From 32b06c4da9b4888ebcfaf5cda1e88966f7dbd389 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Thu, 25 Jul 2024 12:32:41 -0400
Subject: [PATCH] Update security features documentation

---
 windows/security/book/subject-index.md | 194 ++++++++++++-------------
 1 file changed, 97 insertions(+), 97 deletions(-)

diff --git a/windows/security/book/subject-index.md b/windows/security/book/subject-index.md
index c5434bc344..d1e6892f99 100644
--- a/windows/security/book/subject-index.md
+++ b/windows/security/book/subject-index.md
@@ -11,130 +11,130 @@ ms.date: 06/17/2024
 
 :::image type="content" source="images/security-foundation.png" alt-text="Diagram containing a list of security features." border="false":::
 
-Common Criteria (CC)
-Federal Information Processing Standard (FIPS)
-Microsoft Offensive Research and Security Engineering
-Microsoft Security Development Lifecycle (SDL)
-OneFuzz service
-Software bill of materials (SBOM)
-Windows App software development kit (SDK)
-Windows Insider and Bug Bounty program
+- Common Criteria (CC)
+- Federal Information Processing Standard (FIPS)
+- Microsoft Offensive Research and Security Engineering
+- Microsoft Security Development Lifecycle (SDL)
+- OneFuzz service
+- Software bill of materials (SBOM)
+- Windows App software development kit (SDK)
+- Windows Insider and Bug Bounty program
 
 ## Hardware security
 
 :::image type="content" source="images/hardware.png" alt-text="Diagram containing a list of security features." lightbox="images/hardware.png" border="false":::
 
-Hardware-enforced stack protection
-Kernel Direct Memory Access (DMA) protection
-Microsoft Pluton security processor
-Secured kernel
-Secured-core PC
-Trusted Platform Module (TPM)
+- Hardware-enforced stack protection
+- Kernel Direct Memory Access (DMA) protection
+- Microsoft Pluton security processor
+- Secured kernel
+- Secured-core PC
+- Trusted Platform Module (TPM)
 
 ## Operating system security
 
 :::image type="content" source="images/operating-system.png" alt-text="Diagram containing a list of security features." lightbox="images/operating-system.png" border="false":::
 
-5G and eSIM
-Assigned Access
-Attack surface reduction
-BitLocker
-BitLocker To Go
-Bluetooth protection
-Certificates
-Code signing and integrity
-Config Refresh
-Controlled folder access
-Cryptography
-Device Encryption
-Device health attestation
-DNS security
-Email encryption
-Encrypted hard drive
-Exploit protection
-Microsoft Defender Antivirus
-Microsoft Defender for Endpoint
-Microsoft Defender SmartScreen
-Personal data encryption
-Securing Wi-Fi connections
-Server Message Block file services
-Tamper protection
-Transport layer security (TLS)
-Trusted Boot (Secure Boot + Measured Boot)
-Virtual private networks (VPN)
-Windows Firewall
-Windows security policy settings and auditing
-Windows security settings
+- 5G and eSIM
+- Assigned Access
+- Attack surface reduction
+- BitLocker
+- BitLocker To Go
+- Bluetooth protection
+- Certificates
+- Code signing and integrity
+- Config Refresh
+- Controlled folder access
+- Cryptography
+- Device Encryption
+- Device health attestation
+- DNS security
+- Email encryption
+- Encrypted hard drive
+- Exploit protection
+- Microsoft Defender Antivirus
+- Microsoft Defender for Endpoint
+- Microsoft Defender SmartScreen
+- Personal data encryption
+- Securing Wi-Fi connections
+- Server Message Block file services
+- Tamper protection
+- Transport layer security (TLS)
+- Trusted Boot (Secure Boot + Measured Boot)
+- Virtual private networks (VPN)
+- Windows Firewall
+- Windows security policy settings and auditing
+- Windows security settings
 
