deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-27 16:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/MicrosoftDocs/windows-docs-pr into ConfigRebrand-Two

Browse Source
This commit is contained in:
LauraKellerGitHub
2020-01-09 14:12:21 -08:00
parent 96f2accf27 0fff5ed513
commit 31e48956ae
462 changed files with 4001 additions and 3334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/identity-protection/configure-s-mime.md
View File

@ -1,6 +1,6 @@
---
title: Configure S/MIME for Windows 10 and Windows 10 Mobile (Windows 10)
description: In Windows 10, S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients who have a digital identification (ID), also known as a certificate, can read them.
description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, aka a certificate, can read them.
ms.assetid: 7F9C2A99-42EB-4BCC-BB53-41C04FBBBF05
ms.reviewer:
keywords: encrypt, digital signature

2
windows/security/identity-protection/credential-guard/additional-mitigations.md
View File

@ -1,6 +1,6 @@
---
title: Additional mitigations
description: Scripts listed in this topic for obtaining the available issuance policies on the certificate authority for Windows Defender Credential Guard on Windows 10.
description: Advice and sample code for making your domain environment more secure and robust with Windows Defender Credential Guard.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md
View File

@ -1,6 +1,6 @@
---
title: How Windows Defender Credential Guard works
description: Using virtualization-based security, Windows Defender Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them.
description: Learn how Windows Defender Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-manage.md
View File

@ -1,6 +1,6 @@
---
title: Manage Windows Defender Credential Guard (Windows 10)
description: Deploying and managing Windows Defender Credential Guard using Group Policy, the registry, or the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool.
description: Learn how to deploy and manage Windows Defender Credential Guard using Group Policy, the registry, or hardware readiness tools.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md
View File

@ -1,6 +1,6 @@
---
title: Windows Defender Credential Guard protection limits (Windows 10)
description: Scenarios not protected by Windows Defender Credential Guard in Windows 10.
description: Some ways to store credentials are not protected by Windows Defender Credential Guard in Windows 10. Learn more with this guide.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-requirements.md
View File

@ -1,6 +1,6 @@
---
title: Windows Defender Credential Guard Requirements (Windows 10)
description: Windows Defender Credential Guard baseline hardware, firmware, and software requirements, and additional protections for improved security associated with available hardware and firmware options.
description: Windows Defender Credential Guard baseline hardware, firmware, and software requirements, and additional protections for improved security.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-scripts.md
View File

@ -1,6 +1,6 @@
---
title: Scripts for Certificate Issuance Policies in Windows Defender Credential Guard (Windows 10)
description: Scripts listed in this topic for obtaining the available issuance policies on the certificate authority for Windows Defender Credential Guard on Windows 10.
description: Obtain issuance policies from the certificate authority for Windows Defender Credential Guard on Windows 10.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

4
windows/security/identity-protection/credential-guard/credential-guard.md
View File

@ -1,6 +1,6 @@
---
title: Protect derived domain credentials with Windows Defender Credential Guard (Windows 10)
description: Introduced in Windows 10 Enterprise, Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
description: Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
ms.assetid: 4F1FE390-A166-4A24-8530-EA3369FEB4B1
ms.reviewer:
ms.prod: w10
@ -35,7 +35,7 @@ By enabling Windows Defender Credential Guard, the following features and soluti
## Related topics
- [Isolated User Mode in Windows 10 with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-in-Windows-10-with-Dave-Probert)
- [Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel (Channel 9)](http://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-Processes-and-Features-in-Windows-10-with-Logan-Gabriel)
- [Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-Processes-and-Features-in-Windows-10-with-Logan-Gabriel)
- [More on Processes and Features in Windows 10 Isolated User Mode with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/More-on-Processes-and-Features-in-Windows-10-Isolated-User-Mode-with-Dave-Probert)
- [Mitigating Credential Theft using the Windows 10 Isolated User Mode (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Mitigating-Credential-Theft-using-the-Windows-10-Isolated-User-Mode)
- [Protecting network passwords with Windows Defender Credential Guard](https://www.microsoft.com/itshowcase/Article/Content/831/Protecting-network-passwords-with-Windows-10-Credential-Guard)

10
windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
View File

@ -31,7 +31,7 @@ ms.reviewer:
Windows, today, natively only supports the use of a single credential (password, PIN, fingerprint, face, etc.) for unlocking a device. Therefore, if any of those credentials are compromised (shoulder surfed), an attacker could gain access to the system.
Windows 10 offers Multi-factor device unlock by extending Windows Hello with trusted signals, administrators can configure Windows 10 to request a combination of factors and trusted signals to unlock their devices.
Windows 10 offers Multi-factor device unlock by extending Windows Hello with trusted signals. Administrators can configure Windows 10 to request a combination of factors and trusted signals to unlock their devices.
Which organizations can take advantage of Multi-factor unlock? Those who:
* Have expressed that PINs alone do not meet their security needs.
@ -101,7 +101,7 @@ Each rule element has a **signal** element. All signal elements have a **type**
| type| "wifi" (Windows 10, version 1803)
#### Bluetooth
You define the bluetooth signal with additional attribute in the signal element. The bluetooth configuration does not use any other elements. You can end the signal element with short ending tag "\/>".
You define the bluetooth signal with additional attributes in the signal element. The bluetooth configuration does not use any other elements. You can end the signal element with short ending tag "\/>".
|Attribute|Value|Required|
|---------|-----|--------|
@ -117,7 +117,7 @@ Example:
<signal type="bluetooth" scenario="Authentication" classOfDevice="512" rssiMin="-10" rssiMaxDelta="-10"/>
</rule>
```
The **classofDevice** attribute defaults Phones and uses the values from the following table
The **classofDevice** attribute defaults to Phone and uses the values from the following table:
|Description|Value|
|:-------------|:-------:|
@ -138,7 +138,7 @@ The **rssiMin** attribute value signal indicates the strength needed for the dev
RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other.
>[!IMPORTANT]
>Microsoft recommends using the default values for this policy settings. Measurements are relative, based on the varying conditions of each environment. Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting. Use the rssiMIN and rssiMaxDelta values from the XML file created by the Group Policy Management Editor or remove both attributes to use the default values.
>Microsoft recommends using the default values for this policy setting. Measurements are relative, based on the varying conditions of each environment. Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting. Use the rssiMIN and rssiMaxDelta values from the XML file created by the Group Policy Management Editor or remove both attributes to use the default values.
#### IP Configuration
You define IP configuration signals using one or more ipConfiguration elements. Each element has a string value. IpConfiguration elements do not have attributes or nested elements.
