mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-20 04:43:37 +00:00
Merge remote-tracking branch 'refs/remotes/origin/master' into jdh1shell
This commit is contained in:
Jeanie Decker
@ -47,7 +47,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M
|
||||
- Escrow TPM OwnerAuth
|
||||
For Windows 7, MBAM must own the TPM for escrow to occur.
|
||||
For Windows 8.1, Windows 10 RTM and Windows 10 version 1511, escrow of TPM OwnerAuth is supported.
|
||||
For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
|
||||
For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
|
||||
|
||||
- Escrow recovery keys and recovery key packages
|
||||
|
||||
@ -66,7 +66,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M
|
||||
<a href="" id="mbam-machine-wmi-class"></a>**MBAM\_Machine WMI Class**
|
||||
**PrepareTpmAndEscrowOwnerAuth:** Reads the TPM OwnerAuth and sends it to the MBAM recovery database by using the MBAM recovery service. If the TPM is not owned and auto-provisioning is not on, it generates a TPM OwnerAuth and takes ownership. If it fails, an error code is returned for troubleshooting.
|
||||
|
||||
**Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
|
||||
**Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
|
||||
|
||||
| Parameter | Description |
|
||||
| -------- | ----------- |
|
||||
@ -179,7 +179,7 @@ Here are a list of common error messages:
|
||||
3. Name the step **Persist TPM OwnerAuth**
|
||||
|
||||
4. Set the command line to `cscript.exe "%SCRIPTROOT%/SaveWinPETpmOwnerAuth.wsf"`
|
||||
**Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
|
||||
**Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
|
||||
|
||||
3. In the **State Restore** folder, delete the **Enable BitLocker** task.
|
||||
|
||||
|
||||
@ -105,6 +105,7 @@
|
||||
|
||||
|
||||
### [Get started](windows-defender-atp/get-started.md)
|
||||
#### [What's new in Windows Defender ATP](windows-defender-atp/whats-new-in-windows-defender-atp.md)
|
||||
#### [Minimum requirements](windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md)
|
||||
#### [Validate licensing and complete setup](windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md)
|
||||
#### [Preview features](windows-defender-atp/preview-windows-defender-advanced-threat-protection.md)
|
||||
@ -142,7 +143,6 @@
|
||||
###### [Import/export configurations](windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md)
|
||||
##### [Network protection](windows-defender-exploit-guard/enable-network-protection.md)
|
||||
##### [Controlled folder access](windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md)
|
||||
###### [Customize controlled folder access](windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md)
|
||||
##### [Attack surface reduction controls](windows-defender-exploit-guard/enable-attack-surface-reduction.md)
|
||||
###### [Customize attack surface reduction](windows-defender-exploit-guard/customize-attack-surface-reduction.md)
|
||||
##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md)
|
||||
@ -465,9 +465,6 @@
|
||||
|
||||
### [Windows Defender Device Guard: virtualization-based security and WDAC](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
|
||||
|
||||
### [Use attack surface reduction rules in Windows 10 Enterprise E3](windows-defender-exploit-guard/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md)
|
||||
|
||||
|
||||
### [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
|
||||
|
||||
### [Mitigate threats by using Windows 10 security features](overview-of-threat-mitigations-in-windows-10.md)
|
||||
|
||||
@ -346,7 +346,7 @@
|
||||
####[Configure information protection in Windows](information-protection-in-windows-config.md)
|
||||
|
||||
|
||||
### [Configure Windows Security app settings](preferences-setup-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md)
|
||||
#### General
|
||||
##### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md)
|
||||
##### [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
@ -15,7 +15,6 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: article
|
||||
ms.date: 02/14/2019
|
||||
---
|
||||
|
||||
|
||||
@ -96,7 +95,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec
|
||||
|
||||
Service location | Microsoft.com DNS record
|
||||
:---|:---
|
||||
Common URLs for all locations | ```*.blob.core.windows.net``` <br>```crl.microsoft.com```<br> ```ctldl.windowsupdate.com``` <br>```events.data.microsoft.com```
|
||||
Common URLs for all locations | ```*.blob.core.windows.net``` <br>```crl.microsoft.com```<br> ```ctldl.windowsupdate.com``` <br>```events.data.microsoft.com```<br>```notify.windows.com```
|
||||
European Union | ```eu.vortex-win.data.microsoft.com```<br>```eu-v20.events.data.microsoft.com```<br>```winatp-gw-neu.microsoft.com```<br>```winatp-gw-weu.microsoft.com```
|
||||
United Kingdom | ```uk.vortex-win.data.microsoft.com``` <br>```uk-v20.events.data.microsoft.com```<br>```winatp-gw-uks.microsoft.com```<br>```winatp-gw-ukw.microsoft.com```
|
||||
United States | ```us.vortex-win.data.microsoft.com```<br> ```us-v20.events.data.microsoft.com```<br>```winatp-gw-cus.microsoft.com``` <br>```winatp-gw-eus.microsoft.com```
|
||||
|
||||
@ -8,14 +8,13 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: v-tanewt
|
||||
author: tbit0001
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: article
|
||||
ms.date: 10/16/2017
|
||||
---
|
||||
# Validate licensing provisioning and complete set up for Windows Defender ATP
|
||||
|
||||
|
||||
@ -15,7 +15,6 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/03/2018
|
||||
---
|
||||
|
||||
# Understand threat intelligence concepts
|
||||
|
||||
@ -8,6 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -8,8 +8,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: v-tanewt
|
||||
author: tbit0001
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -11,7 +11,6 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 02/14/2019
|
||||
---
|
||||
|
||||
# Enable controlled folder access
|
||||
@ -82,8 +81,7 @@ Use `Disabled` to turn the feature off.
|
||||
|
||||
### Use MDM CSPs to enable controlled folder access
|
||||
|
||||
Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-guardedfolderslist) configuration service provider (CSP) to allow apps to make changes to protected folders.
|
||||
|
||||
Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-controlledfolderaccessprotectedfolders) configuration service provider (CSP) to allow apps to make changes to protected folders.
|
||||
|
||||
## Related topics
|
||||
|
||||
|
||||
Reference in New Issue
Block a user