 ## Application security
 
 :::image type="content" source="images/application-security.png" alt-text="Diagram containing a list of security features." lightbox="images/application-security.png" border="false":::
 
-App containers
-App Control for Business
-Microsoft vulnerable driver blocklist
-Smart App Control
-Trusted signing
-User Account Control
-Win32 app isolation
-Windows Sandbox
-Windows Subsystem for Linux (WSL)
+- App containers
+- App Control for Business
+- Microsoft vulnerable driver blocklist
+- Smart App Control
+- Trusted signing
+- User Account Control
+- Win32 app isolation
+- Windows Sandbox
+- Windows Subsystem for Linux (WSL)
 
 ## Identity protection
 
 :::image type="content" source="images/identity-protection.png" alt-text="Diagram containing a list of security features." lightbox="images/identity-protection.png" border="false":::
 
-Access management and control
-Account lockout policies
-Credential Guard
-Enhanced phishing protection with Microsoft Defender SmartScreen
-Federated sign-in
-FIDO support
-Local Security Authority (LSA) protection
-Microsoft Authenticator
-Passkeys
-Remote Credential Guard
-Smart cards for Windows service
-Token protection
-VBS Key Protection
-Windows Hello
-Windows Hello biometric sign-in
-Windows Hello Enhanced Sign-in Security
-Windows Hello for Business
-Windows Hello for Business multi-factor unlock
-Windows Hello PIN
-Windows passwordless experience
-Windows presence sensing
+- Access management and control
+- Account lockout policies
+- Credential Guard
+- Enhanced phishing protection with Microsoft Defender SmartScreen
+- Federated sign-in
+- FIDO support
+- Local Security Authority (LSA) protection
+- Microsoft Authenticator
+- Passkeys
+- Remote Credential Guard
+- Smart cards for Windows service
+- Token protection
+- VBS Key Protection
+- Windows Hello
+- Windows Hello biometric sign-in
+- Windows Hello Enhanced Sign-in Security
+- Windows Hello for Business
+- Windows Hello for Business multi-factor unlock
+- Windows Hello PIN
+- Windows passwordless experience
+- Windows presence sensing
 
 ## Privacy
 
 :::image type="content" source="images/privacy.png" alt-text="Diagram containing a list of security features." lightbox="images/privacy.png" border="false":::
 
-Privacy dashboard and report
-Privacy transparency and controls
-Privacy resource usage
-Windows diagnostic data processor configuration
+- Privacy dashboard and report
+- Privacy transparency and controls
+- Privacy resource usage
+- Windows diagnostic data processor configuration
 
 ## Cloud services
 
 :::image type="content" source="images/cloud-security.png" alt-text="Diagram containing a list of security features." lightbox="images/cloud-security.png" border="false":::
 
-Enterprise State Roaming with Azure
-Find my device
-MDM enrollment certificate attestation
-MDM security baseline
-Microsoft Account
-Microsoft Azure Attestation Service
-Microsoft Entra ID
-Microsoft Intune
-Microsoft security baselines
-Modern device management through (MDM)
-OneDrive for personal
-OneDrive for work or school
-OneDrive Personal Vault
-Remote Wipe
-Universal Print
-User reauthentication before password disablement
-Windows Autopatch
-Windows Autopilot and zero-touch deployment
-Windows Update for Business deployment service
+- Enterprise State Roaming with Azure
+- Find my device
+- MDM enrollment certificate attestation
+- MDM security baseline
+- Microsoft Account
+- Microsoft Azure Attestation Service
+- Microsoft Entra ID
+- Microsoft Intune
+- Microsoft security baselines
+- Modern device management through (MDM)
+- OneDrive for personal
+- OneDrive for work or school
+- OneDrive Personal Vault
+- Remote Wipe
+- Universal Print
+- User reauthentication before password disablement
+- Windows Autopatch
+- Windows Autopilot and zero-touch deployment
+- Windows Update for Business deployment service