deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into Ashok-Lobo-5441097

Browse Source
This commit is contained in:
Ashok Lobo
2021-09-30 17:27:16 +05:30
parent 5e27c5ce8a b80b74a37c
commit 36a0dcc553
181 changed files with 7081 additions and 6591 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
windows/security/identity-protection/TOC.yml
View File

@ -1,132 +0,0 @@
- name: Identity and access management
href: index.md
items:
- name: Technical support policy for lost or forgotten passwords
href: password-support-policy.md
- name: Access Control Overview
href: access-control/access-control.md
items:
- name: Dynamic Access Control Overview
href: access-control/dynamic-access-control.md
- name: Security identifiers
href: access-control/security-identifiers.md
- name: Security Principals
href: access-control/security-principals.md
- name: Local Accounts
href: access-control/local-accounts.md
- name: Active Directory Accounts
href: access-control/active-directory-accounts.md
- name: Microsoft Accounts
href: access-control/microsoft-accounts.md
- name: Service Accounts
href: access-control/service-accounts.md
- name: Active Directory Security Groups
href: access-control/active-directory-security-groups.md
- name: Special Identities
href: access-control/special-identities.md
- name: User Account Control
href: user-account-control\user-account-control-overview.md
items:
- name: How User Account Control works
href: user-account-control\how-user-account-control-works.md
- name: User Account Control security policy settings
href: user-account-control\user-account-control-security-policy-settings.md
- name: User Account Control Group Policy and registry key settings
href: user-account-control\user-account-control-group-policy-and-registry-key-settings.md
- name: Windows Hello for Business
href: hello-for-business/index.yml
- name: Protect derived domain credentials with Credential Guard
href: credential-guard/credential-guard.md
items:
- name: How Credential Guard works
href: credential-guard/credential-guard-how-it-works.md
- name: Credential Guard Requirements
href: credential-guard/credential-guard-requirements.md
- name: Manage Credential Guard
href: credential-guard/credential-guard-manage.md
- name: Hardware readiness tool
href: credential-guard/dg-readiness-tool.md
- name: Credential Guard protection limits
href: credential-guard/credential-guard-protection-limits.md
- name: Considerations when using Credential Guard
href: credential-guard/credential-guard-considerations.md
- name: "Credential Guard: Additional mitigations"
href: credential-guard/additional-mitigations.md
- name: "Credential Guard: Known issues"
href: credential-guard/credential-guard-known-issues.md
- name: Protect Remote Desktop credentials with Remote Credential Guard
href: remote-credential-guard.md
- name: Smart Cards
href: smart-cards/smart-card-windows-smart-card-technical-reference.md
items:
- name: How Smart Card Sign-in Works in Windows
href: smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
items:
- name: Smart Card Architecture
href: smart-cards/smart-card-architecture.md
- name: Certificate Requirements and Enumeration
href: smart-cards/smart-card-certificate-requirements-and-enumeration.md
- name: Smart Card and Remote Desktop Services
href: smart-cards/smart-card-and-remote-desktop-services.md
- name: Smart Cards for Windows Service
href: smart-cards/smart-card-smart-cards-for-windows-service.md
- name: Certificate Propagation Service
href: smart-cards/smart-card-certificate-propagation-service.md
- name: Smart Card Removal Policy Service
href: smart-cards/smart-card-removal-policy-service.md
- name: Smart Card Tools and Settings
href: smart-cards/smart-card-tools-and-settings.md
items:
- name: Smart Cards Debugging Information
href: smart-cards/smart-card-debugging-information.md
- name: Smart Card Group Policy and Registry Settings
href: smart-cards/smart-card-group-policy-and-registry-settings.md
- name: Smart Card Events
href: smart-cards/smart-card-events.md
- name: Virtual Smart Cards
href: virtual-smart-cards\virtual-smart-card-overview.md
items:
- name: Understanding and Evaluating Virtual Smart Cards
href: virtual-smart-cards\virtual-smart-card-understanding-and-evaluating.md
items:
- name: "Get Started with Virtual Smart Cards: Walkthrough Guide"
href: virtual-smart-cards\virtual-smart-card-get-started.md
- name: Use Virtual Smart Cards
href: virtual-smart-cards\virtual-smart-card-use-virtual-smart-cards.md
- name: Deploy Virtual Smart Cards
href: virtual-smart-cards\virtual-smart-card-deploy-virtual-smart-cards.md
- name: Evaluate Virtual Smart Card Security
href: virtual-smart-cards\virtual-smart-card-evaluate-security.md
- name: Tpmvscmgr
href: virtual-smart-cards\virtual-smart-card-tpmvscmgr.md
- name: Enterprise Certificate Pinning
href: enterprise-certificate-pinning.md
- name: Windows 10 credential theft mitigation guide abstract
href: windows-credential-theft-mitigation-guide-abstract.md
- name: Configure S/MIME for Windows 10
href: configure-s-mime.md
- name: VPN technical guide
href: vpn\vpn-guide.md
items:
- name: VPN connection types
href: vpn\vpn-connection-type.md
- name: VPN routing decisions
href: vpn\vpn-routing.md
- name: VPN authentication options
href: vpn\vpn-authentication.md
- name: VPN and conditional access
href: vpn\vpn-conditional-access.md
- name: VPN name resolution
href: vpn\vpn-name-resolution.md
- name: VPN auto-triggered profile options
href: vpn\vpn-auto-trigger-profile.md
- name: VPN security features
href: vpn\vpn-security-features.md
- name: VPN profile options
href: vpn\vpn-profile-options.md
- name: How to configure Diffie Hellman protocol over IKEv2 VPN connections
href: vpn\how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
- name: How to use single sign-on (SSO) over VPN and Wi-Fi connections
href: vpn\how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
- name: Optimizing Office 365 traffic with the Windows 10 VPN client
href: vpn\vpn-office-365-optimization.md