@ -198,7 +198,7 @@ The IPv6 DNS server represented in Internet standard hexadecimal encoding. An IP
<ipv6DnsServer>21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A%2</ipv6DnsServer>
```
##### dnsSuffix
The fully qualified domain name of your organizations internal DNS suffix where any part of the fully qualified domain name in this setting exists in the computer's primary DNS suffix. The **signal** element may contain one or more **dnsSuffix** elements.<br>
The fully qualified domain name of your organization's internal DNS suffix where any part of the fully qualified domain name in this setting exists in the computer's primary DNS suffix. The **signal** element may contain one or more **dnsSuffix** elements.<br>
**Example**
```
<dnsSuffix>corp.contoso.com</dnsSuffix>

2
windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md
View File

@ -1,6 +1,6 @@
---
title: Windows Hello biometrics in the enterprise (Windows 10)
description: Windows Hello is the biometric authentication feature that helps strengthen authentication and helps to guard against potential spoofing through fingerprint matching and facial recognition.
description: Windows Hello uses biometrics to authenticate users and guard against potential spoofing, through fingerprint matching and facial recognition.
ms.assetid: d3f27d94-2226-4547-86c0-65c84d6df8Bc
ms.reviewer:
keywords: Windows Hello, enterprise biometrics

2
windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
View File

@ -1,6 +1,6 @@
---
title: Configure Windows Hello for Business Policy settings - certificate trust
description: Configure Windows Hello for Business Policy settings for Windows Hello for Business
description: Configure Windows Hello for Business Policy settings for Windows Hello for Business. Certificate-based deployments need three group policy settings.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md
View File

@ -1,6 +1,6 @@
---
title: Validate Public Key Infrastructure - certificate trust model (Windows Hello for Business)
description: How to Validate Public Key Infrastructure for Windows Hello for Business
description: How to Validate Public Key Infrastructure for Windows Hello for Business, under a certificate trust model.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md
View File

@ -1,6 +1,6 @@
---
title: Windows Hello for Business Deployment Guide - On Premises Certificate Trust Deployment
description: A guide to an On Premises, Certificate trust Windows Hello for Business deployment
description: A guide to on premises, certificate trust Windows Hello for Business deployment.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md
View File

@ -1,6 +1,6 @@
---
title: Windows Hello for Business Deployment Guide - On Premises Key Deployment
description: A guide to an On Premises, Certificate trust Windows Hello for Business deployment
description: A guide to on premises, key trust Windows Hello for Business deployment.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md
View File

@ -1,6 +1,6 @@
---
title: Conditional Access
description: Conditional Access
description: Learn more about conditional access in Azure Active Directory.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, conditional access
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
View File

@ -1,6 +1,6 @@
---
title: Dynamic lock
description: Conditional Access
description: Learn how to set Dynamic lock on Windows 10 devices, by configuring group policies. This feature locks a device when a Bluetooth signal falls below a set value.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, conditional access
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
View File

@ -1,6 +1,6 @@
---
title: Configure Azure AD joined devices for On-premises Single-Sign On using Windows Hello for Business
description: Azure Active Directory joined devices in a hybrid Deployment for on-premises single sign-on
description: Before adding Azure Active Directory (Azure AD) joined devices to your existing hybrid deployment, you need to verify the existing deployment can support them.
keywords: identity, PIN, biometric, Hello, passport, AADJ, SSO,
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
View File

@ -1,6 +1,6 @@
---
title: Using Certificates for AADJ On-premises Single-sign On single sign-on
description: Azure Active Directory joined devices in a hybrid Deployment for on-premises single sign-on
description: If you want to use certificates for on-premises single-sign on for Azure Active Directory joined devices, then follow these additional steps.
keywords: identity, PIN, biometric, Hello, passport, AADJ, SSO,
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md
View File

@ -1,6 +1,6 @@
---
title: Azure AD Join Single Sign-on Deployment
description: Azure Active Directory joined devices in a hybrid Deployment for on-premises single sign-on
description: Learn how to provide single sign-on to your on-premises resources for Azure Active Directory joined devices, using Windows Hello for Business.
keywords: identity, PIN, biometric, Hello, passport, AADJ, SSO,
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md
View File

@ -1,6 +1,6 @@
---
title: Hybrid Windows Hello for Business Prerequisites
description: Prerequisites for Hybrid Windows Hello for Business Deployments
description: Prerequisites for hybrid Windows Hello for Business deployments using certificate trust.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md
View File

@ -1,6 +1,6 @@
---
title: Hybrid Windows Hello for Business Provisioning (Windows Hello for Business)
description: Provisioning for Hybrid Windows Hello for Business Deployments
description: Provisioning for hybrid certificate trust deployments of Windows Hello for Businesss.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md
View File

@ -1,6 +1,6 @@
---
title: Configure Hybrid Windows Hello for Business Settings (Windows Hello for Business)
description: Configuring Windows Hello for Business Settings in Hybrid deployment
description: Configuring Windows Hello for Business settings in hybrid certificate trust deployment.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
ms.prod: w10
ms.mktglfcycl: deploy

4
windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md
View File

@ -1,6 +1,6 @@
---
title: Windows Hello for Business Key Trust New Installation
description: Windows Hello for Business Hybrid baseline deployment
description: Learn how to perform a hybrid key trust deployment of Windows Hello for Business, for systems with no previous installations.
keywords: identity, PIN, biometric, Hello, passport, WHFB
ms.prod: w10
ms.mktglfcycl: deploy
@ -126,7 +126,7 @@ If your organization uses Azure MFA on a per-consumption model (no licenses), th
Once you have created your Azure MFA authentication provider and associated it with an Azure tenant, you need to configure the multi-factor authentication settings. Review the [Configure Azure Multi-Factor Authentication settings](https://docs.microsoft.com/azure/multi-factor-authentication/multi-factor-authentication-whats-next) section to configure your settings.
#### Azure MFA User States
After you have completed configuring your Azure MFA settings, you want to review configure [User States](https://docs.microsoft.com/azure/multi-factor-authentication/multi-factor-authentication-get-started-user-states) to understand user states. User states determine how you enable Azure MFA for your users.
After you have completed configuring your Azure MFA settings, you want to review [How to require two-step verification for a user](https://docs.microsoft.com/azure/multi-factor-authentication/multi-factor-authentication-get-started-user-states) to understand user states. User states determine how you enable Azure MFA for your users.
