updating index and toc

windows/access-protection/TOC.md

@@ -1 +1,190 @@
-# [Index](index.md)
+# [Access protection](access-control/access-control.md)
+
+## [Access Control Overview](access-control/access-control.md)
+### [Dynamic Access Control Overview](access-control/dynamic-access-control.md)
+### [Security identifiers](access-control/security-identifiers.md)
+### [Security Principals](access-control/security-principals.md)
+### [Local Accounts](access-control/local-accounts.md)
+### [Active Directory Accounts](access-control/active-directory-accounts.md)
+### [Microsoft Accounts](access-control/microsoft-accounts.md)
+### [Service Accounts](access-control/service-accounts.md)
+### [Active Directory Security Groups](access-control/active-directory-security-groups.md)
+### [Special Identities](access-control/special-identities.md)
+
+## [Configure S/MIME for Windows 10 and Windows 10 Mobile](configure-s-mime.md)
+
+## [Enterprise Certificate Pinning](enterprise-certificate-pinning.md)
+
+## [Install digital certificates on Windows 10 Mobile](installing-digital-certificates-on-windows-10-mobile.md)
+
+## [Protect derived domain credentials with Credential Guard](credential-guard/credential-guard.md)
+### [How Credential Guard works](credential-guard/credential-guard-how-it-works.md)
+### [Credential Guard Requirements](credential-guard/credential-guard-requirements.md)
+### [Manage Credential Guard](credential-guard/credential-guard-manage.md)
+### [Credential Guard protection limits](credential-guard/credential-guard-protection-limits.md)
+### [Considerations when using Credential Guard](credential-guard/credential-guard-considerations.md)
+### [Credential Guard: Additional mitigations](credential-guard/additional-mitigations.md)
+
+
+
+## [Protect Remote Desktop credentials with Remote Credential Guard](remote-credential-guard.md)
+
+## [Smart Cards](smart-cards/smart-card-windows-smart-card-technical-reference.md)
+### [How Smart Card Sign-in Works in Windows](smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md)
+#### [Smart Card Architecture](smart-cards/smart-card-architecture.md)
+#### [Certificate Requirements and Enumeration](smart-cards/smart-card-certificate-requirements-and-enumeration.md)
+#### [Smart Card and Remote Desktop Services](smart-cards/smart-card-and-remote-desktop-services.md)
+#### [Smart Cards for Windows Service](smart-cards/smart-card-smart-cards-for-windows-service.md)
+#### [Certificate Propagation Service](smart-cards/smart-card-certificate-propagation-service.md)
+#### [Smart Card Removal Policy Service](smart-cards/smart-card-removal-policy-service.md)
+### [Smart Card Tools and Settings](smart-cards/smart-card-tools-and-settings.md)
+#### [Smart Cards Debugging Information](smart-cards/smart-card-debugging-information.md)
+#### [Smart Card Group Policy and Registry Settings](smart-cards/smart-card-group-policy-and-registry-settings.md)
+#### [Smart Card Events](smart-cards/smart-card-events.md)
+
+### [User Account Control](user-account-control\user-account-control-overview.md)
+#### [How User Account Control works](user-account-control\how-user-account-control-works.md)
+#### [User Account Control security policy settings](user-account-control\user-account-control-security-policy-settings.md)
+#### [User Account Control Group Policy and registry key settings](user-account-control\user-account-control-group-policy-and-registry-key-settings.md)
+
+### [Virtual Smart Cards](virtual-smart-cards\virtual-smart-card-overview.md)
+### [Virtual Smart Cards](virtual-smart-cards\virtual-smart-card-overview.md)
+#### [Understanding and Evaluating Virtual Smart Cards](virtual-smart-cards\virtual-smart-card-understanding-and-evaluating.md)
+##### [Get Started with Virtual Smart Cards: Walkthrough Guide](virtual-smart-cards\virtual-smart-card-get-started.md)
+##### [Use Virtual Smart Cards](virtual-smart-cards\virtual-smart-card-use-virtual-smart-cards.md)
+##### [Deploy Virtual Smart Cards](virtual-smart-cards\virtual-smart-card-deploy-virtual-smart-cards.md)
+##### [Evaluate Virtual Smart Card Security](virtual-smart-cards\virtual-smart-card-evaluate-security.md)
+#### [Tpmvscmgr](virtual-smart-cards\virtual-smart-card-tpmvscmgr.md)
+
+
+## [VPN technical guide](vpn\vpn-guide.md)
+### [VPN connection types](vpn\vpn-connection-type.md)
+### [VPN routing decisions](vpn\vpn-routing.md)
+### [VPN authentication options](vpn\vpn-authentication.md)
+### [VPN and conditional access](vpn\vpn-conditional-access.md)
+### [VPN name resolution](vpn\vpn-name-resolution.md)
+### [VPN auto-triggered profile options](vpn\vpn-auto-trigger-profile.md)
+### [VPN security features](vpn\vpn-security-features.md)
+### [VPN profile options](vpn\vpn-profile-options.md)
+### [How to use single sign-on (SSO) over VPN and Wi-Fi connections](vpn\how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md)
+### [Windows 10 credential theft mitigation guide abstract](windows-credential-theft-mitigation-guide-abstract.md)
+
+## [Windows Firewall with Advanced Security](windows-firewall/windows-firewall-with-advanced-security.md)
+### [Isolating Windows Store Apps on Your Network](windows-firewall/isolating-apps-on-your-network.md)
+### [Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012](windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md)
+### [Windows Firewall with Advanced Security Administration with Windows PowerShell](windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md)
+### [Windows Firewall with Advanced Security Design Guide](windows-firewall/windows-firewall-with-advanced-security-design-guide.md)
+#### [Understanding the Windows Firewall with Advanced Security Design Process](windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md)
+#### [Identifying Your Windows Firewall with Advanced Security Deployment Goals](windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md)
+##### [Protect Devices from Unwanted Network Traffic](windows-firewall/protect-devices-from-unwanted-network-traffic.md)
+##### [Restrict Access to Only Trusted Devices](windows-firewall/restrict-access-to-only-trusted-devices.md)
+##### [Require Encryption When Accessing Sensitive Network Resources](windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md)
+##### [Restrict Access to Only Specified Users or Computers](windows-firewall/restrict-access-to-only-specified-users-or-devices.md)
+#### [Mapping Your Deployment Goals to a Windows Firewall with Advanced Security Design](windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md)
+##### [Basic Firewall Policy Design](windows-firewall/basic-firewall-policy-design.md)
+##### [Domain Isolation Policy Design](windows-firewall/domain-isolation-policy-design.md)
+##### [Server Isolation Policy Design](windows-firewall/server-isolation-policy-design.md)
+##### [Certificate-based Isolation Policy Design](windows-firewall/certificate-based-isolation-policy-design.md)
+#### [Evaluating Windows Firewall with Advanced Security Design Examples](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
+##### [Firewall Policy Design Example](windows-firewall/firewall-policy-design-example.md)
+##### [Domain Isolation Policy Design Example](windows-firewall/domain-isolation-policy-design-example.md)
+##### [Server Isolation Policy Design Example](windows-firewall/server-isolation-policy-design-example.md)
+##### [Certificate-based Isolation Policy Design Example](windows-firewall/certificate-based-isolation-policy-design-example.md)
+#### [Designing a Windows Firewall with Advanced Security Strategy](windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md)
+##### [Gathering the Information You Need](windows-firewall/gathering-the-information-you-need.md)
+###### [Gathering Information about Your Current Network Infrastructure](windows-firewall/gathering-information-about-your-current-network-infrastructure.md)
+###### [Gathering Information about Your Active Directory Deployment](windows-firewall/gathering-information-about-your-active-directory-deployment.md)
+###### [Gathering Information about Your Computers](windows-firewall/gathering-information-about-your-devices.md)
+###### [Gathering Other Relevant Information](windows-firewall/gathering-other-relevant-information.md)
+##### [Determining the Trusted State of Your Computers](windows-firewall/determining-the-trusted-state-of-your-devices.md)
+#### [Planning Your Windows Firewall with Advanced Security Design](windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md)
+##### [Planning Settings for a Basic Firewall Policy](windows-firewall/planning-settings-for-a-basic-firewall-policy.md)
+##### [Planning Domain Isolation Zones](windows-firewall/planning-domain-isolation-zones.md)
+###### [Exemption List](windows-firewall/exemption-list.md)
+###### [Isolated Domain](windows-firewall/isolated-domain.md)
+###### [Boundary Zone](windows-firewall/boundary-zone.md)
+###### [Encryption Zone](windows-firewall/encryption-zone.md)
+##### [Planning Server Isolation Zones](windows-firewall/planning-server-isolation-zones.md)
+##### [Planning Certificate-based Authentication](windows-firewall/planning-certificate-based-authentication.md)
+###### [Documenting the Zones](windows-firewall/documenting-the-zones.md)
+###### [Planning Group Policy Deployment for Your Isolation Zones](windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md)
+####### [Planning Isolation Groups for the Zones](windows-firewall/planning-isolation-groups-for-the-zones.md)
+####### [Planning Network Access Groups](windows-firewall/planning-network-access-groups.md)
+####### [Planning the GPOs](windows-firewall/planning-the-gpos.md)
+######## [Firewall GPOs](windows-firewall/firewall-gpos.md)
+######### [GPO_DOMISO_Firewall](windows-firewall/gpo-domiso-firewall.md)
+######## [Isolated Domain GPOs](windows-firewall/isolated-domain-gpos.md)
+######### [GPO_DOMISO_IsolatedDomain_Clients](windows-firewall/gpo-domiso-isolateddomain-clients.md)
+######### [GPO_DOMISO_IsolatedDomain_Servers](windows-firewall/gpo-domiso-isolateddomain-servers.md)
+######## [Boundary Zone GPOs](windows-firewall/boundary-zone-gpos.md)
+######### [GPO_DOMISO_Boundary](windows-firewall/gpo-domiso-boundary.md)
+######## [Encryption Zone GPOs](windows-firewall/encryption-zone-gpos.md)
+######### [GPO_DOMISO_Encryption](windows-firewall/gpo-domiso-encryption.md)
+######## [Server Isolation GPOs](windows-firewall/server-isolation-gpos.md)
+####### [Planning GPO Deployment](windows-firewall/planning-gpo-deployment.md)
+#### [Appendix A: Sample GPO Template Files for Settings Used in this Guide](windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md)
+### [Windows Firewall with Advanced Security Deployment Guide](windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md)
+#### [Planning to Deploy Windows Firewall with Advanced Security](windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md)
+#### [Implementing Your Windows Firewall with Advanced Security Design Plan](windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md)
+#### [Checklist: Creating Group Policy Objects](windows-firewall/checklist-creating-group-policy-objects.md)
+#### [Checklist: Implementing a Basic Firewall Policy Design](windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md)
+#### [Checklist: Configuring Basic Firewall Settings](windows-firewall/checklist-configuring-basic-firewall-settings.md)
+#### [Checklist: Creating Inbound Firewall Rules](windows-firewall/checklist-creating-inbound-firewall-rules.md)
+#### [Checklist: Creating Outbound Firewall Rules](windows-firewall/checklist-creating-outbound-firewall-rules.md)
+#### [Checklist: Implementing a Domain Isolation Policy Design](windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md)
+##### [Checklist: Configuring Rules for the Isolated Domain](windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md)
+##### [Checklist: Configuring Rules for the Boundary Zone](windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md)
+##### [Checklist: Configuring Rules for the Encryption Zone](windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md)
+##### [Checklist: Configuring Rules for an Isolated Server Zone](windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md)
+#### [Checklist: Implementing a Standalone Server Isolation Policy Design](windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md)
+##### [Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone](windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md)
+##### [Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone](windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md)
+#### [Checklist: Implementing a Certificate-based Isolation Policy Design](windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md)
+#### [Procedures Used in This Guide](windows-firewall/procedures-used-in-this-guide.md)
+##### [Add Production Devices to the Membership Group for a Zone](windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md)
+##### [Add Test Devices to the Membership Group for a Zone](windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md)
+##### [Assign Security Group Filters to the GPO](windows-firewall/assign-security-group-filters-to-the-gpo.md)
+##### [Change Rules from Request to Require Mode](windows-firewall/change-rules-from-request-to-require-mode.md)
+##### [Configure Authentication Methods](windows-firewall/configure-authentication-methods.md)
+##### [Configure Data Protection (Quick Mode) Settings](windows-firewall/configure-data-protection-quick-mode-settings.md)
+##### [Configure Group Policy to Autoenroll and Deploy Certificates](windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md)
+##### [Configure Key Exchange (Main Mode) Settings](windows-firewall/configure-key-exchange-main-mode-settings.md)
+##### [Configure the Rules to Require Encryption](windows-firewall/configure-the-rules-to-require-encryption.md)
+##### [Configure the Windows Firewall Log](windows-firewall/configure-the-windows-firewall-log.md)
+##### [Configure the Workstation Authentication Certificate Template](windows-firewall/configure-the-workstation-authentication-certificate-template.md)
+##### [Configure Windows Firewall to Suppress Notifications When a Program Is Blocked](windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md)
+##### [Confirm That Certificates Are Deployed Correctly](windows-firewall/confirm-that-certificates-are-deployed-correctly.md)
+##### [Copy a GPO to Create a New GPO](windows-firewall/copy-a-gpo-to-create-a-new-gpo.md)
+##### [Create a Group Account in Active Directory](windows-firewall/create-a-group-account-in-active-directory.md)
+##### [Create a Group Policy Object](windows-firewall/create-a-group-policy-object.md)
+##### [Create an Authentication Exemption List Rule](windows-firewall/create-an-authentication-exemption-list-rule.md)
+##### [Create an Authentication Request Rule](windows-firewall/create-an-authentication-request-rule.md)
+##### [Create an Inbound ICMP Rule](windows-firewall/create-an-inbound-icmp-rule.md)
+##### [Create an Inbound Port Rule](windows-firewall/create-an-inbound-port-rule.md)
+##### [Create an Inbound Program or Service Rule](windows-firewall/create-an-inbound-program-or-service-rule.md)
+##### [Create an Outbound Port Rule](windows-firewall/create-an-outbound-port-rule.md)
+##### [Create an Outbound Program or Service Rule](windows-firewall/create-an-outbound-program-or-service-rule.md)
+##### [Create Inbound Rules to Support RPC](windows-firewall/create-inbound-rules-to-support-rpc.md)
+##### [Create WMI Filters for the GPO](windows-firewall/create-wmi-filters-for-the-gpo.md)
+##### [Enable Predefined Inbound Rules](windows-firewall/enable-predefined-inbound-rules.md)
+##### [Enable Predefined Outbound Rules](windows-firewall/enable-predefined-outbound-rules.md)
+##### [Exempt ICMP from Authentication](windows-firewall/exempt-icmp-from-authentication.md)
+##### [Link the GPO to the Domain](windows-firewall/link-the-gpo-to-the-domain.md)
+##### [Modify GPO Filters to Apply to a Different Zone or Version of Windows](windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md)
+##### [Open the Group Policy Management Console to IP Security Policies](windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md)
+##### [Open the Group Policy Management Console to Windows Firewall](windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md)
+##### [Open the Group Policy Management Console to Windows Firewall with Advanced Security](windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md)
+##### [Open Windows Firewall with Advanced Security](windows-firewall/open-windows-firewall-with-advanced-security.md)
+##### [Restrict Server Access to Members of a Group Only](windows-firewall/restrict-server-access-to-members-of-a-group-only.md)
+##### [Turn on Windows Firewall and Configure Default Behavior](windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md)
+##### [Verify That Network Traffic Is Authenticated](windows-firewall/verify-that-network-traffic-is-authenticated.md)
+
+## [Windows Hello for Business](hello-for-business/hello-identity-verification.md)
+### [How Windows Hello for Business works](hello-for-business/hello-how-it-works.md)
+### [Manage Windows Hello for Business in your organization](hello-for-business/hello-manage-in-organization.md)
+### [Why a PIN is better than a password](hello-for-business/hello-why-pin-is-better-than-password.md)
+### [Prepare people to use Windows Hello](hello-for-business/hello-prepare-people-to-use.md)
+### [Windows Hello and password changes](hello-for-business/hello-and-password-changes.md)
+### [Windows Hello errors during PIN creation](hello-for-business/hello-errors-during-pin-creation.md)
+### [Event ID 300 - Windows Hello successfully created](hello-for-business/hello-event-300.md)
+### [Windows Hello biometrics in the enterprise](hello-for-business/hello-biometrics-in-enterprise.md)

