From dab356dcb9fb04cfe6ca29a28e654f49ef6707d1 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 7 Mar 2019 07:56:46 -0800 Subject: [PATCH 1/7] update dns record, authors --- ...y-internet-windows-defender-advanced-threat-protection.md | 3 +-- .../licensing-windows-defender-advanced-threat-protection.md | 5 ++--- ...r-concepts-windows-defender-advanced-threat-protection.md | 1 - ...on-reports-windows-defender-advanced-threat-protection.md | 1 + ...r-messages-windows-defender-advanced-threat-protection.md | 4 ++-- 5 files changed, 6 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 6c38860bcb..af70b1d7c7 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 02/14/2019 --- @@ -96,7 +95,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Service location | Microsoft.com DNS record :---|:--- -Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com``` +Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com```
```notify.windows.com ``` European Union | ```eu.vortex-win.data.microsoft.com```
```eu-v20.events.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com``` United Kingdom | ```uk.vortex-win.data.microsoft.com```
```uk-v20.events.data.microsoft.com```
```winatp-gw-uks.microsoft.com```
```winatp-gw-ukw.microsoft.com``` United States | ```us.vortex-win.data.microsoft.com```
```us-v20.events.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` diff --git a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md index 42437e4204..21e8be6036 100644 --- a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md @@ -8,14 +8,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: v-tanewt -author: tbit0001 +ms.author: macapara +author: mjcaparas ms.localizationpriority: medium manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/16/2017 --- # Validate licensing provisioning and complete set up for Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md index 32eb1e6116..c5f352e0ed 100644 --- a/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 09/03/2018 --- # Understand threat intelligence concepts diff --git a/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md index 04e187f344..6c4e812aaa 100644 --- a/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md @@ -8,6 +8,7 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +ms.author: macapara author: mjcaparas ms.localizationpriority: medium manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md index 61bb32e5a1..1c8f25ea55 100644 --- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md @@ -8,8 +8,8 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: v-tanewt -author: tbit0001 +ms.author: macapara +author: mjcaparas ms.localizationpriority: medium manager: dansimp audience: ITPro From aa87cd8d6ea573ebdfabd2c459f0d04848ec931b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 7 Mar 2019 07:59:14 -0800 Subject: [PATCH 2/7] space --- ...roxy-internet-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index af70b1d7c7..786987cff0 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -95,7 +95,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Service location | Microsoft.com DNS record :---|:--- -Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com```
```notify.windows.com ``` +Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com```
```notify.windows.com``` European Union | ```eu.vortex-win.data.microsoft.com```
```eu-v20.events.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com``` United Kingdom | ```uk.vortex-win.data.microsoft.com```
```uk-v20.events.data.microsoft.com```
```winatp-gw-uks.microsoft.com```
```winatp-gw-ukw.microsoft.com``` United States | ```us.vortex-win.data.microsoft.com```
```us-v20.events.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` From cc1eac328af0f7b5186323dfd58fe9f804c3374e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 7 Mar 2019 18:28:54 +0000 Subject: [PATCH 3/7] Updated TOC.md --- windows/security/threat-protection/windows-defender-atp/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index 59406a457e..ef54564a38 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -346,7 +346,7 @@ ####[Configure information protection in Windows](information-protection-in-windows-config.md) -### [Configure Windows Security app settings](preferences-setup-windows-defender-advanced-threat-protection.md) +### [Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md) #### General ##### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md) ##### [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md) From 38abef3782a9241f8fd34e1bf1f9c57b38bf55d7 Mon Sep 17 00:00:00 2001 From: "Andrea Bichsel (Aquent LLC)" Date: Thu, 7 Mar 2019 19:53:38 +0000 Subject: [PATCH 4/7] Fixed link --- ...-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md b/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md index 698d549d6c..7c9ec9ded2 100644 --- a/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md +++ b/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md @@ -47,7 +47,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M - Escrow TPM OwnerAuth For Windows 7, MBAM must own the TPM for escrow to occur. For Windows 8.1, Windows 10 RTM and Windows 10 version 1511, escrow of TPM OwnerAuth is supported. - For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details. + For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details. - Escrow recovery keys and recovery key packages @@ -66,7 +66,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M **MBAM\_Machine WMI Class** **PrepareTpmAndEscrowOwnerAuth:** Reads the TPM OwnerAuth and sends it to the MBAM recovery database by using the MBAM recovery service. If the TPM is not owned and auto-provisioning is not on, it generates a TPM OwnerAuth and takes ownership. If it fails, an error code is returned for troubleshooting. - **Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details. + **Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details. | Parameter | Description | | -------- | ----------- | @@ -179,7 +179,7 @@ Here are a list of common error messages: 3. Name the step **Persist TPM OwnerAuth** 4. Set the command line to `cscript.exe "%SCRIPTROOT%/SaveWinPETpmOwnerAuth.wsf"` - **Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details. + **Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details. 3. In the **State Restore** folder, delete the **Enable BitLocker** task. From bdec2adbeb9c3591e0a0e6337f84d2f5a9ac0a42 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 7 Mar 2019 19:55:26 +0000 Subject: [PATCH 5/7] Updated TOC.md --- windows/security/threat-protection/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index f90703feef..1f3f96d806 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -105,6 +105,7 @@ ### [Get started](windows-defender-atp/get-started.md) +#### [What's new in Windows Defender ATP](windows-defender-atp/whats-new-in-windows-defender-atp.md) #### [Minimum requirements](windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md) #### [Validate licensing and complete setup](windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md) #### [Preview features](windows-defender-atp/preview-windows-defender-advanced-threat-protection.md) From 8d0d294971282d0a0f6674a5a806fd343c2b590f Mon Sep 17 00:00:00 2001 From: "Andrea Bichsel (Aquent LLC)" Date: Thu, 7 Mar 2019 20:00:05 +0000 Subject: [PATCH 6/7] Fixed link --- .../enable-controlled-folders-exploit-guard.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md index 4f95d8c023..e78c2f8644 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md @@ -11,7 +11,6 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 02/14/2019 --- # Enable controlled folder access @@ -82,8 +81,7 @@ Use `Disabled` to turn the feature off. ### Use MDM CSPs to enable controlled folder access -Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-guardedfolderslist) configuration service provider (CSP) to allow apps to make changes to protected folders. - +Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-controlledfolderaccessprotectedfolders) configuration service provider (CSP) to allow apps to make changes to protected folders. ## Related topics From e2b2e1fd99ba66043f54a512742227efbf2f4871 Mon Sep 17 00:00:00 2001 From: "Andrea Bichsel (Aquent LLC)" Date: Thu, 7 Mar 2019 20:02:04 +0000 Subject: [PATCH 7/7] Updated toc --- windows/security/threat-protection/TOC.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index f90703feef..3ccc99a577 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -142,7 +142,6 @@ ###### [Import/export configurations](windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md) ##### [Network protection](windows-defender-exploit-guard/enable-network-protection.md) ##### [Controlled folder access](windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md) -###### [Customize controlled folder access](windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md) ##### [Attack surface reduction controls](windows-defender-exploit-guard/enable-attack-surface-reduction.md) ###### [Customize attack surface reduction](windows-defender-exploit-guard/customize-attack-surface-reduction.md) ##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md) @@ -465,9 +464,6 @@ ### [Windows Defender Device Guard: virtualization-based security and WDAC](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md) -### [Use attack surface reduction rules in Windows 10 Enterprise E3](windows-defender-exploit-guard/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md) - - ### [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md) ### [Mitigate threats by using Windows 10 security features](overview-of-threat-mitigations-in-windows-10.md)