### Azure MFA via ADFS
Alternatively, you can configure Windows Server 2016 Active Directory Federation Services (AD FS) to provide additional multi-factor authentication. To configure, read the [Configure AD FS 2016 and Azure MFA](https://docs.microsoft.com/windows-server/identity/ad-fs/operations/configure-ad-fs-2016-and-azure-mfa) section.

2
windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md
View File

@ -1,6 +1,6 @@
---
title: Hybrid Key trust Windows Hello for Business Prerequisites (Windows Hello for Business)
description: Prerequisites for Hybrid Windows Hello for Business Deployments
description: Prerequisites for hybrid Windows Hello for Business deployments using key trust.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, key-trust
ms.prod: w10
ms.mktglfcycl: deploy

4
windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md
View File

@ -1,6 +1,6 @@
---
title: Hybrid Windows Hello for Business key trust Provisioning (Windows Hello for Business)
description: Provisioning for Hybrid Windows Hello for Business Deployments
description: Provisioning for hybrid key trust deployments of Windows Hello for Business.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
ms.prod: w10
ms.mktglfcycl: deploy
@ -19,7 +19,7 @@ ms.reviewer:
# Hybrid Windows Hello for Business Provisioning
**Applies to**
- Windows<EFBFBD>10, version 1703 or later
- Windows 10, version 1703 or later
- Hybrid deployment
- Key trust

2
windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md
View File

@ -1,6 +1,6 @@
---
title: Configure Hybrid Windows Hello for Business key trust Settings
description: Configuring Windows Hello for Business Settings in Hybrid deployment
description: Configuring Windows Hello for Business settings in hybrid key trust deployment.
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md
View File

@ -1,6 +1,6 @@
---
title: Validate Public Key Infrastructure - key trust model (Windows Hello for Business)
description: How to Validate Public Key Infrastructure for Windows Hello for Business
description: How to Validate Public Key Infrastructure for Windows Hello for Business, under a key trust model.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md
View File

@ -1,6 +1,6 @@
---
title: Microsoft-compatible security key
description: Windows 10 enables users to sign in to their device using a security key. How is a Microsoft-compatible security key different (and better) than any other FIDO2 security key
description: Learn how a Microsoft-compatible security key for Windows 10 is different (and better) than any other FIDO2 security key.
keywords: FIDO2, security key, CTAP, Hello, WHFB
ms.prod: w10
ms.mktglfcycl: deploy

2
windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
View File

@ -185,7 +185,7 @@ Certificate requirements are listed by versions of the Windows operating system.
The smart card certificate has specific format requirements when it is used with Windows XP and earlier operating systems. You can enable any certificate to be visible for the smart card credential provider.
| **Component** | **Requirements for Windows 8.1, Windows 8, Windows 7, and Windows Vista** | **Requirements for Windows XP** |
| **Component** | **Requirements for Windows 8.1, Windows 8, Windows 7, Windows Vista, and Windows 10** | **Requirements for Windows XP** |
|--------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| CRL distribution point location | Not required | The location must be specified, online, and available, for example:<br>\[1\]CRL Distribution Point<br>Distribution Point Name:<br>Full Name:<br>URL=<http://server1.contoso.com/CertEnroll/caname.crl> |
| Key usage | Digital signature | Digital signature |

2
windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
View File

@ -1,6 +1,6 @@
---
title: Smart Card Technical Reference (Windows 10)
description: This technical reference for the IT professional and smart card developer describes the Windows smart card infrastructure for physical smart cards and how smart card-related components work in Windows.
description: Learn about the Windows smart card infrastructure for physical smart cards, and how smart card-related components work in Windows.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

2
windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
View File

@ -1,6 +1,6 @@
---
title: User Account Control security policy settings (Windows 10)
description: You can use security policies to configure how User Account Control works in your organization. They can be configured locally by using the Local Security Policy snap-in (secpol.msc) or configured for the domain, OU, or specific groups by Group Policy.
description: You can use security policies to configure how User Account Control works in your organization.
ms.assetid: 3D75A9AC-69BB-4EF2-ACB3-1769791E1B98
ms.reviewer:
ms.prod: w10

2
windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md
View File

@ -1,6 +1,6 @@
---
title: Virtual Smart Card Overview (Windows 10)
description: This topic for IT professional provides an overview of the virtual smart card technology that was developed by Microsoft, and links to additional topics about virtual smart cards.
description: Learn more about the virtual smart card technology that was developed by Microsoft. Find links to additional topics about virtual smart cards.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

2
windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md
View File

@ -1,6 +1,6 @@
---
title: Understanding and Evaluating Virtual Smart Cards (Windows 10)
description: This topic for IT professional provides information about how smart card technology can fit into your authentication design, and provides links to additional topics about virtual smart cards.
description: Learn how smart card technology can fit into your authentication design. Find links to additional topics about virtual smart cards.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

2
windows/security/identity-protection/vpn/vpn-profile-options.md
View File

@ -1,6 +1,6 @@
---
title: VPN profile options (Windows 10)
description: Virtual private networks (VPN) let you give your users secure remote access to your company network. Windows 10 adds useful new VPN profile options to help you manage how users connect.
description: Windows 10 adds Virtual Private Network (VPN) profile options to help manage how users connect. VPNs give users secure remote access to the company network.
ms.assetid: E3F99DF9-863D-4E28-BAED-5C1B1B913523
ms.reviewer:
manager: dansimp

2
windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md
View File

@ -1,6 +1,6 @@
---
title: BitLocker Key Management FAQ (Windows 10)
description: This topic for the IT professional answers frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
description: Browse frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee
ms.reviewer:
ms.prod: w10

2
windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
View File

@ -1,6 +1,6 @@
---
title: BitLocker Upgrading FAQ (Windows 10)
description: Learn more about upgrading systems that have BitLocker enabled.
description: Learn more about upgrading systems that have BitLocker enabled. Find frequently asked questions, such as, "Can I upgrade to Windows 10 with BitLocker enabled?"