windows/access-protection/index.md

@@ -1 +1,28 @@
-# Welcome to win-access-protection!
+---
+title: Access protection (Windows 10)
+description: Learn more about access protection technologies in Windows 10 and Windows 10 Mobile.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Access protection
+
+Learn more about access protection technologies in Windows 10 and Windows 10 Mobile.
+
+| Section | Description |
+|-|-|
+| [Access control](access-control/access-control.md) | Describes access control in Windows, which is the process of authorizing users, groups, and computers to access objects on the network or computer. Key concepts that make up access control are permissions, ownership of objects, inheritance of permissions, user rights, and object auditing. |
+| [Configure S/MIME for Windows 10 and Windows 10 Mobile](configure-s-mime.md) | In Windows 10, S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients who have a digital identification (ID), also known as a certificate, can read them. Users can digitally sign a message, which provides the recipients with a way to verify the identity of the sender and that the message hasn't been tampered with. |
+| [Install digital certificates on Windows 10 Mobile](installing-digital-certificates-on-windows-10-mobile.md) | Digital certificates bind the identity of a user or computer to a pair of keys that can be used to encrypt and sign digital information. Certificates are issued by a certification authority (CA) that vouches for the identity of the certificate holder, and they enable secure client communications with websites and services. |
+| [Protect derived domain credentials with Credential Guard](credential-guard/credential-guard.md) | Introduced in Windows 10 Enterprise, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard helps prevent these attacks by protecting NTLM password hashes and Kerberos Ticket Granting Tickets. |
+| [Protect Remote Desktop credentials with Remote Credential Guard](remote-credential-guard.md) | Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that's requesting the connection. |
+| [User Account Control](user-account-control/user-account-control-overview.md)| Provides information about User Account Control (UAC), which helps prevent malware from damaging a PC and helps organizations deploy a better-managed desktop. UAC can help block the automatic installation of unauthorized apps and prevent inadvertent changes to system settings.|
+| [Virtual Smart Cards](virtual-smart-cards/virtual-smart-card-overview.md) | Provides information about deploying and managing virtual smart cards, which are functionally similar to physical smart cards and appear in Windows as smart cards that are always-inserted. Virtual smart cards use the Trusted Platform Module (TPM) chip that is available on computers in many organizations, rather than requiring the use of a separate physical smart card and reader. |
+| [VPN technical guide](vpn/vpn-guide.md) | Virtual private networks (VPN) let you give your users secure remote access to your company network. Windows 10 adds useful new VPN profile options to help you manage how users connect. |
+| [Smart Cards](smart-cards/smart-card-windows-smart-card-technical-reference.md) | Provides a collection of references topics about smart cards, which are tamper-resistant portable storage devices that can enhance the security of tasks such as authenticating clients, signing code, securing e-mail, and signing in with a Windows domain account. |
+| [Windows Hello for Business](hello-for-business/hello-identity-verification.md) | In Windows 10, Windows Hello replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and a biometric or PIN. |
+| [Windows Firewall with Advanced Security](windows-firewall/windows-firewall-with-advanced-security.md) | Provides information about Windows Firewall with Advanced Security, which is an important part of a layered security model. By providing host-based, two-way network traffic filtering for a device, Windows Firewall with Advanced Security blocks unauthorized network traffic flowing into or out of the local device. |
+| [Windows 10 Credential Theft Mitigation Guide Abstract](windows-credential-theft-mitigation-guide-abstract.md) | Learn more about credential theft mitigation in Windows 10. |

windows/application-management/TOC.md

@@ -1 +1,101 @@
-# [Index](index.md)
+# [Manage applications in Windows 10](index.md)
+## [Sideload apps](sideload-apps-in-windows-10.md)
+## [Application Virtualization (App-V) for Windows](app-v/appv-for-windows.md)
+### [Getting Started with App-V](app-v/appv-getting-started.md)
+#### [What's new in App-V for Windows 10, version 1703 and earlier](app-v/appv-about-appv.md)
+##### [Release Notes for App-V for Windows 10, version 1607](app-v/appv-release-notes-for-appv-for-windows.md)
+##### [Release Notes for App-V for Windows 10, version 1703](app-v/appv-release-notes-for-appv-for-windows-1703.md)
+#### [Evaluating App-V](app-v/appv-evaluating-appv.md)
+#### [High Level Architecture for App-V](app-v/appv-high-level-architecture.md)
+### [Planning for App-V](app-v/appv-planning-for-appv.md)
+#### [Preparing Your Environment for App-V](app-v/appv-preparing-your-environment.md)
+##### [App-V Prerequisites](app-v/appv-prerequisites.md)
+##### [App-V Security Considerations](app-v/appv-security-considerations.md)
+#### [Planning to Deploy App-V](app-v/appv-planning-to-deploy-appv.md)
+##### [App-V Supported Configurations](app-v/appv-supported-configurations.md)
+##### [App-V Capacity Planning](app-v/appv-capacity-planning.md)
+##### [Planning for High Availability with App-V](app-v/appv-planning-for-high-availability-with-appv.md)
+##### [Planning to Deploy App-V with an Electronic Software Distribution System](app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md)
+##### [Planning for the App-V Server Deployment](app-v/appv-planning-for-appv-server-deployment.md)
+##### [Planning for the App-V Sequencer and Client Deployment](app-v/appv-planning-for-sequencer-and-client-deployment.md)
+##### [Planning for Using App-V with Office](app-v/appv-planning-for-using-appv-with-office.md)
+##### [Planning to Use Folder Redirection with App-V](app-v/appv-planning-folder-redirection-with-appv.md)
+#### [App-V Planning Checklist](app-v/appv-planning-checklist.md)
+### [Deploying App-V](app-v/appv-deploying-appv.md)
+#### [Deploying the App-V Sequencer and Configuring the Client](app-v/appv-deploying-the-appv-sequencer-and-client.md)
+##### [About Client Configuration Settings](app-v/appv-client-configuration-settings.md)
+##### [Enable the App-V desktop client](app-v/appv-enable-the-app-v-desktop-client.md)
+##### [How to Install the Sequencer](app-v/appv-install-the-sequencer.md)
+#### [Deploying the App-V Server](app-v/appv-deploying-the-appv-server.md)
+##### [How to Deploy the App-V Server](app-v/appv-deploy-the-appv-server.md)
+##### [How to Deploy the App-V Server Using a Script](app-v/appv-deploy-the-appv-server-with-a-script.md)
+##### [How to Deploy the App-V Databases by Using SQL Scripts](app-v/appv-deploy-appv-databases-with-sql-scripts.md)
+##### [How to Install the Publishing Server on a Remote Computer](app-v/appv-install-the-publishing-server-on-a-remote-computer.md)
+##### [How to Install the Management and Reporting Databases on Separate Computers from the Management and Reporting Services](app-v/appv-install-the-management-and-reporting-databases-on-separate-computers.md)
+##### [How to install the Management Server on a Standalone Computer and Connect it to the Database ](app-v/appv-install-the-management-server-on-a-standalone-computer.md)
+##### [About App-V Reporting](app-v/appv-reporting.md)
+##### [How to install the Reporting Server on a Standalone Computer and Connect it to the Database](app-v/appv-install-the-reporting-server-on-a-standalone-computer.md)
+#### [App-V Deployment Checklist](app-v/appv-deployment-checklist.md)
+#### [Deploying Microsoft Office 2016 by Using App-V](app-v/appv-deploying-microsoft-office-2016-with-appv.md)
+#### [Deploying Microsoft Office 2013 by Using App-V](app-v/appv-deploying-microsoft-office-2013-with-appv.md)
+#### [Deploying Microsoft Office 2010 by Using App-V](app-v/appv-deploying-microsoft-office-2010-wth-appv.md)
+### [Operations for App-V](app-v/appv-operations.md)
+#### [Creating and Managing App-V Virtualized Applications](app-v/appv-creating-and-managing-virtualized-applications.md)
+##### [Automatically provision your sequencing environment using Microsoft Application Virtualization Sequencer (App-V Sequencer)](app-v/appv-auto-provision-a-vm.md)
+##### [Automatically sequence multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](app-v/appv-auto-batch-sequencing.md)
+##### [Automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](app-v/appv-auto-batch-updating.md)
+##### [Manually sequence a new app using Microsoft Application Virtualization Sequencer (App-V Sequencer)](app-v/appv-sequence-a-new-application.md)
+##### [How to Modify an Existing Virtual Application Package](app-v/appv-modify-an-existing-virtual-application-package.md)
+##### [How to Create and Use a Project Template](app-v/appv-create-and-use-a-project-template.md)
+##### [How to Create a Package Accelerator](app-v/appv-create-a-package-accelerator.md)
+##### [How to Create a Virtual Application Package Using an App-V Package Accelerator](app-v/appv-create-a-virtual-application-package-package-accelerator.md)
+#### [Administering App-V Virtual Applications by Using the Management Console](app-v/appv-administering-virtual-applications-with-the-management-console.md)
+##### [About App-V Dynamic Configuration](app-v/appv-dynamic-configuration.md)
+##### [How to Connect to the Management Console ](app-v/appv-connect-to-the-management-console.md)
+##### [How to Add or Upgrade Packages by Using the Management Console](app-v/appv-add-or-upgrade-packages-with-the-management-console.md)
+##### [How to Configure Access to Packages by Using the Management Console ](app-v/appv-configure-access-to-packages-with-the-management-console.md)
+##### [How to Publish a Package by Using the Management Console ](app-v/appv-publish-a-packages-with-the-management-console.md)
+##### [How to Delete a Package in the Management Console ](app-v/appv-delete-a-package-with-the-management-console.md)
+##### [How to Add or Remove an Administrator by Using the Management Console](app-v/appv-add-or-remove-an-administrator-with-the-management-console.md)
+##### [How to Register and Unregister a Publishing Server by Using the Management Console](app-v/appv-register-and-unregister-a-publishing-server-with-the-management-console.md)
+##### [How to Create a Custom Configuration File by Using the App-V Management Console](app-v/appv-create-a-custom-configuration-file-with-the-management-console.md)
+##### [How to Transfer Access and Configurations to Another Version of a Package by Using the Management Console](app-v/appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md)
+##### [How to Customize Virtual Applications Extensions for a Specific AD Group by Using the Management Console](app-v/appv-customize-virtual-application-extensions-with-the-management-console.md)
+##### [How to View and Configure Applications and Default Virtual Application Extensions by Using the Management Console ](app-v/appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md)
+#### [Managing Connection Groups](app-v/appv-managing-connection-groups.md)
+##### [About the Connection Group Virtual Environment](app-v/appv-connection-group-virtual-environment.md)
+##### [About the Connection Group File](app-v/appv-connection-group-file.md)
+##### [How to Create a Connection Group](app-v/appv-create-a-connection-group.md)
+##### [How to Create a Connection Group with User-Published and Globally Published Packages](app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md)
+##### [How to Delete a Connection Group](app-v/appv-delete-a-connection-group.md)
+##### [How to Publish a Connection Group](app-v/appv-publish-a-connection-group.md)
+##### [How to Make a Connection Group Ignore the Package Version](app-v/appv-configure-connection-groups-to-ignore-the-package-version.md)
+##### [How to Allow Only Administrators to Enable Connection Groups](app-v/appv-allow-administrators-to-enable-connection-groups.md)
+#### [Deploying App-V Packages by Using Electronic Software Distribution (ESD)](app-v/appv-deploying-packages-with-electronic-software-distribution-solutions.md)
+##### [How to deploy App-V Packages Using Electronic Software Distribution](app-v/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md)
+##### [How to Enable Only Administrators to Publish Packages by Using an ESD](app-v/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md)
+#### [Using the App-V Client Management Console](app-v/appv-using-the-client-management-console.md)
+##### [Automatically clean-up unpublished packages on the App-V client](app-v/appv-auto-clean-unpublished-packages.md)
+#### [Migrating to App-V from a Previous Version](app-v/appv-migrating-to-appv-from-a-previous-version.md)
+##### [How to Convert a Package Created in a Previous Version of App-V](app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md)
+#### [Maintaining App-V](app-v/appv-maintaining-appv.md)
+##### [How to Move the App-V Server to Another Computer](app-v/appv-move-the-appv-server-to-another-computer.md)
+#### [Administering App-V by Using Windows PowerShell](app-v/appv-administering-appv-with-powershell.md)
+##### [How to Load the Windows PowerShell Cmdlets for App-V and Get Cmdlet Help ](app-v/appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md)
+##### [How to Manage App-V Packages Running on a Stand-Alone Computer by Using Windows PowerShell](app-v/appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md)
+##### [How to Manage Connection Groups on a Stand-alone Computer by Using Windows PowerShell](app-v/appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md)
+##### [How to Modify Client Configuration by Using Windows PowerShell](app-v/appv-modify-client-configuration-with-powershell.md)
+##### [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md)
+##### [How to Apply the User Configuration File by Using Windows PowerShell](app-v/appv-apply-the-user-configuration-file-with-powershell.md)
+##### [How to Apply the Deployment Configuration File by Using Windows PowerShell](app-v/appv-apply-the-deployment-configuration-file-with-powershell.md)
+##### [How to Sequence a Package  by Using Windows PowerShell ](app-v/appv-sequence-a-package-with-powershell.md)
+##### [How to Create a Package Accelerator by Using Windows PowerShell](app-v/appv-create-a-package-accelerator-with-powershell.md)
+##### [How to Enable Reporting on the App-V Client by Using Windows PowerShell](app-v/appv-enable-reporting-on-the-appv-client-with-powershell.md)
+##### [How to Install the App-V Databases and Convert the Associated Security Identifiers  by Using Windows PowerShell](app-v/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md)
+### [Troubleshooting App-V](app-v/appv-troubleshooting.md)
+### [Technical Reference for App-V](app-v/appv-technical-reference.md)
+#### [Available Mobile Device Management (MDM) settings for App-V](app-v/appv-available-mdm-settings.md)
+#### [Performance Guidance for Application Virtualization](app-v/appv-performance-guidance.md)
+#### [Application Publishing and Client Interaction](app-v/appv-application-publishing-and-client-interaction.md)
+#### [Viewing App-V Server Publishing Metadata](app-v/appv-viewing-appv-server-publishing-metadata.md)
+#### [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md)

