-protection/index.md

@@ -12,6 +12,7 @@ ms.date: 02/05/2018
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # Identity and access management

windows/security/identity-protection/password-support-policy.md

@@ -11,6 +11,7 @@ author: paolomatarazzo
 ms.author: paoloma
 manager: aaroncz
 ms.date: 11/20/2019
+ms.technology: itpro-security
 ---
 
 # Technical support policy for lost or forgotten passwords

windows/security/identity-protection/remote-credential-guard.md

@@ -14,6 +14,7 @@ ms.date: 01/12/2018
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 # Protect Remote Desktop credentials with Windows Defender Remote Credential Guard
 

windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 # Smart Card and Remote Desktop Services
 

windows/security/identity-protection/smart-cards/smart-card-architecture.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Architecture

windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Certificate Propagation Service

windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Certificate Requirements and Enumeration

windows/security/identity-protection/smart-cards/smart-card-debugging-information.md

@@ -18,6 +18,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Troubleshooting

windows/security/identity-protection/smart-cards/smart-card-events.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Events

windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Group Policy and Registry Settings

windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md

@@ -17,6 +17,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # How Smart Card Sign-in Works in Windows

windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Removal Policy Service

windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Cards for Windows Service

windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Tools and Settings

windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md

@@ -16,6 +16,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # Smart Card Technical Reference

windows/security/identity-protection/user-account-control/how-user-account-control-works.md

@@ -18,6 +18,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # How User Account Control works

windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md

@@ -18,6 +18,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # User Account Control Group Policy and registry key settings

windows/security/identity-protection/user-account-control/user-account-control-overview.md

@@ -18,6 +18,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # User Account Control

windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md

@@ -17,6 +17,7 @@ appliesto:
   - ✅ <b>Windows Server 2016</b>
   - ✅ <b>Windows Server 2019</b>
   - ✅ <b>Windows Server 2022</b>
+ms.technology: itpro-security
 ---
 
 # User Account Control security policy settings

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md

@@ -12,6 +12,7 @@ ms.date: 04/19/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Deploy Virtual Smart Cards

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md

@@ -12,6 +12,7 @@ ms.date: 04/19/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Evaluate Virtual Smart Card Security

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md

@@ -12,6 +12,7 @@ ms.date: 04/19/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Get Started with Virtual Smart Cards: Walkthrough Guide

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md

@@ -12,6 +12,7 @@ ms.date: 10/13/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Virtual Smart Card Overview

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md

@@ -12,6 +12,7 @@ ms.date: 04/19/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Tpmvscmgr

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md

@@ -12,6 +12,7 @@ ms.date: 04/19/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Understanding and Evaluating Virtual Smart Cards

windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md

@@ -12,6 +12,7 @@ ms.date: 10/13/2017
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows Server 2016</b>
+ms.technology: itpro-security
 ---
 
 # Use Virtual Smart Cards

windows/security/identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # How to configure Diffie Hellman protocol over IKEv2 VPN connections

windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md

@@ -10,6 +10,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # How to use Single Sign-On (SSO) over VPN and Wi-Fi connections

windows/security/identity-protection/vpn/vpn-authentication.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN authentication options

windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN auto-triggered profile options

windows/security/identity-protection/vpn/vpn-conditional-access.md

@@ -11,6 +11,7 @@ ms.date: 09/23/2021
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN and conditional access

windows/security/identity-protection/vpn/vpn-connection-type.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN connection types

windows/security/identity-protection/vpn/vpn-guide.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # Windows VPN technical guide

windows/security/identity-protection/vpn/vpn-name-resolution.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN name resolution

windows/security/identity-protection/vpn/vpn-office-365-optimization.md

@@ -12,6 +12,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # Optimizing Office 365 traffic for remote workers with the native Windows 10 and Windows 11 VPN client
 

windows/security/identity-protection/vpn/vpn-profile-options.md

@@ -11,6 +11,7 @@ ms.date: 05/17/2018
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 
 # VPN profile options

windows/security/identity-protection/vpn/vpn-routing.md

@@ -11,6 +11,7 @@ ms.reviewer: pesmith
 appliesto: 
   - ✅ <b>Windows 10</b>
   - ✅ <b>Windows 11</b>
+ms.technology: itpro-security
 ---
 # VPN routing decisions