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/information-protection/tpm/tpm-fundamentals.md
View File

@ -1,6 +1,6 @@
---
title: TPM fundamentals (Windows 10)
description: This topic for the IT professional provides a description of the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and explains how they are used to mitigate dictionary attacks.
description: Inform yourself about the components of the Trusted Platform Module (TPM 1.2 and TPM 2.0) and how they are used to mitigate dictionary attacks.
ms.assetid: ac90f5f9-9a15-4e87-b00d-4adcf2ec3000
ms.reviewer:
ms.prod: w10

2
windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
View File

@ -1,6 +1,6 @@
---
title: Unenlightened and enlightened app behavior while using Windows Information Protection (WIP) (Windows 10)
description: How unenlightened and enlightened apps might behave, based on Windows Information Protection (WIP) networking policies, app configuration, and potentially whether the app connects to network resources directly by using IP addresses or by using hostnames.
description: Learn how unenlightened and enlightened apps might behave, based on Windows Information Protection (WIP) network policies, app configuration, and other criteria
keywords: WIP, Enterprise Data Protection, EDP, Windows Information Protection, unenlightened apps, enlightened apps
ms.prod: w10
ms.mktglfcycl: explore

2
windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
View File

@ -1,6 +1,6 @@
---
title: How to collect Windows Information Protection (WIP) audit event logs (Windows 10)
description: How to collect and understand your Windows Information Protection audit event logs by using the Reporting configuration service provider (CSP) or the Windows Event Forwarding (for Windows desktop domain-joined devices only).
description: How to collect & understand Windows Information Protection audit event logs via the Reporting configuration service provider (CSP) or Windows Event Forwarding.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md
View File

@ -1,6 +1,6 @@
---
title: Associate and deploy a VPN policy for Windows Information Protection (WIP) using the Azure portal for Microsoft Intune (Windows 10)
description: After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to associate and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy.
description: After you've created and deployed your Windows Information Protection (WIP) policy, use Microsoft Intune to link it to your Virtual Private Network (VPN) policy
keywords: WIP, Enterprise Data Protection
ms.prod: w10
ms.mktglfcycl: explore

6
windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
View File

@ -1,6 +1,6 @@
---
title: Create a Windows Information Protection (WIP) policy with MDM using the Azure portal for Microsoft Intune (Windows 10)
description: The Azure portal for Microsoft Intune helps you create and deploy your Windows Information Protection (WIP) policy, supporting mobile device management (MDM), to let you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
description: Learn how to use the Azure portal for Microsoft Intune to create and deploy your Windows Information Protection (WIP) policy to protect data on your network.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
@ -30,7 +30,7 @@ You can create an app protection policy in Intune either with device enrollment
- MAM has additional **Access** settings for Windows Hello for Business.
- MAM can [selectively wipe company data](https://docs.microsoft.com/intune/apps-selective-wipe) from a user's personal device.
- MAM requires an [Azure Active Direcory (Azure AD) Premium license](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses).
- MAM requires an [Azure Active Directory (Azure AD) Premium license](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses).
- An Azure AD Premium license is also required for WIP auto-recovery, where a device can re-enroll and re-gain access to protected data. WIP auto-recovery depends on Azure AD registration to back up the encryption keys, which requires device auto-enrollment with MDM.
- MAM supports only one user per device.
- MAM can only manage [enlightened apps](enlightened-microsoft-apps-and-wip.md).
@ -40,7 +40,7 @@ You can create an app protection policy in Intune either with device enrollment
## Prerequisites
Before you can create a WIP policy using Intune, you need to configure an MDM or MAM provider in Azure Active Directory (Azure AD). MAM requires an [Azure Active Direcory (Azure AD) Premium license](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses). An Azure AD Premium license is also required for WIP auto-recovery, where a device can re-enroll and re-gain access to protected data. WIP auto-recovery relies on Azure AD registration to back up the encryption keys, which requires device auto-enrollment with MDM.
Before you can create a WIP policy using Intune, you need to configure an MDM or MAM provider in Azure Active Directory (Azure AD). MAM requires an [Azure Active Directory (Azure AD) Premium license](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses). An Azure AD Premium license is also required for WIP auto-recovery, where a device can re-enroll and re-gain access to protected data. WIP auto-recovery relies on Azure AD registration to back up the encryption keys, which requires device auto-enrollment with MDM.
## Configure the MDM or MAM provider

2
windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md
View File

@ -1,6 +1,6 @@
---
title: Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager (Windows 10)
description: Configuration Manager (version 1606 or later) helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
description: Use Configuration Manager to make & deploy a Windows Information Protection (WIP) policy. Choose protected apps, WIP-protection level, and find enterprise data.
ms.assetid: 85b99c20-1319-4aa3-8635-c1a87b244529
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, SCCM, System Center Configuration Manager, Configuration Manager

2
windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
View File

@ -1,6 +1,6 @@
---
title: List of enlightened Microsoft apps for use with Windows Information Protection (WIP) (Windows 10)
description: Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list.
description: Learn the difference between enlightened and unenlightened apps. Find out which enlightened apps are provided by Microsoft. Learn how to allow-list them.
ms.assetid: 17c85ea3-9b66-4b80-b511-8f277cb4345f
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection

2
windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
View File

@ -1,6 +1,6 @@
---
title: General guidance and best practices for Windows Information Protection (WIP) (Windows 10)
description: This section includes info about the enlightened Microsoft apps, including how to add them to your Protected Apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP).
description: Find resources about apps that can work with Windows Information Protection (WIP) to protect data. Enlightened apps can tell corporate and personal data apart.
ms.assetid: aa94e733-53be-49a7-938d-1660deaf52b0
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection

2
windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md
View File

@ -1,6 +1,6 @@
---
title: Mandatory tasks and settings required to turn on Windows Information Protection (WIP) (Windows 10)
description: This list provides all of the tasks that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP) in your enterprise.
description: Review all of the tasks required for Windows to turn on Windows Information Protection (WIP), formerly enterprise data protection (EDP), in your enterprise.
keywords: Windows Information Protection, WIP, EDP, Enterprise Data Protection, protected apps, protected app list, App Rules, Protected apps list
ms.prod: w10
ms.mktglfcycl: explore

2
windows/security/information-protection/windows-information-protection/overview-create-wip-policy-sccm.md
View File

@ -1,6 +1,6 @@
---
title: Create a Windows Information Protection (WIP) policy using System Center Configuration Manager (Windows 10)
description: System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
description: System Center Configuration Manager helps you create & deploy your enterprise data protection (WIP) policy.
ms.assetid: d2059e74-94bd-4e54-ab59-1a7b9b52bdc6
ms.reviewer:
ms.prod: w10

2
windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md
View File

@ -1,6 +1,6 @@
---
title: Create a Windows Information Protection (WIP) policy using Microsoft Intune (Windows 10)
description: Microsoft Intune and System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
description: Microsoft Intune and System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy.
ms.assetid: d2059e74-94bd-4e54-ab59-1a7b9b52bdc6
ms.reviewer:
ms.prod: w10

4
windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
View File

@ -1,6 +1,6 @@
---
title: Protect your enterprise data using Windows Information Protection (WIP) (Windows 10)
description: With the increase of employee-owned devices in the enterprise, theres also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprises control.
description: Learn how to prevent accidental enterprise data leaks through apps and services, such as email, social media, and the public cloud.
ms.assetid: 6cca0119-5954-4757-b2bc-e0ea4d2c7032
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, DLP, data loss prevention, data leakage protection
@ -59,7 +59,7 @@ To help address this security insufficiency, companies developed data loss preve
- **The ability to specify what happens when data matches a rule, including whether employees can bypass enforcement.** For example, in Microsoft SharePoint and SharePoint Online, the Microsoft data loss prevention system lets you warn your employees that shared data includes sensitive info, and to share it anyway (with an optional audit log entry).