windows/application-management/index.md

@@ -1 +1,22 @@
-# Welcome to win-app-management!
+---
+title: Windows 10 application management    
+description: Windows 10 application management
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerMS
+localizationpriority: medium
+---
+
+# Windows 10 application management
+
+**Applies to**
+-   Windows 10
+
+Learn about managing applications in Window 10 and Windows 10 Mobile clients.
+
+
+| Topic | Description |
+|---|---|
+|[App-V](app-v/appv-getting-started.md)| Microsoft Application Virtualization (App-V) for Windows 10 enables organizations to deliver Win32 applications to users as virtual applications|
+|[Sideload apps in Windows 10](sideload-apps-in-windows-10.md)| Requirements and instructions for side-loading LOB applications on Windows 10 and Windows 10 Mobile clients|

windows/client-management/TOC.md

@@ -1 +1,10 @@
-# [Index](index.md)
+# [Manage clients in Windows 10](index.md)
+## [Create mandatory user profiles](mandatory-user-profile.md)
+## [Connect to remote Azure Active Directory-joined PC](connect-to-remote-aadj-pc.md)
+## [Join Windows 10 Mobile to Azure Active Directory](join-windows-10-mobile-to-azure-active-directory.md)
+## [New policies for Windows 10](new-policies-for-windows-10.md)
+## [Group Policies that apply only to Windows 10 Enterprise and Windows 10 Education](group-policies-for-enterprise-and-education-editions.md)
+## [Manage the Settings app with Group Policy](manage-settings-app-with-group-policy.md)
+## [Reset a Windows 10 Mobile device](reset-a-windows-10-mobile-device.md)
+## [Windows 10 Mobile deployment and management guide](windows-10-mobile-and-mdm.md)
+## [Windows libraries](windows-libraries.md)

windows/client-management/index.md

@@ -1 +1,30 @@
-# Welcome to win-client-management!
+---
+title: Client management (Windows 10)
+description: Windows 10 client management
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerMS
+localizationpriority: medium
+---
+
+# Client Management
+
+**Applies to**
+-   Windows 10
+
+Learn about the administrative tools, tasks and best practices for managing Windows 10 and Windows 10 Mobile clients across your enterprise.
+
+| Topic | Description |
+|---|---|
+|[Administrative tools in Windows 10](administrative-tools-in-windows-10.md)| Listing of administrative tools useful for ITPros and advanced users in managing Windows client.|
+|[Connect to remote AADJ PCs](connect-to-remote-aadj-pc.md)| Instructions for connecting to a remote PC joined to Azure Active Directory (Azure AD)|
+|[Group policies for enterprise and education editions](group-policies-for-enterprise-and-education-editions.md)| Listing of all group policy settings that apply specifically to Windows 10 Enterprise and Education editions|
+|[Join Windows 10 Mobile to AAD](join-windows-10-mobile-to-azure-active-directory.md)| Describes the considerations and options for using Windows 10 Mobile with Azure AD in your organization.|
+|[Manage corporate devices](manage-corporate-devices.md)| Listing of resources to manage all your corporate devices running Windows 10 : desktops, laptops, tablets, and phones |
+|[Transitioning to modern ITPro management](manage-windows-10-in-your-organization-modern-management.md)| Describes modern Windows 10 ITPro management scenarios across traditional, hybrid and cloud-based enterprise needs|
+|[Mandatory user profiles](mandatory-user-profile.md)| Instructions for managing settings commonly defined in a mandatory profiles, including (but are not limited to): icons that appear on the desktop, desktop backgrounds, user preferences in Control Panel, printer selections, and more.|
+|[New policies for Windows 10](new-policies-for-windows-10.md)| Listing of new group policy settings available in Windows 10|
+|[Reset a Windows 10 Mobile device](reset-a-windows-10-mobile-device.md)| Instructions for resetting a Windows 10 Mobile device using either *factory* or *'wipe and persist'* reset options|
+|[Deploy Windows 10 Mobile](windows-10-mobile-and-mdm.md)| Considerations and instructions for deploying Windows 10 Mobile|
+|[Windows libraries](windows-libraries.md)| Considerations and instructions for managing Windows 10 libraries such as My Documents, My Pictures, and My Music.|

windows/configuration/TOC.md

@@ -1 +1,91 @@
-# [Index](index.md)
+# [Configure Windows 10](index.md)
+## [Configure Windows telemetry in your organization](configure-windows-telemetry-in-your-organization.md)
+## [Basic level Windows diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields.md)
+## [Windows 10, version 1703 diagnostic data](windows-diagnostic-data.md)
+## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
+## [Manage Wi-Fi Sense in your company](manage-wifi-sense-in-enterprise.md)
+## [Configure kiosk and shared devices running Windows 10 desktop editions](kiosk-shared-pc.md)
+### [Set up a shared or guest PC with Windows 10](set-up-shared-or-guest-pc.md)
+### [Set up a kiosk on Windows 10 Pro, Enterprise, or Education](set-up-a-kiosk-for-windows-10-for-desktop-editions.md)
+### [Guidelines for choosing an app for assigned access (kiosk mode)](guidelines-for-assigned-access-app.md)
+### [Lock down Windows 10 to specific apps (AppLocker)](lock-down-windows-10-to-specific-apps.md)
+## [Configure Windows 10 Mobile devices](mobile-devices/configure-mobile.md)
+### [Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise](mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md)
+### [Use Windows Configuration Designer to configure Windows 10 Mobile devices](mobile-devices/provisioning-configure-mobile.md)
+#### [NFC-based device provisioning](mobile-devices/provisioning-nfc.md)
+#### [Barcode provisioning and the package splitter tool](mobile-devices/provisioning-package-splitter.md)
+### [Use the Lockdown Designer app to create a Lockdown XML file](mobile-devices/mobile-lockdown-designer.md)
+### [Configure Windows 10 Mobile using Lockdown XML](mobile-devices/lockdown-xml.md)
+### [Settings and quick actions that can be locked down in Windows 10 Mobile](mobile-devices/settings-that-can-be-locked-down.md)
+### [Product IDs in Windows 10 Mobile](mobile-devices/product-ids-in-windows-10-mobile.md)
+### [Start layout XML for mobile editions of Windows 10 (reference)](mobile-devices/start-layout-xml-mobile.md)
+## [Configure Start, taskbar, and lock screen](start-taskbar-lockscreen.md)
+### [Configure Windows Spotlight on the lock screen](windows-spotlight.md)
+### [Manage Windows 10 and Windows Store tips, tricks, and suggestions](manage-tips-and-suggestions.md)
+### [Manage Windows 10 Start and taskbar layout](windows-10-start-layout-options-and-policies.md)
+#### [Configure Windows 10 taskbar](configure-windows-10-taskbar.md)
+#### [Customize and export Start layout](customize-and-export-start-layout.md)
+#### [Add image for secondary tiles](start-secondary-tiles.md)
+#### [Start layout XML for desktop editions of Windows 10 (reference)](start-layout-xml-desktop.md)
+#### [Customize Windows 10 Start and taskbar with Group Policy](customize-windows-10-start-screens-by-using-group-policy.md)
+#### [Customize Windows 10 Start and taskbar with provisioning packages](customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md)
+#### [Customize Windows 10 Start and tasbkar with mobile device management (MDM)](customize-windows-10-start-screens-by-using-mobile-device-management.md)
+#### [Changes to Start policies in Windows 10](changes-to-start-policies-in-windows-10.md)
+## [Cortana integration in your business or enterprise](cortana-at-work/cortana-at-work-overview.md)
+### [Testing scenarios using Cortana in your business or organization](cortana-at-work/cortana-at-work-testing-scenarios.md)
+#### [Test scenario 1 - Sign-in to Azure AD and use Cortana to manage the notebook](cortana-at-work/cortana-at-work-scenario-1.md)
+#### [Test scenario 2 - Test scenario 2 - Perform a quick search with Cortana at work](cortana-at-work/cortana-at-work-scenario-2.md)
+#### [Test scenario 3 - Set a reminder for a specific location using Cortana at work](cortana-at-work/cortana-at-work-scenario-3.md)
+#### [Test scenario 4 - Use Cortana at work to find your upcoming meetings](cortana-at-work/cortana-at-work-scenario-4.md)
+#### [Test scenario 5 - Use Cortana to send email to a co-worker](cortana-at-work/cortana-at-work-scenario-5.md)
+#### [Test scenario 6 - Review a reminder suggested by Cortana based on what you’ve promised in email](cortana-at-work/cortana-at-work-scenario-6.md)
+#### [Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device](cortana-at-work/cortana-at-work-scenario-7.md)
+### [Set up and test Cortana with Office 365 in your organization](cortana-at-work/cortana-at-work-o365.md)
+### [Set up and test Cortana with Microsoft Dynamics CRM (Preview feature) in your organization](cortana-at-work/cortana-at-work-crm.md)
+### [Set up and test Cortana for Power BI in your organization](cortana-at-work/cortana-at-work-powerbi.md)
+### [Set up and test custom voice commands in Cortana for your organization](cortana-at-work/cortana-at-work-voice-commands.md)
+### [Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization](cortana-at-work/cortana-at-work-policy-settings.md)
+### [Send feedback about Cortana at work back to Microsoft](cortana-at-work/cortana-at-work-feedback.md)
+## [Configure access to Windows Store](stop-employees-from-using-the-windows-store.md)
+## [Provisioning packages for Windows 10](provisioning-packages/provisioning-packages.md)
+### [How provisioning works in Windows 10](provisioning-packages/provisioning-how-it-works.md)
+### [Introduction to configuration service providers (CSPs)](provisioning-packages/how-it-pros-can-use-configuration-service-providers.md)
+### [Install Windows Configuration Designer](provisioning-packages/provisioning-install-icd.md)
+### [Create a provisioning package](provisioning-packages/provisioning-create-package.md)
+### [Apply a provisioning package](provisioning-packages/provisioning-apply-package.md)
+### [Settings changed when you uninstall a provisioning package](provisioning-packages/provisioning-uninstall-package.md)
+### [Provision PCs with common settings for initial deployment (desktop wizard)](provisioning-packages/provision-pcs-for-initial-deployment.md)
+### [Provision PCs with apps](provisioning-packages/provision-pcs-with-apps.md)
+### [Use a script to install a desktop app in provisioning packages](provisioning-packages/provisioning-script-to-install-app.md)
+### [PowerShell cmdlets for provisioning Windows 10 (reference)](provisioning-packages/provisioning-powershell.md)
+### [Windows ICD command-line interface (reference)](provisioning-packages/provisioning-command-line.md)
+### [Create a provisioning package with multivariant settings](provisioning-packages/provisioning-multivariant.md)
+## [Lockdown features from Windows Embedded 8.1 Industry](lockdown-features-windows-10.md)
+## [User Experience Virtualization (UE-V) for Windows](ue-v/uev-for-windows.md)
+### [Get Started with UE-V](ue-v/uev-getting-started.md)
+#### [What's New in UE-V for Windows 10, version 1607](ue-v/uev-whats-new-in-uev-for-windows.md)
+#### [User Experience Virtualization Release Notes](ue-v/uev-release-notes-1607.md)
+#### [Upgrade to UE-V for Windows 10](ue-v/uev-upgrade-uev-from-previous-releases.md)
+### [Prepare a UE-V Deployment](ue-v/uev-prepare-for-deployment.md)
+#### [Deploy Required UE-V Features](ue-v/uev-deploy-required-features.md)
+#### [Deploy UE-V for use with Custom Applications](ue-v/uev-deploy-uev-for-custom-applications.md)
+### [Administering UE-V](ue-v/uev-administering-uev.md)
+#### [Manage Configurations for UE-V](ue-v/uev-manage-configurations.md)
+##### [Configuring UE-V with Group Policy Objects](ue-v/uev-configuring-uev-with-group-policy-objects.md)
+##### [Configuring UE-V with System Center Configuration Manager](ue-v/uev-configuring-uev-with-system-center-configuration-manager.md)
+##### [Administering UE-V with Windows PowerShell and WMI](ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md)
+###### [Managing the UE-V Service and Packages with Windows PowerShell and WMI](ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md)
+###### [Managing UE-V Settings Location Templates Using Windows PowerShell and WMI](ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md)
+#### [Working with Custom UE-V Templates and the UE-V Template Generator](ue-v/uev-working-with-custom-templates-and-the-uev-generator.md)
+#### [Manage Administrative Backup and Restore in UE-V](ue-v/uev-manage-administrative-backup-and-restore.md)
+#### [Changing the Frequency of UE-V Scheduled Tasks](ue-v/uev-changing-the-frequency-of-scheduled-tasks.md)
+#### [Migrating UE-V Settings Packages](ue-v/uev-migrating-settings-packages.md)
+#### [Using UE-V with Application Virtualization Applications](ue-v/uev-using-uev-with-application-virtualization-applications.md)
+### [Troubleshooting UE-V](ue-v/uev-troubleshooting.md)
+### [Technical Reference for UE-V](ue-v/uev-technical-reference.md)
+#### [Sync Methods for UE-V](ue-v/uev-sync-methods.md)
+#### [Sync Trigger Events for UE-V](ue-v/uev-sync-trigger-events.md)
+#### [Synchronizing Microsoft Office with UE-V](ue-v/uev-synchronizing-microsoft-office-with-uev.md)
+#### [Application Template Schema Reference for UE-V](ue-v/uev-application-template-schema-reference.md)
+#### [Security Considerations for UE-V](ue-v/uev-security-considerations.md)
+## [Change history for Configure Windows 10](change-history-for-configure-windows-10.md)

windows/configuration/index.md

@@ -1 +1,37 @@
-# Welcome to win-configuration!
+---
+title: Configure Windows 10 (Windows 10)
+description: Learn about configuring Windows 10.
+keywords: Windows 10, MDM, WSUS, Windows update
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: jdeckerMS
+---
+
+# Configure Windows 10
+
+Enterprises often need to apply custom configurations to devices for their users. Windows 10 provides a number of features and methods to help you configure or lock down specific parts of Windows 10.
+
+## In this section
+
+| Topic | Description |
+| --- | --- |
+| [Configure Windows telemetry in your organization](configure-windows-telemetry-in-your-organization.md) | Use this article to make informed decisions about how you can configure Windows telemetry in your organization. |
+| [Basic level Windows diagnostic data](basic-level-windows-diagnostic-events-and-fields.md) | Learn about diagnostic data that is collected at the basic level in Windows 10, version 1703. |
+| [Windows 10, version 1703 diagnostic data](windows-diagnostic-data.md) | Learn about the types of data that is collected at the full level in Windows 10, version 1703. |
+| [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md) | Learn about the network connections that Windows components make to Microsoft and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro. |
+| [Manage Wi-Fi Sense in your company](manage-wifi-sense-in-enterprise.md) | Wi-Fi Sense automatically connects you to Wi-Fi, so you can get online quickly in more places. It can connect you to open Wi-Fi hotspots it knows about through crowdsourcing, or to Wi-Fi networks your contacts have shared with you by using Wi-Fi Sense. The initial settings for Wi-Fi Sense are determined by the options you chose when you first set up your PC with Windows 10.  |
+| [Configure kiosk and shared devices running Windows 10 desktop editions](kiosk-shared-pc.md) | These topics help you configure Windows 10 devices to be shared by multiple users or to run as a kiosk device that runs a single app. |
+| [Configure Windows 10 Mobile devices](mobile-devices/configure-mobile.md) | These topics help you configure the features and apps and Start screen for a device running Windows 10 Mobile, as well as how to configure a kiosk device that runs a single app.  |
+| [Configure Start, taskbar, and lock screen](start-taskbar-lockscreen.md) | A standard, customized Start layout can be useful on devices that are common to multiple users and devices that are locked down for specialized purposes. Configuring the taskbar allows the organization to pin useful apps for their employees and to remove apps that are pinned by default. |
+| [Cortana integration in your business or enterprise](cortana-at-work/cortana-at-work-overview.md) | The world’s first personal digital assistant helps users get things done, even at work. Cortana includes powerful configuration options specifically to optimize for unique small to medium-sized business and enterprise environments.  |
+| [Configure access to Windows Store](stop-employees-from-using-the-windows-store.md) | IT Pros can configure access to Windows Store for client computers in their organization. For some organizations, business policies require blocking access to Windows Store. |
+| [Provisioning packages for Windows 10](provisioning-packages/provisioning-packages.md) | Learn how to use the Windows Configuration Designer and provisioning packages to easily configure multiple devices. |
+| [Lockdown features from Windows Embedded 8.1 Industry](lockdown-features-windows-10.md) | Many of the lockdown features available in Windows Embedded 8.1 Industry have been modified in some form for Windows 10. |
+| [Change history for Configure Windows 10](change-history-for-configure-windows-10.md) | This topic lists new and updated topics in the Configure Windows 10 documentation for Windows 10 and Windows 10 Mobile. |
+
+
+
+