36
windows/security/identity-protection/change-history-for-access-protection.md
View File

@ -1,36 +0,0 @@
---
title: Change history for access protection (Windows 10)
description: This topic lists new and updated topics in the Windows 10 access protection documentation for Windows 10.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
audience: ITPro
author: dansimp
ms.author: dansimp
manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
ms.localizationpriority: medium
ms.date: 08/11/2017
ms.reviewer:
---
# Change history for access protection
This topic lists new and updated topics in the [Access protection](index.md) documentation.
## August 2017
|New or changed topic |Description |
|---------------------|------------|
|[Microsoft accounts](access-control/microsoft-accounts.md) |Revised to cover new Group Policy setting in Windows 10, version 1703, named **Block all consumer Microsoft account user authentication**.|
## June 2017
|New or changed topic |Description |
|---------------------|------------|
|[How hardware-based containers help protect Windows 10](/windows/security/threat-protection/windows-defender-atp/how-hardware-based-containers-help-protect-windows) | New |
## March 2017
|New or changed topic |Description |
|---------------------|------------|
|[Protect derived domain credentials with Credential Guard](credential-guard/credential-guard.md) |Updated to include additional security qualifications starting with Window 10, version 1703.|

13
windows/security/identity-protection/configure-s-mime.md
View File

@ -1,5 +1,5 @@
---
title: Configure S/MIME for Windows 10
title: Configure S/MIME for Windows
description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, also known as a certificate, can read them.
ms.assetid: 7F9C2A99-42EB-4BCC-BB53-41C04FBBBF05
ms.reviewer:
@ -19,16 +19,17 @@ ms.date: 07/27/2017
---
# Configure S/MIME for Windows 10
# Configure S/MIME for Windows
**Applies to**
- Windows 10
- Windows 10
- Windows 11
S/MIME stands for Secure/Multipurpose Internet Mail Extensions, and provides an added layer of security for email sent to and from an Exchange ActiveSync (EAS) account. In Windows 10, S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients who have a digital identification (ID), also known as a certificate, can read them. Users can digitally sign a message, which provides the recipients with a way to verify the identity of the sender and that the message hasn't been tampered with.
S/MIME stands for Secure/Multipurpose Internet Mail Extensions, and provides an added layer of security for email sent to and from an Exchange ActiveSync (EAS) account. S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients who have a digital identification (ID), also known as a certificate, can read them. Users can digitally sign a message, which provides the recipients with a way to verify the identity of the sender and that the message hasn't been tampered with.
## About message encryption
Users can send encrypted message to people in their organization and people outside their organization if they have their encryption certificates. However, users using Windows 10 Mail app can only read encrypted messages if the message is received on their Exchange account and they have corresponding decryption keys.
Users can send encrypted message to people in their organization and people outside their organization if they have their encryption certificates. However, users using Windows Mail app can only read encrypted messages if the message is received on their Exchange account and they have corresponding decryption keys.
Encrypted messages can be read only by recipients who have a certificate. If you try to send an encrypted message to recipient(s) whose encryption certificate are not available, the app will prompt you to remove these recipients before sending the email.
@ -48,7 +49,7 @@ A digitally signed message reassures the recipient that the message hasn't been
On the device, perform the following steps: (add select certificate)
1. Open the Mail app. (In Windows 10 Mobile, the app is Outlook Mail.)
1. Open the Mail app.
2. Open **Settings** by tapping the gear icon on a PC, or the ellipsis (...) and then the gear icon on a phone.

8
windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md
View File

@ -1,6 +1,6 @@
---
title: Windows 10 Credential Theft Mitigation Guide Abstract (Windows 10)
description: Provides a summary of the Windows 10 credential theft mitigation guide.
title: Windows Credential Theft Mitigation Guide Abstract
description: Provides a summary of the Windows credential theft mitigation guide.
ms.assetid: 821ddc1a-f401-4732-82a7-40d1fff5a78a
ms.reviewer:
ms.prod: w10
@ -17,12 +17,12 @@ ms.localizationpriority: medium
ms.date: 04/19/2017
---
# Windows 10 Credential Theft Mitigation Guide Abstract
# Windows Credential Theft Mitigation Guide Abstract
**Applies to**
- Windows 10
This topic provides a summary of the Windows 10 credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows%2010%20credential%20theft%20mitigation%20guide.docx).
This topic provides a summary of the Windows credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows%2010%20credential%20theft%20mitigation%20guide.docx).
This guide explains how credential theft attacks occur and the strategies and countermeasures you can implement to mitigate them, following these security stages:
- Identify high-value assets