Unfortunately, data loss prevention systems have their own problems. For example, the more detailed the rule set, the more false positives are created, leading employees to believe that the rules slow down their work and need to be bypassed in order to remain productive, potentially leading to data being incorrectly blocked or improperly released. Another major problem is that data loss prevention systems must be widely implemented to be effective. For example, if your company uses a data loss prevention system for email, but not for file shares or document storage, you might find that your data leaks through the unprotected channels. But perhaps the biggest problem with data loss preventions systems is that it provides a jarring experience that interrupts the employees natural workflow by stopping some operations (such as sending a message with an attachment that the system tags as sensitive) while allowing others, often according to subtle rules that the employee doesnt see and cant understand.
Unfortunately, data loss prevention systems have their own problems. For example, the more detailed the rule set, the more false positives are created, leading employees to believe that the rules slow down their work and need to be bypassed in order to remain productive, potentially leading to data being incorrectly blocked or improperly released. Another major problem is that data loss prevention systems must be widely implemented to be effective. For example, if your company uses a data loss prevention system for email, but not for file shares or document storage, you might find that your data leaks through the unprotected channels. But perhaps the biggest problem with data loss prevention systems is that it provides a jarring experience that interrupts the employees natural workflow by stopping some operations (such as sending a message with an attachment that the system tags as sensitive) while allowing others, often according to subtle rules that the employee doesnt see and cant understand.
### Using information rights management systems
To help address the potential data loss prevention system problems, companies developed information rights management (also known as IRM) systems. Information rights management systems embed protection directly into documents, so that when an employee creates a document, he or she determines what kind of protection to apply. For example, an employee can choose to stop the document from being forwarded, printed, shared outside of the organization, and so on.

2
windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
View File

@ -35,7 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc
|-----------------------------|---------------------------------------------------------------------|
|Office 365 for Business |<ul><li>contoso.sharepoint.com</li><li>contoso-my.sharepoint.com</li><li>contoso-files.sharepoint.com</li><li>tasks.office.com</li><li>protection.office.com</li><li>meet.lync.com</li><li>teams.microsoft.com</li></ul> |
|Yammer |<ul><li>www.yammer.com</li><li>yammer.com</li><li>persona.yammer.com</li></ul> |
|Outlook Web Access (OWA) |attachments.office.net |
|Outlook Web Access (OWA) |<ul><li>outlook.office.com</li><li>outlook.office365.com</li><li>attachments.office.net</li></ul> |
|Microsoft Dynamics |contoso.crm.dynamics.com |
|Visual Studio Online |contoso.visualstudio.com |
|Power BI |contoso.powerbi.com |

25
windows/security/threat-protection/TOC.md
View File

@ -42,6 +42,7 @@
#### [Network firewall](windows-firewall/windows-firewall-with-advanced-security.md)
### [Next generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
#### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md)
### [Endpoint detection and response]()
#### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md)
@ -114,21 +115,21 @@
#### [Advanced hunting schema reference]()
##### [Understand the schema](microsoft-defender-atp/advanced-hunting-schema-reference.md)
##### [AlertEvents](microsoft-defender-atp/advanced-hunting-alertevents-table.md)
##### [FileCreationEvents](microsoft-defender-atp/advanced-hunting-filecreationevents-table.md)
##### [ImageLoadEvents](microsoft-defender-atp/advanced-hunting-imageloadevents-table.md)
##### [LogonEvents](microsoft-defender-atp/advanced-hunting-logonevents-table.md)
##### [MachineInfo](microsoft-defender-atp/advanced-hunting-machineinfo-table.md)
##### [MachineNetworkInfo](microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md)
##### [MiscEvents](microsoft-defender-atp/advanced-hunting-miscevents-table.md)
##### [NetworkCommunicationEvents](microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md)
##### [ProcessCreationEvents](microsoft-defender-atp/advanced-hunting-processcreationevents-table.md)
##### [RegistryEvents](microsoft-defender-atp/advanced-hunting-registryevents-table.md)
##### [DeviceFileEvents](microsoft-defender-atp/advanced-hunting-devicefileevents-table.md)
##### [DeviceImageLoadEvents](microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md)
##### [DeviceLogonEvents](microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md)
##### [DeviceInfo](microsoft-defender-atp/advanced-hunting-deviceinfo-table.md)
##### [DeviceNetworkInfo](microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md)
##### [DeviceEvents](microsoft-defender-atp/advanced-hunting-deviceevents-table.md)
##### [DeviceNetworkEvents](microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md)
##### [DeviceProcessEvents](microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md)
##### [DeviceRegistryEvents](microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md)
##### [DeviceTvmSoftwareInventoryVulnerabilities](microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md)
##### [DeviceTvmSoftwareVulnerabilitiesKB](microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md)
##### [DeviceTvmSecureConfigurationAssessment](microsoft-defender-atp/advanced-hunting-tvm-configassessment-table.md)
##### [DeviceTvmSecureConfigurationAssessmentKB](microsoft-defender-atp/advanced-hunting-tvm-secureconfigkb-table.md)
#### [Apply query best practices](microsoft-defender-atp/advanced-hunting-best-practices.md)
#### [Stream Advanced hunting events to Azure Event Hubs](microsoft-defender-atp/raw-data-export-event-hub.md)
#### [Stream advanced hunting events to Azure Event Hubs](microsoft-defender-atp/raw-data-export-event-hub.md)
#### [Custom detections]()
##### [Understand custom detection rules](microsoft-defender-atp/overview-custom-detections.md)
@ -367,6 +368,7 @@
###### [Hello World](microsoft-defender-atp/api-hello-world.md)
###### [Get access with application context](microsoft-defender-atp/exposed-apis-create-app-webapp.md)
###### [Get access with user context](microsoft-defender-atp/exposed-apis-create-app-nativeapp.md)
###### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md)
##### [APIs]()
###### [Supported Microsoft Defender ATP APIs](microsoft-defender-atp/exposed-apis-list.md)
@ -459,7 +461,8 @@
##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md)
#### [Reporting]()
##### [Create and build Power BI reports using Microsoft Defender ATP data (deprecated)](microsoft-defender-atp/powerbi-reports.md)
##### [Power BI - How to use API - Samples](microsoft-defender-atp/api-power-bi.md)
##### [Create and build Power BI reports using Microsoft Defender ATP data connectors (deprecated)](microsoft-defender-atp/powerbi-reports.md)
##### [Threat protection reports](microsoft-defender-atp/threat-protection-reports.md)
##### [Machine health and compliance reports](microsoft-defender-atp/machine-reports.md)

2
windows/security/threat-protection/auditing/advanced-security-auditing.md
View File

@ -1,6 +1,6 @@
---
title: Advanced security audit policies (Windows 10)
description: Advanced security audit policy settings are found in Security Settings\\Advanced Audit Policy Configuration\\System Audit Policies and appear to overlap with basic security audit policies, but they are recorded and applied differently.