windows/deployment/TOC.md

@@ -1 +1,221 @@
-# [Index](index.md)
+# [Deploy Windows 10](index.md)
+## [What's new in Windows 10 deployment](deploy-whats-new.md)
+## [Plan for Windows 10 deployment](planning/index.md)
+### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md)
+### [Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md)
+### [Windows 10 compatibility](planning/windows-10-compatibility.md)
+### [Windows 10 infrastructure requirements](planning/windows-10-infrastructure-requirements.md)
+### [Windows To Go: feature overview](planning/windows-to-go-overview.md)
+#### [Best practice recommendations for Windows To Go](planning/best-practice-recommendations-for-windows-to-go.md)
+#### [Deployment considerations for Windows To Go](planning/deployment-considerations-for-windows-to-go.md)
+#### [Prepare your organization for Windows To Go](planning/prepare-your-organization-for-windows-to-go.md)
+#### [Security and data protection considerations for Windows To Go](planning/security-and-data-protection-considerations-for-windows-to-go.md)
+#### [Windows To Go: frequently asked questions](planning/windows-to-go-frequently-asked-questions.md)
+### [Application Compatibility Toolkit (ACT) Technical Reference](planning/act-technical-reference.md)
+#### [SUA User's Guide](planning/sua-users-guide.md)
+##### [Using the SUA Wizard](planning/using-the-sua-wizard.md)
+##### [Using the SUA Tool](planning/using-the-sua-tool.md)
+###### [Tabs on the SUA Tool Interface](planning/tabs-on-the-sua-tool-interface.md)
+###### [Showing Messages Generated by the SUA Tool](planning/showing-messages-generated-by-the-sua-tool.md)
+###### [Applying Filters to Data in the SUA Tool](planning/applying-filters-to-data-in-the-sua-tool.md)
+###### [Fixing Applications by Using the SUA Tool](planning/fixing-applications-by-using-the-sua-tool.md)
+#### [Compatibility Administrator User's Guide](planning/compatibility-administrator-users-guide.md)
+##### [Using the Compatibility Administrator Tool](planning/using-the-compatibility-administrator-tool.md)
+###### [Available Data Types and Operators in Compatibility Administrator](planning/available-data-types-and-operators-in-compatibility-administrator.md)
+###### [Searching for Fixed Applications in Compatibility Administrator](planning/searching-for-fixed-applications-in-compatibility-administrator.md)
+###### [Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator](planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md)
+###### [Creating a Custom Compatibility Fix in Compatibility Administrator](planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md)
+###### [Creating a Custom Compatibility Mode in Compatibility Administrator](planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md)
+###### [Creating an AppHelp Message in Compatibility Administrator](planning/creating-an-apphelp-message-in-compatibility-administrator.md)
+###### [Viewing the Events Screen in Compatibility Administrator](planning/viewing-the-events-screen-in-compatibility-administrator.md)
+###### [Enabling and Disabling Compatibility Fixes in Compatibility Administrator](planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md)
+###### [Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator](planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md)
+##### [Managing Application-Compatibility Fixes and Custom Fix Databases](planning/managing-application-compatibility-fixes-and-custom-fix-databases.md)
+###### [Understanding and Using Compatibility Fixes](planning/understanding-and-using-compatibility-fixes.md)
+###### [Compatibility Fix Database Management Strategies and Deployment](planning/compatibility-fix-database-management-strategies-and-deployment.md)
+###### [Testing Your Application Mitigation Packages](planning/testing-your-application-mitigation-packages.md)
+##### [Using the Sdbinst.exe Command-Line Tool](planning/using-the-sdbinstexe-command-line-tool.md)
+#### [Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md)
+### [Change history for Plan for Windows 10 deployment](planning/change-history-for-plan-for-windows-10-deployment.md)
+## [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
+## Upgrade Windows
+### [Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md)
+### [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md)
+### [Deploy Windows To Go in your organization](deploy-windows-to-go.md)
+### [Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade/upgrade-windows-phone-8-1-to-10.md)
+### [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md)
+#### [Upgrade Readiness architecture](upgrade/upgrade-readiness-architecture.md)
+#### [Upgrade Readiness requirements](upgrade/upgrade-readiness-requirements.md)
+#### [Upgrade Readiness release notes](upgrade/upgrade-readiness-release-notes.md)
+#### [Get started with Upgrade Readiness](upgrade/upgrade-readiness-get-started.md)
+##### [Upgrade Readiness deployment script](upgrade/upgrade-readiness-deployment-script.md)
+#### [Use Upgrade Readiness to manage Windows upgrades](upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md)
+##### [Upgrade overview](upgrade/upgrade-readiness-upgrade-overview.md)
+##### [Step 1: Identify apps](upgrade/upgrade-readiness-identify-apps.md)
+##### [Step 2: Resolve issues](upgrade/upgrade-readiness-resolve-issues.md)
+##### [Step 3: Deploy Windows](upgrade/upgrade-readiness-deploy-windows.md)
+##### [Additional insights](upgrade/upgrade-readiness-additional-insights.md)
+#### [Troubleshoot Upgrade Readiness](upgrade/troubleshoot-upgrade-readiness.md)
+## [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md)
+### [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md)
+### [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md)
+## [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md)
+### [Get started with the Microsoft Deployment Toolkit (MDT)](deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md)
+#### [Key features in MDT](deploy-windows-mdt/key-features-in-mdt.md)
+#### [MDT Lite Touch components](deploy-windows-mdt/mdt-lite-touch-components.md)
+#### [Prepare for deployment with MDT](deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
+### [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md)
+### [Deploy a Windows 10 image using MDT](deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md)
+### [Build a distributed environment for Windows 10 deployment](deploy-windows-mdt/build-a-distributed-environment-for-windows-10-deployment.md)
+### [Refresh a Windows 7 computer with Windows 10](deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md)
+### [Replace a Windows 7 computer with a Windows 10 computer](deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md)
+### [Perform an in-place upgrade to Windows 10 with MDT](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
+### [Configure MDT settings](deploy-windows-mdt/configure-mdt-settings.md)
+#### [Set up MDT for BitLocker](deploy-windows-mdt/set-up-mdt-for-bitlocker.md)
+#### [Configure MDT deployment share rules](deploy-windows-mdt/configure-mdt-deployment-share-rules.md)
+#### [Configure MDT for UserExit scripts](deploy-windows-mdt/configure-mdt-for-userexit-scripts.md)
+#### [Simulate a Windows 10 deployment in a test environment](deploy-windows-mdt/simulate-a-windows-10-deployment-in-a-test-environment.md)
+#### [Use the MDT database to stage Windows 10 deployment information](deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md)
+#### [Assign applications using roles in MDT](deploy-windows-mdt/assign-applications-using-roles-in-mdt.md)
+#### [Use web services in MDT](deploy-windows-mdt/use-web-services-in-mdt.md)
+#### [Use Orchestrator runbooks with MDT](deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md)
+## [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md)
+### [Integrate Configuration Manager with MDT](deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
+### [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
+### [Create a custom Windows PE boot image with Configuration Manager](deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md)
+### [Add a Windows 10 operating system image using Configuration Manager](deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md)
+### [Create an application to deploy with Windows 10 using Configuration Manager](deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
+### [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
+### [Create a task sequence with Configuration Manager and MDT](deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
+### [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md)
+### [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md)
+### [Monitor the Windows 10 deployment with Configuration Manager](deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md)
+### [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+### [Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
+### [Perform an in-place upgrade to Windows 10 using Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md)
+## [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md)
+## [Convert MBR partition to GPT](mbr-to-gpt.md)
+## [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md)
+## [Sideload apps in Windows 10](/windows/application-management/sideload-apps-in-windows-10)
+## [Update Windows 10](update/index.md)
+### [Quick guide to Windows as a service](update/waas-quick-start.md)
+### [Overview of Windows as a service](update/waas-overview.md)
+### [Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md)
+### [Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md)
+### [Assign devices to servicing branches for Windows 10 updates](update/waas-servicing-branches-windows-10-updates.md)
+### [Monitor Windows Updates with Update Compliance](update/update-compliance-monitor.md)
+#### [Get started with Update Compliance](update/update-compliance-get-started.md)
+#### [Use Update Compliance](update/update-compliance-using.md)
+### [Optimize Windows 10 update delivery](update/waas-optimize-windows-10-updates.md)
+#### [Configure Delivery Optimization for Windows 10 updates](update/waas-delivery-optimization.md)
+#### [Configure BranchCache for Windows 10 updates](update/waas-branchcache.md)
+### [Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](update/waas-mobile-updates.md)
+### [Deploy updates using Windows Update for Business](update/waas-manage-updates-wufb.md)
+#### [Configure Windows Update for Business](update/waas-configure-wufb.md)
+#### [Integrate Windows Update for Business with management solutions](update/waas-integrate-wufb.md)
+#### [Walkthrough: use Group Policy to configure Windows Update for Business](update/waas-wufb-group-policy.md)
+#### [Walkthrough: use Intune to configure Windows Update for Business](update/waas-wufb-intune.md)
+### [Deploy Windows 10 updates using Windows Server Update Services](update/waas-manage-updates-wsus.md)
+### [Deploy Windows 10 updates using System Center Configuration Manager](update/waas-manage-updates-configuration-manager.md)
+### [Manage device restarts after updates](update/waas-restart.md)
+### [Windows Insider Program for Business](update/waas-windows-insider-for-business.md)
+#### [Windows Insider Program for Business using Azure Active Directory](update/waas-windows-insider-for-business-aad.md)
+#### [Windows Insider Program for Business Frequently Asked Questions](update/waas-windows-insider-for-business-faq.md)
+### [Change history for Update Windows 10](update/change-history-for-update-windows-10.md)
+
+## [Volume Activation [client]](volume-activation/volume-activation-windows-10.md)
+### [Plan for volume activation [client]](volume-activation/plan-for-volume-activation-client.md)
+### [Activate using Key Management Service [client]](volume-activation/activate-using-key-management-service-vamt.md)
+### [Activate using Active Directory-based activation [client]](volume-activation/activate-using-active-directory-based-activation-client.md)
+### [Activate clients running Windows 10](volume-activation/activate-windows-10-clients-vamt.md)
+### [Monitor activation [client]](volume-activation/monitor-activation-client.md)
+### [Use the Volume Activation Management Tool [client]](volume-activation/use-the-volume-activation-management-tool-client.md)
+### [Appendix: Information sent to Microsoft during activation [client]](volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md)
+## [Windows 10 Enterprise E3 in CSP Overview](windows-10-enterprise-e3-overview.md)
+## [Windows 10 deployment tools reference](windows-10-deployment-tools-reference.md)
+### [Windows 10 deployment tools](windows-deployment-scenarios-and-tools.md)
+### [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md)
+### [Volume Activation Management Tool (VAMT) Technical Reference](volume-activation/volume-activation-management-tool.md)
+#### [Introduction to VAMT](volume-activation/introduction-vamt.md)
+#### [Active Directory-Based Activation Overview](volume-activation/active-directory-based-activation-overview.md)
+#### [Install and Configure VAMT](volume-activation/install-configure-vamt.md)
+##### [VAMT Requirements](volume-activation/vamt-requirements.md)
+##### [Install VAMT](volume-activation/install-vamt.md)
+##### [Configure Client Computers](volume-activation/configure-client-computers-vamt.md)
+#### [Add and Manage Products](volume-activation/add-manage-products-vamt.md)
+##### [Add and Remove Computers](volume-activation/add-remove-computers-vamt.md)
+##### [Update Product Status](volume-activation/update-product-status-vamt.md)
+##### [Remove Products](volume-activation/remove-products-vamt.md)
+#### [Manage Product Keys](volume-activation/manage-product-keys-vamt.md)
+##### [Add and Remove a Product Key](volume-activation/add-remove-product-key-vamt.md)
+##### [Install a Product Key](volume-activation/install-product-key-vamt.md)
+##### [Install a KMS Client Key](volume-activation/install-kms-client-key-vamt.md)
+#### [Manage Activations](volume-activation/manage-activations-vamt.md)
+##### [Perform Online Activation](volume-activation/online-activation-vamt.md)
+##### [Perform Proxy Activation](volume-activation/proxy-activation-vamt.md)
+##### [Perform KMS Activation](volume-activation/kms-activation-vamt.md)
+##### [Perform Local Reactivation](volume-activation/local-reactivation-vamt.md)
+##### [Activate an Active Directory Forest Online](volume-activation/activate-forest-vamt.md)
+##### [Activate by Proxy an Active Directory Forest](volume-activation/activate-forest-by-proxy-vamt.md)
+#### [Manage VAMT Data](volume-activation/manage-vamt-data.md)
+##### [Import and Export VAMT Data](volume-activation/import-export-vamt-data.md)
+##### [Use VAMT in Windows PowerShell](volume-activation/use-vamt-in-windows-powershell.md)
+#### [VAMT Step-by-Step Scenarios](volume-activation/vamt-step-by-step.md)
+##### [Scenario 1: Online Activation](volume-activation/scenario-online-activation-vamt.md)
+##### [Scenario 2: Proxy Activation](volume-activation/scenario-proxy-activation-vamt.md)
+##### [Scenario 3: KMS Client Activation](volume-activation/scenario-kms-activation-vamt.md)
+#### [VAMT Known Issues](volume-activation/vamt-known-issues.md)
+### [User State Migration Tool (USMT) Technical Reference](usmt/usmt-technical-reference.md)
+#### [User State Migration Tool (USMT) Overview Topics](usmt/usmt-topics.md)
+##### [User State Migration Tool (USMT) Overview](usmt/usmt-overview.md)
+##### [Getting Started with the User State Migration Tool (USMT)](usmt/getting-started-with-the-user-state-migration-tool.md)
+##### [Windows Upgrade and Migration Considerations](upgrade/windows-upgrade-and-migration-considerations.md)
+#### [User State Migration Tool (USMT) How-to topics](usmt/usmt-how-to.md)
+##### [Exclude Files and Settings](usmt/usmt-exclude-files-and-settings.md)
+##### [Extract Files from a Compressed USMT Migration Store](usmt/usmt-extract-files-from-a-compressed-migration-store.md)
+##### [Include Files and Settings](usmt/usmt-include-files-and-settings.md)
+##### [Migrate Application Settings](usmt/migrate-application-settings.md)
+##### [Migrate EFS Files and Certificates](usmt/usmt-migrate-efs-files-and-certificates.md)
+##### [Migrate User Accounts](usmt/usmt-migrate-user-accounts.md)
+##### [Reroute Files and Settings](usmt/usmt-reroute-files-and-settings.md)
+##### [Verify the Condition of a Compressed Migration Store](usmt/verify-the-condition-of-a-compressed-migration-store.md)
+#### [User State Migration Tool (USMT) Troubleshooting](usmt/usmt-troubleshooting.md)
+##### [Common Issues](usmt/usmt-common-issues.md)
+##### [Frequently Asked Questions](usmt/usmt-faq.md)
+##### [Log Files](usmt/usmt-log-files.md)
+##### [Return Codes](usmt/usmt-return-codes.md)
+##### [USMT Resources](usmt/usmt-resources.md)
+#### [User State Migration Toolkit (USMT) Reference](usmt/usmt-reference.md)
+##### [USMT Requirements](usmt/usmt-requirements.md)
+##### [USMT Best Practices](usmt/usmt-best-practices.md)
+##### [How USMT Works](usmt/usmt-how-it-works.md)
+##### [Plan Your Migration](usmt/usmt-plan-your-migration.md)
+###### [Common Migration Scenarios](usmt/usmt-common-migration-scenarios.md)
+###### [What Does USMT Migrate?](usmt/usmt-what-does-usmt-migrate.md)
+###### [Choose a Migration Store Type](usmt/usmt-choose-migration-store-type.md)
+####### [Migration Store Types Overview](usmt/migration-store-types-overview.md)
+####### [Estimate Migration Store Size](usmt/usmt-estimate-migration-store-size.md)
+####### [Hard-Link Migration Store](usmt/usmt-hard-link-migration-store.md)
+####### [Migration Store Encryption](usmt/usmt-migration-store-encryption.md)
+###### [Determine What to Migrate](usmt/usmt-determine-what-to-migrate.md)
+####### [Identify Users](usmt/usmt-identify-users.md)
+####### [Identify Applications Settings](usmt/usmt-identify-application-settings.md)
+####### [Identify Operating System Settings](usmt/usmt-identify-operating-system-settings.md)
+####### [Identify File Types, Files, and Folders](usmt/usmt-identify-file-types-files-and-folders.md)
+###### [Test Your Migration](usmt/usmt-test-your-migration.md)
+##### [User State Migration Tool (USMT) Command-line Syntax](usmt/usmt-command-line-syntax.md)
+###### [ScanState Syntax](usmt/usmt-scanstate-syntax.md)
+###### [LoadState Syntax](usmt/usmt-loadstate-syntax.md)
+###### [UsmtUtils Syntax](usmt/usmt-utilities.md)
+##### [USMT XML Reference](usmt/usmt-xml-reference.md)
+###### [Understanding Migration XML Files](usmt/understanding-migration-xml-files.md)
+###### [Config.xml File](usmt/usmt-configxml-file.md)
+###### [Customize USMT XML Files](usmt/usmt-customize-xml-files.md)
+###### [Custom XML Examples](usmt/usmt-custom-xml-examples.md)
+###### [Conflicts and Precedence](usmt/usmt-conflicts-and-precedence.md)
+###### [General Conventions](usmt/usmt-general-conventions.md)
+###### [XML File Requirements](usmt/xml-file-requirements.md)
+###### [Recognized Environment Variables](usmt/usmt-recognized-environment-variables.md)
+###### [XML Elements Library](usmt/usmt-xml-elements-library.md)
+##### [Offline Migration Reference](usmt/offline-migration-reference.md)
+## [Change history for Deploy Windows 10](change-history-for-deploy-windows-10.md)