description: Advanced security audit policy settings may appear to overlap with basic policies, but they are recorded and applied differently. Learn more about them here.
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.reviewer:
ms.author: dansimp

2
windows/security/threat-protection/auditing/audit-account-lockout.md
View File

@ -1,6 +1,6 @@
---
title: Audit Account Lockout (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Account Lockout, which enables you to audit security events that are generated by a failed attempt to log on to an account that is locked out.
description: The policy setting, Audit Account Lockout, enables you to audit security events generated by a failed attempt to log on to an account that is locked out.
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-application-generated.md
View File

@ -1,6 +1,6 @@
---
title: Audit Application Generated (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Application Generated, which determines whether the operating system generates audit events when applications attempt to use the Windows Auditing application programming interfaces (APIs).
description: The policy setting, Audit Application Generated, determines if audit events are generated when applications attempt to use the Windows Auditing APIs.
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-application-group-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Application Group Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Application Group Management, which determines whether the operating system generates audit events when application group management tasks are performed.
description: The policy setting, Audit Application Group Management, determines if audit events are generated when application group management tasks are performed.
ms.assetid: 1bcaa41e-5027-4a86-96b7-f04eaf1c0606
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-audit-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Audit Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Audit Policy Change, which determines whether the operating system generates audit events when changes are made to audit policy.
description: The Advanced Security Audit policy setting, Audit Audit Policy Change, determines if audit events are generated when changes are made to audit policy.
ms.assetid: 7153bf75-6978-4d7e-a821-59a699efb8a9
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-authentication-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Authentication Policy Change (Windows 10)
description: This topic for the IT professional describes this Advanced Security Audit policy setting, Audit Authentication Policy Change, which determines whether the operating system generates audit events when changes are made to authentication policy.
description: The Advanced Security Audit policy setting, Audit Authentication Policy Change, determines if audit events are generated when authentication policy is changed.
ms.assetid: aa9cea7a-aadf-47b7-b704-ac253b8e79be
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-authorization-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Authorization Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Authorization Policy Change, which determines whether the operating system generates audit events when specific changes are made to the authorization policy.
description: The policy setting, Audit Authorization Policy Change, determines if audit events are generated when specific changes are made to the authorization policy.
ms.assetid: ca0587a2-a2b3-4300-aa5d-48b4553c3b36
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
View File

@ -1,6 +1,6 @@
---
title: Audit Central Access Policy Staging (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Central Access Policy Staging, which determines permissions on a Central Access Policy.
description: The Advanced Security Audit policy setting, Audit Central Access Policy Staging, determines permissions on a Central Access Policy.
ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-certification-services.md
View File

@ -1,6 +1,6 @@
---
title: Audit Certification Services (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Certification Services, which determines whether the operating system generates events when Active Directory Certificate Services (ADÂ CS) operations are performed.
description: The policy setting, Audit Certification Services, decides if events are generated when Active Directory Certificate Services (ADA CS) operations are performed.
ms.assetid: cdefc34e-fb1f-4eff-b766-17713c5a1b03
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-computer-account-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Computer Account Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Computer Account Management, which determines whether the operating system generates audit events when a computer account is created, changed, or deleted.
description: The policy setting, Audit Computer Account Management, determines if audit events are generated when a computer account is created, changed, or deleted.
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-credential-validation.md
View File

@ -1,6 +1,6 @@
---
title: Audit Credential Validation (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Credential Validation, which determines whether the operating system generates audit events on credentials that are submitted for a user account logon request.
description: The policy setting, Audit Credential Validation, determines if audit events are generated when user account logon request credentials are submitted.
ms.assetid: 6654b33a-922e-4a43-8223-ec5086dfc926
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
View File

@ -1,6 +1,6 @@
---
title: Audit Detailed Directory Service Replication (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Detailed Directory Service Replication, which determines whether the operating system generates audit events that contain detailed tracking information about data that is replicated between domain controllers.
description: The Audit Detailed Directory Service Replication setting decides if audit events contain detailed tracking info about data replicated between domain controllers
ms.assetid: 1b89c8f5-bce7-4b20-8701-42585c7ab993
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-detailed-file-share.md
View File

@ -1,6 +1,6 @@
---
title: Audit Detailed File Share (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Detailed File Share, which allows you to audit attempts to access files and folders on a shared folder.
description: The Advanced Security Audit policy setting, Audit Detailed File Share, allows you to audit attempts to access files and folders on a shared folder.
ms.assetid: 60310104-b820-4033-a1cb-022a34f064ae
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-directory-service-access.md
View File

@ -1,6 +1,6 @@
---
title: Audit Directory Service Access (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Directory Service Access, which determines whether the operating system generates audit events when an Active Directory Domain Services (ADÂ DS) object is accessed.
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (ADA DS) object is accessed.