windows/deployment/index.md

@@ -1 +1,47 @@
-# Welcome to win-development!
+---
+title: Deploy Windows 10 (Windows 10)
+description: Learn about deploying Windows 10 for IT professionals.
+ms.assetid: E9E2DED5-DBA7-4300-B411-BA0FD39BE18C
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+localizationpriority: high
+author: greg-lindsay
+---
+
+# Deploy Windows 10
+Learn about deploying Windows 10 for IT professionals.
+
+## In this section
+
+|Topic |Description |
+|------|------------|
+|[What's new in Windows 10 deployment](deploy-whats-new.md) |See this topic for a summary of new features and some recent changes related to deploying Windows 10 in your organization. |
+|[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) |To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider. Choosing among these scenarios, and understanding the key capabilities and limitations of each, is a key task. |
+|[Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) |With Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With Windows telemetry enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded. | 
+|[Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) |This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, see the following Windows 10 PoC deployment guides: [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md), [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md). |
+|[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) |This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT). |
+|[Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) |If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or. |
+|[Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) |This topic provides a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade. |
+|[Convert MBR partition to GPT](mbr-to-gpt.md) |This topic provides detailed instructions for using the MBR2GPT partition conversion tool. |
+|[Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) |This guide describes how to configure a PXE server to load Windows PE by booting a client computer from the network. |
+|[Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) |With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. |
+|[Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) |You can upgrade directly to Windows 10 from a previous operating system. |
+|[Deploy Windows To Go in your organization](deploy-windows-to-go.md) |This topic helps you to deploy Windows To Go in your organization. Before you begin deployment, make sure that you have reviewed the topics [Windows To Go: feature overview](planning/windows-to-go-overview.md) and [Prepare your organization for Windows To Go](planning/prepare-your-organization-for-windows-to-go.md) to ensure that you have the correct hardware and are prepared to complete the deployment. You can then use the steps in this topic to start your Windows To Go deployment. |
+|[Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade/upgrade-windows-phone-8-1-to-10.md) |This topic describes how to upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile. |
+|[Sideload apps in Windows 10](/windows/application-management/sideload-apps-in-windows-10) |Sideload line-of-business apps in Windows 10. |
+|[Volume Activation [client]](volume-activation/volume-activation-windows-10.md) |This guide is designed to help organizations that are planning to use volume activation to deploy and activate Windows 10, including organizations that have used volume activation for earlier versions of Windows. |
+|[Windows 10 deployment tools reference](windows-10-deployment-tools-reference.md) |Learn about the tools available to deploy Windows 10. |
+|[Change history for Deploy Windows 10](change-history-for-deploy-windows-10.md) |This topic lists new and updated topics in the Deploy Windows 10 documentation for [Windows 10 and Windows 10 Mobile](/windows/windows-10). |
+
+## Related topics
+- [Windows 10 and Windows 10 Mobile](/windows/windows-10)
+
+ 
+
+ 
+
+
+
+
+