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-directory-service-changes.md
View File

@ -1,6 +1,6 @@
---
title: Audit Directory Service Changes (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Directory Service Changes, which determines whether the operating system generates audit events when changes are made to objects in Active Directory Domain Services (ADÂ DS).
description: The policy setting Audit Directory Service Changes determines if audit events are generated when objects in Active Directory Domain Services (AD DS) are changed
ms.assetid: 9f7c0dd4-3977-47dd-a0fb-ec2f17cad05e
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-distribution-group-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Distribution Group Management (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Distribution Group Management, which determines whether the operating system generates audit events for specific distribution-group management tasks.
description: The policy setting, Audit Distribution Group Management, determines if audit events are generated for specific distribution-group management tasks.
ms.assetid: d46693a4-5887-4a58-85db-2f6cba224a66
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-dpapi-activity.md
View File

@ -1,6 +1,6 @@
---
title: Audit DPAPI Activity (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit DPAPI Activity, which determines whether the operating system generates audit events when encryption or decryption calls are made into the data protection application interface (DPAPI).
description: The policy setting, Audit DPAPI Activity, decides if encryption/decryption calls to the data protection application interface (DPAPI) generate audit events.
ms.assetid: be4d4c83-c857-4e3d-a84e-8bcc3f2c99cd
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-file-share.md
View File

@ -1,6 +1,6 @@
---
title: Audit File Share (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit File Share, which determines whether the operating system generates audit events when a file share is accessed.
description: The Advanced Security Audit policy setting, Audit File Share, determines if the operating system generates audit events when a file share is accessed.
ms.assetid: 9ea985f8-8936-4b79-abdb-35cbb7138f78
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-file-system.md
View File

@ -1,6 +1,6 @@
---
title: Audit File System (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit File System, which determines whether the operating system generates audit events when users attempt to access file system objects.
description: The Advanced Security Audit policy setting, Audit File System, determines if audit events are generated when users attempt to access file system objects.
ms.assetid: 6a71f283-b8e5-41ac-b348-0b7ec6ea0b1f
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
View File

@ -1,6 +1,6 @@
---
title: Audit Filtering Platform Connection (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Connection, which determines whether the operating system generates audit events when connections are allowed or blocked by the Windows Filtering Platform.
description: The policy setting, Audit Filtering Platform Connection, decides if audit events are generated when connections are allow/blocked by Windows Filtering Platform.
ms.assetid: d72936e9-ff01-4d18-b864-a4958815df59
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
View File

@ -1,6 +1,6 @@
---
title: Audit Filtering Platform Packet Drop (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Packet Drop, which determines whether the operating system generates audit events when packets are dropped by the Windows Filtering Platform.
description: The policy setting, Audit Filtering Platform Packet Drop, determines if audit events are generated when packets are dropped by the Windows Filtering Platform.
ms.assetid: 95457601-68d1-4385-af20-87916ddab906
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Filtering Platform Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Policy Change, which determines whether the operating system generates audit events for certain IPsec and Windows Filtering Platform actions.
description: The policy setting, Audit Filtering Platform Policy Change, determines if audit events are generated for certain IPsec and Windows Filtering Platform actions.
ms.assetid: 0eaf1c56-672b-4ea9-825a-22dc03eb4041
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-group-membership.md
View File

@ -1,6 +1,6 @@
---
title: Audit Group Membership (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Group Membership, which enables you to audit group memberships when they are enumerated on the client PC.
description: The advanced security audit policy setting, Audit Group Membership, enables you to audit group memberships when they are enumerated on the client PC.
ms.assetid: 1CD7B014-FBD9-44B9-9274-CC5715DE58B9
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-handle-manipulation.md
View File

@ -1,6 +1,6 @@
---
title: Audit Handle Manipulation (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Handle Manipulation, which determines whether the operating system generates audit events when a handle to an object is opened or closed.
description: The Advanced Security Audit policy setting, Audit Handle Manipulation, determines if audit events are generated when a handle to an object is opened or closed.
ms.assetid: 1fbb004a-ccdc-4c80-b3da-a4aa7a9f4091
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-ipsec-driver.md
View File

@ -1,6 +1,6 @@
---
title: Audit IPsec Driver (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit IPsec Driver, which determines whether the operating system generates audit events for the activities of the IPsec driver.
description: The Advanced Security Audit policy setting, Audit IPsec Driver, determines if audit events are generated for the activities of the IPsec driver.
ms.assetid: c8b8c02f-5ad0-4ee5-9123-ea8cdae356a5
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
View File

@ -1,6 +1,6 @@
---
title: Audit IPsec Extended Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Extended Mode, which determines whether the operating system generates audit events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
description: The setting, Audit IPsec Extended Mode, determines if audit events are generated for the results of IKE protocol and AuthIP during Extended Mode negotiations.
ms.assetid: 2b4fee9e-482a-4181-88a8-6a79d8fc8049
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
View File

@ -1,6 +1,6 @@
---
title: Audit IPsec Main Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Main Mode, which determines whether the operating system generates events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Main Mode negotiations.
description: Learn about the policy setting, Audit IPsec Main Mode, which determines if the results of certain protocols generate events during Main Mode negotiations.
ms.assetid: 06ed26ec-3620-4ef4-a47a-c70df9c8827b
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
View File

@ -1,6 +1,6 @@
---
title: Audit IPsec Quick Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Quick Mode, which determines whether the operating system generates audit events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Quick Mode negotiations.
description: The policy setting, Audit IPsec Quick Mode, decides if audit events are generated for the results of the IKE protocol and AuthIP during Quick Mode negotiations.
ms.assetid: 7be67a15-c2ce-496a-9719-e25ac7699114
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
View File

@ -1,6 +1,6 @@
---
title: Audit Kerberos Authentication Service (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Authentication Service, which determines whether to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests.
description: The policy setting Audit Kerberos Authentication Service decides if audit events are generated for Kerberos authentication ticket-granting ticket (TGT) requests
ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
View File

@ -1,6 +1,6 @@
---
title: Audit Kerberos Service Ticket Operations (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Service Ticket Operations, which determines whether the operating system generates security audit events for Kerberos service ticket requests.
description: The policy setting, Audit Kerberos Service Ticket Operations, determines if security audit events are generated for Kerberos service ticket requests.
ms.assetid: ddc0abef-ac7f-4849-b90d-66700470ccd6
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-kernel-object.md
View File

@ -1,6 +1,6 @@
---
title: Audit Kernel Object (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kernel Object, which determines whether the operating system generates audit events when users attempt to access the system kernel, which includes mutexes and semaphores.
description: The policy setting, Audit Kernel Object, decides if user attempts to access the system kernel (which includes mutexes and semaphores) generate audit events.
ms.assetid: 75619d8b-b1eb-445b-afc9-0f9053be97fb
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-logoff.md
View File

@ -1,6 +1,6 @@
---
title: Audit Logoff (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Logoff, which determines whether the operating system generates audit events when logon sessions are terminated.