windows/device-security/TOC.md

@@ -1 +1,666 @@
-# [Index](index.md)
+# [Device security](index.md)
+
+## [AppLocker](applocker\applocker-overview.md)
+### [Administer AppLocker](applocker\administer-applocker.md)
+#### [Maintain AppLocker policies](applocker\maintain-applocker-policies.md)
+#### [Edit an AppLocker policy](applocker\edit-an-applocker-policy.md)
+#### [Test and update an AppLocker policy](applocker\test-and-update-an-applocker-policy.md)
+#### [Deploy AppLocker policies by using the enforce rules setting](applocker\deploy-applocker-policies-by-using-the-enforce-rules-setting.md)
+#### [Use the AppLocker Windows PowerShell cmdlets](applocker\use-the-applocker-windows-powershell-cmdlets.md)
+#### [Use AppLocker and Software Restriction Policies in the same domain](applocker\use-applocker-and-software-restriction-policies-in-the-same-domain.md)
+#### [Optimize AppLocker performance](applocker\optimize-applocker-performance.md)
+#### [Monitor app usage with AppLocker](applocker\monitor-application-usage-with-applocker.md)
+#### [Manage packaged apps with AppLocker](applocker\manage-packaged-apps-with-applocker.md)
+#### [Working with AppLocker rules](applocker\working-with-applocker-rules.md)
+#### [Working with AppLocker rules](applocker\working-with-applocker-rules.md)
+##### [Create a rule that uses a file hash condition](applocker\create-a-rule-that-uses-a-file-hash-condition.md)
+##### [Create a rule that uses a path condition](applocker\create-a-rule-that-uses-a-path-condition.md)
+##### [Create a rule that uses a publisher condition](applocker\create-a-rule-that-uses-a-publisher-condition.md)
+##### [Create AppLocker default rules](applocker\create-applocker-default-rules.md)
+##### [Add exceptions for an AppLocker rule](applocker\configure-exceptions-for-an-applocker-rule.md)
+##### [Create a rule for packaged apps](applocker\create-a-rule-for-packaged-apps.md)
+##### [Delete an AppLocker rule](applocker\delete-an-applocker-rule.md)
+##### [Edit AppLocker rules](applocker\edit-applocker-rules.md)
+##### [Enable the DLL rule collection](applocker\enable-the-dll-rule-collection.md)
+##### [Enforce AppLocker rules](applocker\enforce-applocker-rules.md)
+##### [Run the Automatically Generate Rules wizard](applocker\run-the-automatically-generate-rules-wizard.md)
+#### [Working with AppLocker policies](applocker\working-with-applocker-policies.md)
+##### [Configure the Application Identity service](applocker\configure-the-application-identity-service.md)
+##### [Configure an AppLocker policy for audit only](applocker\configure-an-applocker-policy-for-audit-only.md)
+##### [Configure an AppLocker policy for enforce rules](applocker\configure-an-applocker-policy-for-enforce-rules.md)
+##### [Display a custom URL message when users try to run a blocked app](applocker\display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md)
+##### [Export an AppLocker policy from a GPO](applocker\export-an-applocker-policy-from-a-gpo.md)
+##### [Export an AppLocker policy to an XML file](applocker\export-an-applocker-policy-to-an-xml-file.md)
+##### [Import an AppLocker policy from another computer](applocker\import-an-applocker-policy-from-another-computer.md)
+##### [Import an AppLocker policy into a GPO](applocker\import-an-applocker-policy-into-a-gpo.md)
+##### [Add rules for packaged apps to existing AppLocker rule-set](applocker\add-rules-for-packaged-apps-to-existing-applocker-rule-set.md)
+##### [Merge AppLocker policies by using Set-ApplockerPolicy](applocker\merge-applocker-policies-by-using-set-applockerpolicy.md)
+##### [Merge AppLocker policies manually](applocker\merge-applocker-policies-manually.md)
+##### [Refresh an AppLocker policy](applocker\refresh-an-applocker-policy.md)
+##### [Test an AppLocker policy by using Test-AppLockerPolicy](applocker\test-an-applocker-policy-by-using-test-applockerpolicy.md)
+### [AppLocker design guide](applocker\applocker-policies-design-guide.md)
+#### [Understand AppLocker policy design decisions](applocker\understand-applocker-policy-design-decisions.md)
+#### [Determine your application control objectives](applocker\determine-your-application-control-objectives.md)
+#### [Create a list of apps deployed to each business group](applocker\create-list-of-applications-deployed-to-each-business-group.md)
+##### [Document your app list](applocker\document-your-application-list.md)
+#### [Select the types of rules to create](applocker\select-types-of-rules-to-create.md)
+##### [Document your AppLocker rules](applocker\document-your-applocker-rules.md)
+#### [Determine the Group Policy structure and rule enforcement](applocker\determine-group-policy-structure-and-rule-enforcement.md)
+##### [Understand AppLocker enforcement settings](applocker\understand-applocker-enforcement-settings.md)
+##### [Understand AppLocker rules and enforcement setting inheritance in Group Policy](applocker\understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md)
+##### [Document the Group Policy structure and AppLocker rule enforcement](applocker\document-group-policy-structure-and-applocker-rule-enforcement.md)
+#### [Plan for AppLocker policy management](applocker\plan-for-applocker-policy-management.md)
+##### [Document your application control management processes](applocker\document-your-application-control-management-processes.md)
+#### [Create your AppLocker planning document](applocker\create-your-applocker-planning-document.md)
+### [AppLocker deployment guide](applocker\applocker-policies-deployment-guide.md)
+#### [Understand the AppLocker policy deployment process](applocker\understand-the-applocker-policy-deployment-process.md)
+#### [Requirements for Deploying AppLocker Policies](applocker\requirements-for-deploying-applocker-policies.md)
+#### [Use Software Restriction Policies and AppLocker policies](applocker\using-software-restriction-policies-and-applocker-policies.md)
+#### [Create Your AppLocker policies](applocker\create-your-applocker-policies.md)
+##### [Create Your AppLocker rules](applocker\create-your-applocker-rules.md)
+#### [Deploy the AppLocker policy into production](applocker\deploy-the-applocker-policy-into-production.md)
+##### [Use a reference device to create and maintain AppLocker policies](applocker\use-a-reference-computer-to-create-and-maintain-applocker-policies.md)
+###### [Determine which apps are digitally signed on a reference device](applocker\determine-which-applications-are-digitally-signed-on-a-reference-computer.md)
+###### [Configure the AppLocker reference device](applocker\configure-the-appLocker-reference-device.md)
+### [AppLocker technical reference](applocker\applocker-technical-reference.md)
+#### [What Is AppLocker?](applocker\what-is-applocker.md)
+#### [Requirements to use AppLocker](applocker\requirements-to-use-applocker.md)
+#### [AppLocker policy use scenarios](applocker\applocker-policy-use-scenarios.md)
+#### [How AppLocker works](applocker\how-applocker-works-techref.md)
+##### [Understanding AppLocker rule behavior](applocker\understanding-applocker-rule-behavior.md)
+##### [Understanding AppLocker rule exceptions](applocker\understanding-applocker-rule-exceptions.md)
+##### [Understanding AppLocker rule collections](applocker\understanding-applocker-rule-collections.md)
+##### [Understanding AppLocker allow and deny actions on rules](applocker\understanding-applocker-allow-and-deny-actions-on-rules.md)
+##### [Understanding AppLocker rule condition types](applocker\understanding-applocker-rule-condition-types.md)
+###### [Understanding the publisher rule condition in AppLocker](applocker\understanding-the-publisher-rule-condition-in-applocker.md)
+###### [Understanding the path rule condition in AppLocker](applocker\understanding-the-path-rule-condition-in-applocker.md)
+###### [Understanding the file hash rule condition in AppLocker](applocker\understanding-the-file-hash-rule-condition-in-applocker.md)
+##### [Understanding AppLocker default rules](applocker\understanding-applocker-default-rules.md)
+###### [Executable rules in AppLocker](applocker\executable-rules-in-applocker.md)
+###### [Windows Installer rules in AppLocker](applocker\windows-installer-rules-in-applocker.md)
+###### [Script rules in AppLocker](applocker\script-rules-in-applocker.md)
+###### [DLL rules in AppLocker](applocker\dll-rules-in-applocker.md)
+###### [Packaged apps and packaged app installer rules in AppLocker](applocker\packaged-apps-and-packaged-app-installer-rules-in-applocker.md)
+#### [AppLocker architecture and components](applocker\applocker-architecture-and-components.md)
+#### [AppLocker processes and interactions](applocker\applocker-processes-and-interactions.md)
+#### [AppLocker functions](applocker\applocker-functions.md)
+#### [Security considerations for AppLocker](applocker\security-considerations-for-applocker.md)
+#### [Tools to Use with AppLocker](applocker\tools-to-use-with-applocker.md)
+##### [Using Event Viewer with AppLocker](applocker\using-event-viewer-with-applocker.md)
+#### [AppLocker Settings](applocker\applocker-settings.md)
+
+## [BitLocker](bitlocker\bitlocker-overview.md)
+### [Overview of BitLocker and device encryption in Windows 10](bitlocker\bitlocker-device-encryption-overview-windows-10.md)
+### [BitLocker frequently asked questions (FAQ)](bitlocker\bitlocker-frequently-asked-questions.md)
+### [Prepare your organization for BitLocker: Planning and policies](bitlocker\prepare-your-organization-for-bitlocker-planning-and-policies.md)
+### [BitLocker basic deployment](bitlocker\bitlocker-basic-deployment.md)
+### [BitLocker: How to deploy on Windows Server 2012 and later](bitlocker\bitlocker-how-to-deploy-on-windows-server.md)
+### [BitLocker: How to enable Network Unlock](bitlocker\bitlocker-how-to-enable-network-unlock.md)
+### [BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker](bitlocker\bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md)
+### [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker\bitlocker-use-bitlocker-recovery-password-viewer.md)
+### [BitLocker Group Policy settings](bitlocker\bitlocker-group-policy-settings.md)
+### [BCD settings and BitLocker](bitlocker\bcd-settings-and-bitlocker.md)
+### [BitLocker Recovery Guide](bitlocker\bitlocker-recovery-guide-plan.md)
+### [Protect BitLocker from pre-boot attacks](bitlocker\protect-bitlocker-from-pre-boot-attacks.md)
+#### [Types of attacks for volume encryption keys](bitlocker\types-of-attacks-for-volume-encryption-keys.md)
+#### [BitLocker Countermeasures](bitlocker\bitlocker-countermeasures.md)
+#### [Choose the Right BitLocker Countermeasure](bitlocker\choose-the-right-bitlocker-countermeasure.md)
+### [Protecting cluster shared volumes and storage area networks with BitLocker](bitlocker\protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)
+
+
+
+## [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
+
+## [Device Guard deployment guide](device-guard/device-guard-deployment-guide.md)
+### [Introduction to Device Guard: virtualization-based security and code integrity policies](device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md)
+### [Requirements and deployment planning guidelines for Device Guard](device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md)
+### [Planning and getting started on the Device Guard deployment process](device-guard/planning-and-getting-started-on-the-device-guard-deployment-process.md)
+### [Deploy Device Guard: deploy code integrity policies](device-guard/deploy-device-guard-deploy-code-integrity-policies.md)
+#### [Optional: Create a code signing certificate for code integrity policies](device-guard/optional-create-a-code-signing-certificate-for-code-integrity-policies.md)
+#### [Deploy code integrity policies: policy rules and file rules](device-guard/deploy-code-integrity-policies-policy-rules-and-file-rules.md)
+#### [Deploy code integrity policies: steps](device-guard/deploy-code-integrity-policies-steps.md)
+#### [Deploy catalog files to support code integrity policies](device-guard/deploy-catalog-files-to-support-code-integrity-policies.md)
+#### [Deploy Managed Installer for Device Guard](device-guard/deploy-managed-installer-for-device-guard.md)
+### [Deploy Device Guard: enable virtualization-based security](device-guard/deploy-device-guard-enable-virtualization-based-security.md)
+
+## [Encrypted Hard Drive](encrypted-hard-drive.md)
+
+
+## [Security auditing](auditing\security-auditing-overview.md)
+### [Basic security audit policies](auditing\basic-security-audit-policies.md)
+#### [Create a basic audit policy for an event category](auditing\create-a-basic-audit-policy-settings-for-an-event-category.md)
+#### [Apply a basic audit policy on a file or folder](auditing\apply-a-basic-audit-policy-on-a-file-or-folder.md)
+#### [View the security event log](auditing\view-the-security-event-log.md)
+#### [Basic security audit policy settings](auditing\basic-security-audit-policy-settings.md)
+##### [Audit account logon events](auditing\basic-audit-account-logon-events.md)
+##### [Audit account management](auditing\basic-audit-account-management.md)
+##### [Audit directory service access](auditing\basic-audit-directory-service-access.md)
+##### [Audit logon events](auditing\basic-audit-logon-events.md)
+##### [Audit object access](auditing\basic-audit-object-access.md)
+##### [Audit policy change](auditing\basic-audit-policy-change.md)
+##### [Audit privilege use](auditing\basic-audit-privilege-use.md)
+##### [Audit process tracking](auditing\basic-audit-process-tracking.md)
+##### [Audit system events](auditing\basic-audit-system-events.md)
+### [Advanced security audit policies](auditing\advanced-security-auditing.md)
+#### [Planning and deploying advanced security audit policies](auditing\planning-and-deploying-advanced-security-audit-policies.md)
+#### [Advanced security auditing FAQ](auditing\advanced-security-auditing-faq.md)
+##### [Which editions of Windows support advanced audit policy configuration](auditing\which-editions-of-windows-support-advanced-audit-policy-configuration.md)
+#### [Using advanced security auditing options to monitor dynamic access control objects](auditing\using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md)
+##### [Monitor the central access policies that apply on a file server](auditing\monitor-the-central-access-policies-that-apply-on-a-file-server.md)
+##### [Monitor the use of removable storage devices](auditing\monitor-the-use-of-removable-storage-devices.md)
+##### [Monitor resource attribute definitions](auditing\monitor-resource-attribute-definitions.md)
+##### [Monitor central access policy and rule definitions](auditing\monitor-central-access-policy-and-rule-definitions.md)
+##### [Monitor user and device claims during sign-in](auditing\monitor-user-and-device-claims-during-sign-in.md)
+##### [Monitor the resource attributes on files and folders](auditing\monitor-the-resource-attributes-on-files-and-folders.md)
+##### [Monitor the central access policies associated with files and folders](auditing\monitor-the-central-access-policies-associated-with-files-and-folders.md)
+##### [Monitor claim types](auditing\monitor-claim-types.md)
+#### [Advanced security audit policy settings](auditing\advanced-security-audit-policy-settings.md)
+##### [Audit Credential Validation](auditing\audit-credential-validation.md)
+###### [Event 4774 S, F: An account was mapped for logon.](auditing\event-4774.md)
+###### [Event 4775 F: An account could not be mapped for logon.](auditing\event-4775.md)
+###### [Event 4776 S, F: The computer attempted to validate the credentials for an account.](auditing\event-4776.md)
+###### [Event 4777 F: The domain controller failed to validate the credentials for an account.](auditing\event-4777.md)
+##### [Audit Kerberos Authentication Service](auditing\audit-kerberos-authentication-service.md)
+###### [Event 4768 S, F: A Kerberos authentication ticket, TGT, was requested.](auditing\event-4768.md)
+###### [Event 4771 F: Kerberos pre-authentication failed.](auditing\event-4771.md)
+###### [Event 4772 F: A Kerberos authentication ticket request failed.](auditing\event-4772.md)
+##### [Audit Kerberos Service Ticket Operations](auditing\audit-kerberos-service-ticket-operations.md)
+###### [Event 4769 S, F: A Kerberos service ticket was requested.](auditing\event-4769.md)
+###### [Event 4770 S: A Kerberos service ticket was renewed.](auditing\event-4770.md)
+###### [Event 4773 F: A Kerberos service ticket request failed.](auditing\event-4773.md)
+##### [Audit Other Account Logon Events](auditing\audit-other-account-logon-events.md)
+##### [Audit Application Group Management](auditing\audit-application-group-management.md)
+##### [Audit Computer Account Management](auditing\audit-computer-account-management.md)
+###### [Event 4741 S: A computer account was created.](auditing\event-4741.md)
+###### [Event 4742 S: A computer account was changed.](auditing\event-4742.md)
+###### [Event 4743 S: A computer account was deleted.](auditing\event-4743.md)
+##### [Audit Distribution Group Management](auditing\audit-distribution-group-management.md)
+###### [Event 4749 S: A security-disabled global group was created.](auditing\event-4749.md)
+###### [Event 4750 S: A security-disabled global group was changed.](auditing\event-4750.md)
+###### [Event 4751 S: A member was added to a security-disabled global group.](auditing\event-4751.md)
+###### [Event 4752 S: A member was removed from a security-disabled global group.](auditing\event-4752.md)
+###### [Event 4753 S: A security-disabled global group was deleted.](auditing\event-4753.md)
+##### [Audit Other Account Management Events](auditing\audit-other-account-management-events.md)
+###### [Event 4782 S: The password hash an account was accessed.](auditing\event-4782.md)
+###### [Event 4793 S: The Password Policy Checking API was called.](auditing\event-4793.md)
+##### [Audit Security Group Management](auditing\audit-security-group-management.md)
+###### [Event 4731 S: A security-enabled local group was created.](auditing\event-4731.md)
+###### [Event 4732 S: A member was added to a security-enabled local group.](auditing\event-4732.md)
+###### [Event 4733 S: A member was removed from a security-enabled local group.](auditing\event-4733.md)
+###### [Event 4734 S: A security-enabled local group was deleted.](auditing\event-4734.md)
+###### [Event 4735 S: A security-enabled local group was changed.](auditing\event-4735.md)
+###### [Event 4764 S: A group’s type was changed.](auditing\event-4764.md)
+###### [Event 4799 S: A security-enabled local group membership was enumerated.](auditing\event-4799.md)
+##### [Audit User Account Management](auditing\audit-user-account-management.md)
+###### [Event 4720 S: A user account was created.](auditing\event-4720.md)
+###### [Event 4722 S: A user account was enabled.](auditing\event-4722.md)
+###### [Event 4723 S, F: An attempt was made to change an account's password.](auditing\event-4723.md)
+###### [Event 4724 S, F: An attempt was made to reset an account's password.](auditing\event-4724.md)
+###### [Event 4725 S: A user account was disabled.](auditing\event-4725.md)
+###### [Event 4726 S: A user account was deleted.](auditing\event-4726.md)
+###### [Event 4738 S: A user account was changed.](auditing\event-4738.md)
+###### [Event 4740 S: A user account was locked out.](auditing\event-4740.md)
+###### [Event 4765 S: SID History was added to an account.](auditing\event-4765.md)
+###### [Event 4766 F: An attempt to add SID History to an account failed.](auditing\event-4766.md)
+###### [Event 4767 S: A user account was unlocked.](auditing\event-4767.md)
+###### [Event 4780 S: The ACL was set on accounts which are members of administrators groups.](auditing\event-4780.md)
+###### [Event 4781 S: The name of an account was changed.](auditing\event-4781.md)
+###### [Event 4794 S, F: An attempt was made to set the Directory Services Restore Mode administrator password.](auditing\event-4794.md)
+###### [Event 4798 S: A user's local group membership was enumerated.](auditing\event-4798.md)
+###### [Event 5376 S: Credential Manager credentials were backed up.](auditing\event-5376.md)
+###### [Event 5377 S: Credential Manager credentials were restored from a backup.](auditing\event-5377.md)
+##### [Audit DPAPI Activity](auditing\audit-dpapi-activity.md)
+###### [Event 4692 S, F: Backup of data protection master key was attempted.](auditing\event-4692.md)
+###### [Event 4693 S, F: Recovery of data protection master key was attempted.](auditing\event-4693.md)
+###### [Event 4694 S, F: Protection of auditable protected data was attempted.](auditing\event-4694.md)
+###### [Event 4695 S, F: Unprotection of auditable protected data was attempted.](auditing\event-4695.md)
+##### [Audit PNP Activity](auditing\audit-pnp-activity.md)
+###### [Event 6416 S: A new external device was recognized by the System.](auditing\event-6416.md)
+###### [Event 6419 S: A request was made to disable a device.](auditing\event-6419.md)
+###### [Event 6420 S: A device was disabled.](auditing\event-6420.md)
+###### [Event 6421 S: A request was made to enable a device.](auditing\event-6421.md)
+###### [Event 6422 S: A device was enabled.](auditing\event-6422.md)
+###### [Event 6423 S: The installation of this device is forbidden by system policy.](auditing\event-6423.md)
+###### [Event 6424 S: The installation of this device was allowed, after having previously been forbidden by policy.](auditing\event-6424.md)
+##### [Audit Process Creation](auditing\audit-process-creation.md)
+###### [Event 4688 S: A new process has been created.](auditing\event-4688.md)
+###### [Event 4696 S: A primary token was assigned to process.](auditing\event-4696.md)
+##### [Audit Process Termination](auditing\audit-process-termination.md)
+###### [Event 4689 S: A process has exited.](auditing\event-4689.md)
+##### [Audit RPC Events](auditing\audit-rpc-events.md)
+###### [Event 5712 S: A Remote Procedure Call, RPC, was attempted.](auditing\event-5712.md)
+##### [Audit Detailed Directory Service Replication](auditing\audit-detailed-directory-service-replication.md)
+###### [Event 4928 S, F: An Active Directory replica source naming context was established.](auditing\event-4928.md)
+###### [Event 4929 S, F: An Active Directory replica source naming context was removed.](auditing\event-4929.md)
+###### [Event 4930 S, F: An Active Directory replica source naming context was modified.](auditing\event-4930.md)
+###### [Event 4931 S, F: An Active Directory replica destination naming context was modified.](auditing\event-4931.md)
+###### [Event 4934 S: Attributes of an Active Directory object were replicated.](auditing\event-4934.md)
+###### [Event 4935 F: Replication failure begins.](auditing\event-4935.md)
+###### [Event 4936 S: Replication failure ends.](auditing\event-4936.md)
+###### [Event 4937 S: A lingering object was removed from a replica.](auditing\event-4937.md)
+##### [Audit Directory Service Access](auditing\audit-directory-service-access.md)
+###### [Event 4662 S, F: An operation was performed on an object.](auditing\event-4662.md)
+###### [Event 4661 S, F: A handle to an object was requested.](auditing\event-4661.md)
+##### [Audit Directory Service Changes](auditing\audit-directory-service-changes.md)
+###### [Event 5136 S: A directory service object was modified.](auditing\event-5136.md)
+###### [Event 5137 S: A directory service object was created.](auditing\event-5137.md)
+###### [Event 5138 S: A directory service object was undeleted.](auditing\event-5138.md)
+###### [Event 5139 S: A directory service object was moved.](auditing\event-5139.md)
+###### [Event 5141 S: A directory service object was deleted.](auditing\event-5141.md)
+##### [Audit Directory Service Replication](auditing\audit-directory-service-replication.md)
+###### [Event 4932 S: Synchronization of a replica of an Active Directory naming context has begun.](auditing\event-4932.md)
+###### [Event 4933 S, F: Synchronization of a replica of an Active Directory naming context has ended.](auditing\event-4933.md)
+##### [Audit Account Lockout](auditing\audit-account-lockout.md)
+###### [Event 4625 F: An account failed to log on.](auditing\event-4625.md)
+##### [Audit User/Device Claims](auditing\audit-user-device-claims.md)
+###### [Event 4626 S: User/Device claims information.](auditing\event-4626.md)
+##### [Audit Group Membership](auditing\audit-group-membership.md)
+###### [Event 4627 S: Group membership information.](auditing\event-4627.md)
+##### [Audit IPsec Extended Mode](auditing\audit-ipsec-extended-mode.md)
+##### [Audit IPsec Main Mode](auditing\audit-ipsec-main-mode.md)
+##### [Audit IPsec Quick Mode](auditing\audit-ipsec-quick-mode.md)
+##### [Audit Logoff](auditing\audit-logoff.md)
+###### [Event 4634 S: An account was logged off.](auditing\event-4634.md)
+###### [Event 4647 S: User initiated logoff.](auditing\event-4647.md)
+##### [Audit Logon](auditing\audit-logon.md)
+###### [Event 4624 S: An account was successfully logged on.](auditing\event-4624.md)
+###### [Event 4625 F: An account failed to log on.](auditing\event-4625.md)
+###### [Event 4648 S: A logon was attempted using explicit credentials.](auditing\event-4648.md)
+###### [Event 4675 S: SIDs were filtered.](auditing\event-4675.md)
+##### [Audit Network Policy Server](auditing\audit-network-policy-server.md)
+##### [Audit Other Logon/Logoff Events](auditing\audit-other-logonlogoff-events.md)
+###### [Event 4649 S: A replay attack was detected.](auditing\event-4649.md)
+###### [Event 4778 S: A session was reconnected to a Window Station.](auditing\event-4778.md)
+###### [Event 4779 S: A session was disconnected from a Window Station.](auditing\event-4779.md)
+###### [Event 4800 S: The workstation was locked.](auditing\event-4800.md)
+###### [Event 4801 S: The workstation was unlocked.](auditing\event-4801.md)
+###### [Event 4802 S: The screen saver was invoked.](auditing\event-4802.md)
+###### [Event 4803 S: The screen saver was dismissed.](auditing\event-4803.md)
+###### [Event 5378 F: The requested credentials delegation was disallowed by policy.](auditing\event-5378.md)
+###### [Event 5632 S, F: A request was made to authenticate to a wireless network.](auditing\event-5632.md)
+###### [Event 5633 S, F: A request was made to authenticate to a wired network.](auditing\event-5633.md)
+##### [Audit Special Logon](auditing\audit-special-logon.md)
+###### [Event 4964 S: Special groups have been assigned to a new logon.](auditing\event-4964.md)
+###### [Event 4672 S: Special privileges assigned to new logon.](auditing\event-4672.md)
+##### [Audit Application Generated](auditing\audit-application-generated.md)
+##### [Audit Certification Services](auditing\audit-certification-services.md)
+##### [Audit Detailed File Share](auditing\audit-detailed-file-share.md)
+###### [Event 5145 S, F: A network share object was checked to see whether client can be granted desired access.](auditing\event-5145.md)
+##### [Audit File Share](auditing\audit-file-share.md)
+###### [Event 5140 S, F: A network share object was accessed.](auditing\event-5140.md)
+###### [Event 5142 S: A network share object was added.](auditing\event-5142.md)
+###### [Event 5143 S: A network share object was modified.](auditing\event-5143.md)
+###### [Event 5144 S: A network share object was deleted.](auditing\event-5144.md)
+###### [Event 5168 F: SPN check for SMB/SMB2 failed.](auditing\event-5168.md)
+##### [Audit File System](auditing\audit-file-system.md)
+###### [Event 4656 S, F: A handle to an object was requested.](auditing\event-4656.md)
+###### [Event 4658 S: The handle to an object was closed.](auditing\event-4658.md)
+###### [Event 4660 S: An object was deleted.](auditing\event-4660.md)
+###### [Event 4663 S: An attempt was made to access an object.](auditing\event-4663.md)
+###### [Event 4664 S: An attempt was made to create a hard link.](auditing\event-4664.md)
+###### [Event 4985 S: The state of a transaction has changed.](auditing\event-4985.md)
+###### [Event 5051: A file was virtualized.](auditing\event-5051.md)
+###### [Event 4670 S: Permissions on an object were changed.](auditing\event-4670.md)
+##### [Audit Filtering Platform Connection](auditing\audit-filtering-platform-connection.md)
+###### [Event 5031 F: The Windows Firewall Service blocked an application from accepting incoming connections on the network.](auditing\event-5031.md)
+###### [Event 5150: The Windows Filtering Platform blocked a packet.](auditing\event-5150.md)
+###### [Event 5151: A more restrictive Windows Filtering Platform filter has blocked a packet.](auditing\event-5151.md)
+###### [Event 5154 S: The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.](auditing\event-5154.md)
+###### [Event 5155 F: The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.](auditing\event-5155.md)
+###### [Event 5156 S: The Windows Filtering Platform has permitted a connection.](auditing\event-5156.md)
+###### [Event 5157 F: The Windows Filtering Platform has blocked a connection.](auditing\event-5157.md)
+###### [Event 5158 S: The Windows Filtering Platform has permitted a bind to a local port.](auditing\event-5158.md)
+###### [Event 5159 F: The Windows Filtering Platform has blocked a bind to a local port.](auditing\event-5159.md)
+##### [Audit Filtering Platform Packet Drop](auditing\audit-filtering-platform-packet-drop.md)
+###### [Event 5152 F: The Windows Filtering Platform blocked a packet.](auditing\event-5152.md)
+###### [Event 5153 S: A more restrictive Windows Filtering Platform filter has blocked a packet.](auditing\event-5153.md)
+##### [Audit Handle Manipulation](auditing\audit-handle-manipulation.md)
+###### [Event 4690 S: An attempt was made to duplicate a handle to an object.](auditing\event-4690.md)
+##### [Audit Kernel Object](auditing\audit-kernel-object.md)
+###### [Event 4656 S, F: A handle to an object was requested.](auditing\event-4656.md)
+###### [Event 4658 S: The handle to an object was closed.](auditing\event-4658.md)
+###### [Event 4660 S: An object was deleted.](auditing\event-4660.md)
+###### [Event 4663 S: An attempt was made to access an object.](auditing\event-4663.md)
+##### [Audit Other Object Access Events](auditing\audit-other-object-access-events.md)
+###### [Event 4671: An application attempted to access a blocked ordinal through the TBS.](auditing\event-4671.md)
+###### [Event 4691 S: Indirect access to an object was requested.](auditing\event-4691.md)
+###### [Event 5148 F: The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.](auditing\event-5148.md)
+###### [Event 5149 F: The DoS attack has subsided and normal processing is being resumed.](auditing\event-5149.md)
+###### [Event 4698 S: A scheduled task was created.](auditing\event-4698.md)
+###### [Event 4699 S: A scheduled task was deleted.](auditing\event-4699.md)
+###### [Event 4700 S: A scheduled task was enabled.](auditing\event-4700.md)
+###### [Event 4701 S: A scheduled task was disabled.](auditing\event-4701.md)
+###### [Event 4702 S: A scheduled task was updated.](auditing\event-4702.md)
+###### [Event 5888 S: An object in the COM+ Catalog was modified.](auditing\event-5888.md)
+###### [Event 5889 S: An object was deleted from the COM+ Catalog.](auditing\event-5889.md)
+###### [Event 5890 S: An object was added to the COM+ Catalog.](auditing\event-5890.md)
+##### [Audit Registry](auditing\audit-registry.md)
+###### [Event 4663 S: An attempt was made to access an object.](auditing\event-4663.md)
+###### [Event 4656 S, F: A handle to an object was requested.](auditing\event-4656.md)
+###### [Event 4658 S: The handle to an object was closed.](auditing\event-4658.md)
+###### [Event 4660 S: An object was deleted.](auditing\event-4660.md)
+###### [Event 4657 S: A registry value was modified.](auditing\event-4657.md)
+###### [Event 5039: A registry key was virtualized.](auditing\event-5039.md)
+###### [Event 4670 S: Permissions on an object were changed.](auditing\event-4670.md)
+##### [Audit Removable Storage](auditing\audit-removable-storage.md)
+##### [Audit SAM](auditing\audit-sam.md)
+###### [Event 4661 S, F: A handle to an object was requested.](auditing\event-4661.md)
+##### [Audit Central Access Policy Staging](auditing\audit-central-access-policy-staging.md)
+###### [Event 4818 S: Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.](auditing\event-4818.md)
+##### [Audit Audit Policy Change](auditing\audit-audit-policy-change.md)
+###### [Event 4670 S: Permissions on an object were changed.](auditing\event-4670.md)
+###### [Event 4715 S: The audit policy, SACL, on an object was changed.](auditing\event-4715.md)
+###### [Event 4719 S: System audit policy was changed.](auditing\event-4719.md)
+###### [Event 4817 S: Auditing settings on object were changed.](auditing\event-4817.md)
+###### [Event 4902 S: The Per-user audit policy table was created.](auditing\event-4902.md)
+###### [Event 4906 S: The CrashOnAuditFail value has changed.](auditing\event-4906.md)
+###### [Event 4907 S: Auditing settings on object were changed.](auditing\event-4907.md)
+###### [Event 4908 S: Special Groups Logon table modified.](auditing\event-4908.md)
+###### [Event 4912 S: Per User Audit Policy was changed.](auditing\event-4912.md)
+###### [Event 4904 S: An attempt was made to register a security event source.](auditing\event-4904.md)
+###### [Event 4905 S: An attempt was made to unregister a security event source.](auditing\event-4905.md)
+##### [Audit Authentication Policy Change](auditing\audit-authentication-policy-change.md)
+###### [Event 4706 S: A new trust was created to a domain.](auditing\event-4706.md)
+###### [Event 4707 S: A trust to a domain was removed.](auditing\event-4707.md)
+###### [Event 4716 S: Trusted domain information was modified.](auditing\event-4716.md)
+###### [Event 4713 S: Kerberos policy was changed.](auditing\event-4713.md)
+###### [Event 4717 S: System security access was granted to an account.](auditing\event-4717.md)
+###### [Event 4718 S: System security access was removed from an account.](auditing\event-4718.md)
+###### [Event 4739 S: Domain Policy was changed.](auditing\event-4739.md)
+###### [Event 4864 S: A namespace collision was detected.](auditing\event-4864.md)
+###### [Event 4865 S: A trusted forest information entry was added.](auditing\event-4865.md)
+###### [Event 4866 S: A trusted forest information entry was removed.](auditing\event-4866.md)
+###### [Event 4867 S: A trusted forest information entry was modified.](auditing\event-4867.md)
+##### [Audit Authorization Policy Change](auditing\audit-authorization-policy-change.md)
+###### [Event 4703 S: A user right was adjusted.](auditing\event-4703.md)
+###### [Event 4704 S: A user right was assigned.](auditing\event-4704.md)
+###### [Event 4705 S: A user right was removed.](auditing\event-4705.md)
+###### [Event 4670 S: Permissions on an object were changed.](auditing\event-4670.md)
+###### [Event 4911 S: Resource attributes of the object were changed.](auditing\event-4911.md)
+###### [Event 4913 S: Central Access Policy on the object was changed.](auditing\event-4913.md)
+##### [Audit Filtering Platform Policy Change](auditing\audit-filtering-platform-policy-change.md)
+##### [Audit MPSSVC Rule-Level Policy Change](auditing\audit-mpssvc-rule-level-policy-change.md)
+###### [Event 4944 S: The following policy was active when the Windows Firewall started.](auditing\event-4944.md)
+###### [Event 4945 S: A rule was listed when the Windows Firewall started.](auditing\event-4945.md)
+###### [Event 4946 S: A change has been made to Windows Firewall exception list. A rule was added.](auditing\event-4946.md)
+###### [Event 4947 S: A change has been made to Windows Firewall exception list. A rule was modified.](auditing\event-4947.md)
+###### [Event 4948 S: A change has been made to Windows Firewall exception list. A rule was deleted.](auditing\event-4948.md)
+###### [Event 4949 S: Windows Firewall settings were restored to the default values.](auditing\event-4949.md)
+###### [Event 4950 S: A Windows Firewall setting has changed.](auditing\event-4950.md)
+###### [Event 4951 F: A rule has been ignored because its major version number was not recognized by Windows Firewall.](auditing\event-4951.md)
+###### [Event 4952 F: Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.](auditing\event-4952.md)
+###### [Event 4953 F: Windows Firewall ignored a rule because it could not be parsed.](auditing\event-4953.md)
+###### [Event 4954 S: Windows Firewall Group Policy settings have changed. The new settings have been applied.](auditing\event-4954.md)
+###### [Event 4956 S: Windows Firewall has changed the active profile.](auditing\event-4956.md)
+###### [Event 4957 F: Windows Firewall did not apply the following rule.](auditing\event-4957.md)
+###### [Event 4958 F: Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer.](auditing\event-4958.md)
+##### [Audit Other Policy Change Events](auditing\audit-other-policy-change-events.md)
+###### [Event 4714 S: Encrypted data recovery policy was changed.](auditing\event-4714.md)
+###### [Event 4819 S: Central Access Policies on the machine have been changed.](auditing\event-4819.md)
+###### [Event 4826 S: Boot Configuration Data loaded.](auditing\event-4826.md)
+###### [Event 4909: The local policy settings for the TBS were changed.](auditing\event-4909.md)
+###### [Event 4910: The group policy settings for the TBS were changed.](auditing\event-4910.md)
+###### [Event 5063 S, F: A cryptographic provider operation was attempted.](auditing\event-5063.md)
+###### [Event 5064 S, F: A cryptographic context operation was attempted.](auditing\event-5064.md)
+###### [Event 5065 S, F: A cryptographic context modification was attempted.](auditing\event-5065.md)
+###### [Event 5066 S, F: A cryptographic function operation was attempted.](auditing\event-5066.md)
+###### [Event 5067 S, F: A cryptographic function modification was attempted.](auditing\event-5067.md)
+###### [Event 5068 S, F: A cryptographic function provider operation was attempted.](auditing\event-5068.md)
+###### [Event 5069 S, F: A cryptographic function property operation was attempted.](auditing\event-5069.md)
+###### [Event 5070 S, F: A cryptographic function property modification was attempted.](auditing\event-5070.md)
+###### [Event 5447 S: A Windows Filtering Platform filter has been changed.](auditing\event-5447.md)
+###### [Event 6144 S: Security policy in the group policy objects has been applied successfully.](auditing\event-6144.md)
+###### [Event 6145 F: One or more errors occurred while processing security policy in the group policy objects.](auditing\event-6145.md)
+##### [Audit Sensitive Privilege Use](auditing\audit-sensitive-privilege-use.md)
+###### [Event 4673 S, F: A privileged service was called.](auditing\event-4673.md)
+###### [Event 4674 S, F: An operation was attempted on a privileged object.](auditing\event-4674.md)
+###### [Event 4985 S: The state of a transaction has changed.](auditing\event-4985.md)
+##### [Audit Non Sensitive Privilege Use](auditing\audit-non-sensitive-privilege-use.md)
+###### [Event 4673 S, F: A privileged service was called.](auditing\event-4673.md)
+###### [Event 4674 S, F: An operation was attempted on a privileged object.](auditing\event-4674.md)
+###### [Event 4985 S: The state of a transaction has changed.](auditing\event-4985.md)
+##### [Audit Other Privilege Use Events](auditing\audit-other-privilege-use-events.md)
+###### [Event 4985 S: The state of a transaction has changed.](auditing\event-4985.md)
+##### [Audit IPsec Driver](auditing\audit-ipsec-driver.md)
+##### [Audit Other System Events](auditing\audit-other-system-events.md)
+###### [Event 5024 S: The Windows Firewall Service has started successfully.](auditing\event-5024.md)
+###### [Event 5025 S: The Windows Firewall Service has been stopped.](auditing\event-5025.md)
+###### [Event 5027 F: The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.](auditing\event-5027.md)
+###### [Event 5028 F: The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.](auditing\event-5028.md)
+###### [Event 5029 F: The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.](auditing\event-5029.md)
+###### [Event 5030 F: The Windows Firewall Service failed to start.](auditing\event-5030.md)
+###### [Event 5032 F: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.](auditing\event-5032.md)
+###### [Event 5033 S: The Windows Firewall Driver has started successfully.](auditing\event-5033.md)
+###### [Event 5034 S: The Windows Firewall Driver was stopped.](auditing\event-5034.md)
+###### [Event 5035 F: The Windows Firewall Driver failed to start.](auditing\event-5035.md)
+###### [Event 5037 F: The Windows Firewall Driver detected critical runtime error. Terminating.](auditing\event-5037.md)
+###### [Event 5058 S, F: Key file operation.](auditing\event-5058.md)
+###### [Event 5059 S, F: Key migration operation.](auditing\event-5059.md)
+###### [Event 6400: BranchCache: Received an incorrectly formatted response while discovering availability of content.](auditing\event-6400.md)
+###### [Event 6401: BranchCache: Received invalid data from a peer. Data discarded.](auditing\event-6401.md)
+###### [Event 6402: BranchCache: The message to the hosted cache offering it data is incorrectly formatted.](auditing\event-6402.md)