description: The Advanced Security Audit policy setting, Audit Logoff, determines if audit events are generated when logon sessions are terminated.
ms.assetid: 681e51f2-ba06-46f5-af8c-d9c48d515432
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-logon.md
View File

@ -1,6 +1,6 @@
---
title: Audit Logon (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Logon, which determines whether the operating system generates audit events when a user attempts to log on to a computer.
description: The Advanced Security Audit policy setting, Audit Logon, determines if audit events are generated when a user attempts to log on to a computer.
ms.assetid: ca968d03-7d52-48c4-ba0e-2bcd2937231b
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-network-policy-server.md
View File

@ -1,6 +1,6 @@
---
title: Audit Network Policy Server (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Network Policy Server, which determines whether the operating system generates audit events for RADIUS (IAS) and Network Access Protection (NAP) activity on user access requests (Grant, Deny, Discard, Quarantine, Lock, and Unlock).
description: The policy setting, Audit Network Policy Server, determines if audit events are generated for RADIUS (IAS) and NAP activity on user access requests.
ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-account-logon-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other Account Logon Events (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Other Account Logon Events, which allows you to audit events generated by responses to credential requests submitted for a user account logon that are not credential validation or Kerberos tickets.
description: The policy setting, Audit Other Account Logon Events, allows you to audit events generated by responses to credential requests for certain kinds of user logons.
ms.assetid: c8c6bfe0-33d2-4600-bb1a-6afa840d75b3
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-account-management-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other Account Management Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Account Management Events, which determines whether the operating system generates user account management audit events.
description: The Advanced Security Audit policy setting, Audit Other Account Management Events, determines if user account management audit events are generated.
ms.assetid: 4ce22eeb-a96f-4cf9-a46d-6642961a31d5
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other Logon/Logoff Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, which determines whether Windows generates audit events for other logon or logoff events.
description: The Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, determines if Windows generates audit events for other logon or logoff events.
ms.assetid: 76d987cd-1917-4907-a739-dd642609a458
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-object-access-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other Object Access Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Object Access Events, which determines whether the operating system generates audit events for the management of Task Scheduler jobs or COM+ objects.
description: The policy setting, Audit Other Object Access Events, determines if audit events are generated for the management of Task Scheduler jobs or COM+ objects.
ms.assetid: b9774595-595d-4199-b0c5-8dbc12b6c8b2
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-policy-change-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other Policy Change Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Policy Change Events, which determines whether the operating system generates audit events for security policy changes that are not otherwise audited in the Policy Change category.
description: The policy setting, Audit Other Policy Change Events, determines if audit events are generated for security policy changes that are not otherwise audited.
ms.assetid: 8618502e-c21c-41cc-8a49-3dc1eb359e60
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-other-system-events.md
View File

@ -1,6 +1,6 @@
---
title: Audit Other System Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other System Events, which determines whether the operating system audits various system events.
description: The Advanced Security Audit policy setting, Audit Other System Events, determines if the operating system audits various system events.
ms.assetid: 2401e4cc-d94e-41ec-82a7-e10914295f8b
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-pnp-activity.md
View File

@ -1,6 +1,6 @@
---
title: Audit PNP Activity (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit PNP Activity, which determines when plug and play detects an external device.
description: The advanced security audit policy setting, Audit PNP Activity, determines when plug and play detects an external device.
ms.assetid: A3D87B3B-EBBE-442A-953B-9EB75A5F600E
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-process-creation.md
View File

@ -1,6 +1,6 @@
---
title: Audit Process Creation (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Creation, which determines whether the operating system generates audit events when a process is created (starts).
description: The Advanced Security Audit policy setting, Audit Process Creation, determines if audit events are generated when a process is created (starts).
ms.assetid: 67e39fcd-ded6-45e8-b1b6-d411e4e93019
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-process-termination.md
View File

@ -1,6 +1,6 @@
---
title: Audit Process Termination (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Termination, which determines whether the operating system generates audit events when an attempt is made to end a process.
description: The Advanced Security Audit policy setting, Audit Process Termination, determines if audit events are generated when an attempt is made to end a process.
ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-registry.md
View File

@ -1,6 +1,6 @@
---
title: Audit Registry (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Registry, which determines whether the operating system generates audit events when users attempt to access registry objects.
description: The Advanced Security Audit policy setting, Audit Registry, determines if audit events are generated when users attempt to access registry objects.
ms.assetid: 02bcc23b-4823-46ac-b822-67beedf56b32
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-removable-storage.md
View File

@ -1,6 +1,6 @@
---
title: Audit Removable Storage (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Removable Storage, which determines when there is a read or a write to a removable drive.
description: The Advanced Security Audit policy setting, Audit Removable Storage, determines when there is a read or a write to a removable drive.
ms.assetid: 1746F7B3-8B41-4661-87D8-12F734AFFB26
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-sam.md
View File

@ -1,6 +1,6 @@
---
title: Audit SAM (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit SAM, which enables you to audit events that are generated by attempts to access Security Account Manager (SAM) objects.
description: The Advanced Security Audit policy setting, Audit SAM, enables you to audit events generated by attempts to access Security Account Manager (SAM) objects.
ms.assetid: 1d00f955-383d-4c95-bbd1-fab4a991a46e
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-security-group-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Security Group Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Security Group Management, which determines whether the operating system generates audit events when specific security group management tasks are performed.
description: The policy setting, Audit Security Group Management, determines if audit events are generated when specific security group management tasks are performed.
ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-security-state-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Security State Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
description: The policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
ms.assetid: decb3218-a67d-4efa-afc0-337c79a89a2d
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-security-system-extension.md
View File

@ -1,6 +1,6 @@
---
title: Audit Security System Extension (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Security System Extension, which determines whether the operating system generates audit events related to security system extensions.
description: The Advanced Security Audit policy setting, Audit Security System Extension, determines if audit events related to security system extensions are generated.
ms.assetid: 9f3c6bde-42b2-4a0a-b353-ed3106ebc005
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
View File

@ -1,6 +1,6 @@
---
title: Audit Sensitive Privilege Use (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Sensitive Privilege Use, which determines whether the operating system generates audit events when sensitive privileges (user rights) are used.
description: The policy setting, Audit Sensitive Privilege Use, determines if the operating system generates audit events when sensitive privileges (user rights) are used.
ms.assetid: 915abf50-42d2-45f6-9fd1-e7bd201b193d
ms.reviewer:
manager: dansimp

Some files were not shown because too many files have changed in this diff Show More