+###### [Event 6403: BranchCache: The hosted cache sent an incorrectly formatted response to the client.](auditing\event-6403.md)
+###### [Event 6404: BranchCache: Hosted cache could not be authenticated using the provisioned SSL certificate.](auditing\event-6404.md)
+###### [Event 6405: BranchCache: %2 instances of event id %1 occurred.](auditing\event-6405.md)
+###### [Event 6406: %1 registered to Windows Firewall to control filtering for the following: %2.](auditing\event-6406.md)
+###### [Event 6407: 1%.](auditing\event-6407.md)
+###### [Event 6408: Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.](auditing\event-6408.md)
+###### [Event 6409: BranchCache: A service connection point object could not be parsed.](auditing\event-6409.md)
+##### [Audit Security State Change](auditing\audit-security-state-change.md)
+###### [Event 4608 S: Windows is starting up.](auditing\event-4608.md)
+###### [Event 4616 S: The system time was changed.](auditing\event-4616.md)
+###### [Event 4621 S: Administrator recovered system from CrashOnAuditFail.](auditing\event-4621.md)
+##### [Audit Security System Extension](auditing\audit-security-system-extension.md)
+###### [Event 4610 S: An authentication package has been loaded by the Local Security Authority.](auditing\event-4610.md)
+###### [Event 4611 S: A trusted logon process has been registered with the Local Security Authority.](auditing\event-4611.md)
+###### [Event 4614 S: A notification package has been loaded by the Security Account Manager.](auditing\event-4614.md)
+###### [Event 4622 S: A security package has been loaded by the Local Security Authority.](auditing\event-4622.md)
+###### [Event 4697 S: A service was installed in the system.](auditing\event-4697.md)
+##### [Audit System Integrity](auditing\audit-system-integrity.md)
+###### [Event 4612 S: Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.](auditing\event-4612.md)
+###### [Event 4615 S: Invalid use of LPC port.](auditing\event-4615.md)
+###### [Event 4618 S: A monitored security event pattern has occurred.](auditing\event-4618.md)
+###### [Event 4816 S: RPC detected an integrity violation while decrypting an incoming message.](auditing\event-4816.md)
+###### [Event 5038 F: Code integrity determined that the image hash of a file is not valid.](auditing\event-5038.md)
+###### [Event 5056 S: A cryptographic self-test was performed.](auditing\event-5056.md)
+###### [Event 5062 S: A kernel-mode cryptographic self-test was performed.](auditing\event-5062.md)
+###### [Event 5057 F: A cryptographic primitive operation failed.](auditing\event-5057.md)
+###### [Event 5060 F: Verification operation failed.](auditing\event-5060.md)
+###### [Event 5061 S, F: Cryptographic operation.](auditing\event-5061.md)
+###### [Event 6281 F: Code Integrity determined that the page hashes of an image file are not valid.](auditing\event-6281.md)
+###### [Event 6410 F: Code integrity determined that a file does not meet the security requirements to load into a process.](auditing\event-6410.md)
+##### [Other Events](auditing\other-events.md)
+###### [Event 1100 S: The event logging service has shut down.](auditing\event-1100.md)
+###### [Event 1102 S: The audit log was cleared.](auditing\event-1102.md)
+###### [Event 1104 S: The security log is now full.](auditing\event-1104.md)
+###### [Event 1105 S: Event log automatic backup.](auditing\event-1105.md)
+###### [Event 1108 S: The event logging service encountered an error while processing an incoming event published from %1.](auditing\event-1108.md)
+##### [Appendix A: Security monitoring recommendations for many audit events](auditing\appendix-a-security-monitoring-recommendations-for-many-audit-events.md)
+##### [Registry (Global Object Access Auditing) ](auditing\registry-global-object-access-auditing.md)
+##### [File System (Global Object Access Auditing) ](auditing\file-system-global-object-access-auditing.md)
+
+## [Security policy settings](security-policy-settings/security-policy-settings.md)
+### [Administer security policy settings](security-policy-settings/administer-security-policy-settings.md)
+#### [Network List Manager policies](security-policy-settings/network-list-manager-policies.md)
+### [Configure security policy settings](security-policy-settings/how-to-configure-security-policy-settings.md)
+### [Security policy settings reference](security-policy-settings/security-policy-settings-reference.md)
+#### [Account Policies](security-policy-settings/account-policies.md)
+##### [Password Policy](security-policy-settings/password-policy.md)
+###### [Enforce password history](security-policy-settings/enforce-password-history.md)
+###### [Maximum password age](security-policy-settings/maximum-password-age.md)
+###### [Minimum password age](security-policy-settings/minimum-password-age.md)
+###### [Minimum password length](security-policy-settings/minimum-password-length.md)
+###### [Password must meet complexity requirements](security-policy-settings/password-must-meet-complexity-requirements.md)
+###### [Store passwords using reversible encryption](security-policy-settings/store-passwords-using-reversible-encryption.md)
+##### [Account Lockout Policy](security-policy-settings/account-lockout-policy.md)
+###### [Account lockout duration](security-policy-settings/account-lockout-duration.md)
+###### [Account lockout threshold](security-policy-settings/account-lockout-threshold.md)
+###### [Reset account lockout counter after](security-policy-settings/reset-account-lockout-counter-after.md)
+##### [Kerberos Policy](security-policy-settings/kerberos-policy.md)
+###### [Enforce user logon restrictions](security-policy-settings/enforce-user-logon-restrictions.md)
+###### [Maximum lifetime for service ticket](security-policy-settings/maximum-lifetime-for-service-ticket.md)
+###### [Maximum lifetime for user ticket](security-policy-settings/maximum-lifetime-for-user-ticket.md)
+###### [Maximum lifetime for user ticket renewal](security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md)
+###### [Maximum tolerance for computer clock synchronization](security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md)
+#### [Audit Policy](security-policy-settings/audit-policy.md)
+#### [Security Options](security-policy-settings/security-options.md)
+##### [Accounts: Administrator account status](security-policy-settings/accounts-administrator-account-status.md)
+##### [Accounts: Block Microsoft accounts](security-policy-settings/accounts-block-microsoft-accounts.md)
+##### [Accounts: Guest account status](security-policy-settings/accounts-guest-account-status.md)
+##### [Accounts: Limit local account use of blank passwords to console logon only](security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md)
+##### [Accounts: Rename administrator account](security-policy-settings/accounts-rename-administrator-account.md)
+##### [Accounts: Rename guest account](security-policy-settings/accounts-rename-guest-account.md)
+##### [Audit: Audit the access of global system objects](security-policy-settings/audit-audit-the-access-of-global-system-objects.md)
+##### [Audit: Audit the use of Backup and Restore privilege](security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md)
+##### [Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings](security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md)
+##### [Audit: Shut down system immediately if unable to log security audits](security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md)
+##### [DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax](security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md)
+##### [DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax](security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md)
+##### [Devices: Allow undock without having to log on](security-policy-settings/devices-allow-undock-without-having-to-log-on.md)
+##### [Devices: Allowed to format and eject removable media](security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md)
+##### [Devices: Prevent users from installing printer drivers](security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md)
+##### [Devices: Restrict CD-ROM access to locally logged-on user only](security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md)
+##### [Devices: Restrict floppy access to locally logged-on user only](security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md)
+##### [Domain controller: Allow server operators to schedule tasks](security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md)
+##### [Domain controller: LDAP server signing requirements](security-policy-settings/domain-controller-ldap-server-signing-requirements.md)
+##### [Domain controller: Refuse machine account password changes](security-policy-settings/domain-controller-refuse-machine-account-password-changes.md)
+##### [Domain member: Digitally encrypt or sign secure channel data (always)](security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md)
+##### [Domain member: Digitally encrypt secure channel data (when possible)](security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md)
+##### [Domain member: Digitally sign secure channel data (when possible)](security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md)
+##### [Domain member: Disable machine account password changes](security-policy-settings/domain-member-disable-machine-account-password-changes.md)
+##### [Domain member: Maximum machine account password age](security-policy-settings/domain-member-maximum-machine-account-password-age.md)
+##### [Domain member: Require strong (Windows 2000 or later) session key](security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md)
+##### [Interactive logon: Display user information when the session is locked](security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md)
+##### [Interactive logon: Don't display last signed-in](security-policy-settings/interactive-logon-do-not-display-last-user-name.md)
+##### [Interactive logon: Don't display username at sign-in](security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md)
+##### [Interactive logon: Do not require CTRL+ALT+DEL](security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md)
+##### [Interactive logon: Machine account lockout threshold](security-policy-settings/interactive-logon-machine-account-lockout-threshold.md)
+##### [Interactive logon: Machine inactivity limit](security-policy-settings/interactive-logon-machine-inactivity-limit.md)
+##### [Interactive logon: Message text for users attempting to log on](security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md)
+##### [Interactive logon: Message title for users attempting to log on](security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md)
+##### [Interactive logon: Number of previous logons to cache (in case domain controller is not available)](security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md)
+##### [Interactive logon: Prompt user to change password before expiration](security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md)
+##### [Interactive logon: Require Domain Controller authentication to unlock workstation](security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md)
+##### [Interactive logon: Require smart card](security-policy-settings/interactive-logon-require-smart-card.md)
+##### [Interactive logon: Smart card removal behavior](security-policy-settings/interactive-logon-smart-card-removal-behavior.md)
+##### [Microsoft network client: Digitally sign communications (always)](security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md)
+##### [Microsoft network client: Digitally sign communications (if server agrees)](security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md)
+##### [Microsoft network client: Send unencrypted password to third-party SMB servers](security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md)
+##### [Microsoft network server: Amount of idle time required before suspending session](security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md)
+##### [Microsoft network server: Attempt S4U2Self to obtain claim information](security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md)
+##### [Microsoft network server: Digitally sign communications (always)](security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md)
+##### [Microsoft network server: Digitally sign communications (if client agrees)](security-policy-settings/microsoft-network-server-digitally-sign-communications-if-client-agrees.md)
+##### [Microsoft network server: Disconnect clients when logon hours expire](security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md)
+##### [Microsoft network server: Server SPN target name validation level](security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md)
+##### [Network access: Allow anonymous SID/Name translation](security-policy-settings/network-access-allow-anonymous-sidname-translation.md)
+##### [Network access: Do not allow anonymous enumeration of SAM accounts](security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md)
+##### [Network access: Do not allow anonymous enumeration of SAM accounts and shares](security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md)
+##### [Network access: Do not allow storage of passwords and credentials for network authentication](security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md)
+##### [Network access: Let Everyone permissions apply to anonymous users](security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md)
+##### [Network access: Named Pipes that can be accessed anonymously](security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md)
+##### [Network access: Remotely accessible registry paths](security-policy-settings/network-access-remotely-accessible-registry-paths.md)
+##### [Network access: Remotely accessible registry paths and subpaths](security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md)
+##### [Network access: Restrict anonymous access to Named Pipes and Shares](security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md)
+##### [Network access: Shares that can be accessed anonymously](security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md)
+##### [Network access: Sharing and security model for local accounts](security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md)
+##### [Network security: Allow Local System to use computer identity for NTLM](security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md)
+##### [Network security: Allow LocalSystem NULL session fallback](security-policy-settings/network-security-allow-localsystem-null-session-fallback.md)
+##### [Network security: Allow PKU2U authentication requests to this computer to use online identities](security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md)
+##### [Network security: Configure encryption types allowed for Kerberos Win7 only](security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md)
+##### [Network security: Do not store LAN Manager hash value on next password change](security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md)
+##### [Network security: Force logoff when logon hours expire](security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md)
+##### [Network security: LAN Manager authentication level](security-policy-settings/network-security-lan-manager-authentication-level.md)
+##### [Network security: LDAP client signing requirements](security-policy-settings/network-security-ldap-client-signing-requirements.md)
+##### [Network security: Minimum session security for NTLM SSP based (including secure RPC) clients](security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md)
+##### [Network security: Minimum session security for NTLM SSP based (including secure RPC) servers](security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md)
+##### [Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication](security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md)
+##### [Network security: Restrict NTLM: Add server exceptions in this domain](security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md)
+##### [Network security: Restrict NTLM: Audit incoming NTLM traffic](security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md)
+##### [Network security: Restrict NTLM: Audit NTLM authentication in this domain](security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md)
+##### [Network security: Restrict NTLM: Incoming NTLM traffic](security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md)
+##### [Network security: Restrict NTLM: NTLM authentication in this domain](security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md)
+##### [Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers](security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md)
+##### [Recovery console: Allow automatic administrative logon](security-policy-settings/recovery-console-allow-automatic-administrative-logon.md)
+##### [Recovery console: Allow floppy copy and access to all drives and folders](security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md)
+##### [Shutdown: Allow system to be shut down without having to log on](security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md)
+##### [Shutdown: Clear virtual memory pagefile](security-policy-settings/shutdown-clear-virtual-memory-pagefile.md)
+##### [System cryptography: Force strong key protection for user keys stored on the computer](security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md)
+##### [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md)
+##### [System objects: Require case insensitivity for non-Windows subsystems](security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md)
+##### [System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)](security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md)
+##### [System settings: Optional subsystems](security-policy-settings/system-settings-optional-subsystems.md)
+##### [System settings: Use certificate rules on Windows executables for Software Restriction Policies](security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md)
+##### [User Account Control: Admin Approval Mode for the Built-in Administrator account](security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md)
+##### [User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop](security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md)
+##### [User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode](security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md)
+##### [User Account Control: Behavior of the elevation prompt for standard users](security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md)
+##### [User Account Control: Detect application installations and prompt for elevation](security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md)
+##### [User Account Control: Only elevate executables that are signed and validated](security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md)
+##### [User Account Control: Only elevate UIAccess applications that are installed in secure locations](security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md)
+##### [User Account Control: Run all administrators in Admin Approval Mode](security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md)
+##### [User Account Control: Switch to the secure desktop when prompting for elevation](security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md)
+##### [User Account Control: Virtualize file and registry write failures to per-user locations](security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md)
+#### [Advanced security audit policy settings](security-policy-settings/secpol-advanced-security-audit-policy-settings.md)
+#### [User Rights Assignment](security-policy-settings/user-rights-assignment.md)
+##### [Access Credential Manager as a trusted caller](security-policy-settings/access-credential-manager-as-a-trusted-caller.md)
+##### [Access this computer from the network](security-policy-settings/access-this-computer-from-the-network.md)
+##### [Act as part of the operating system](security-policy-settings/act-as-part-of-the-operating-system.md)
+##### [Add workstations to domain](security-policy-settings/add-workstations-to-domain.md)
+##### [Adjust memory quotas for a process](security-policy-settings/adjust-memory-quotas-for-a-process.md)
+##### [Allow log on locally](security-policy-settings/allow-log-on-locally.md)
+##### [Allow log on through Remote Desktop Services](security-policy-settings/allow-log-on-through-remote-desktop-services.md)
+##### [Back up files and directories](security-policy-settings/back-up-files-and-directories.md)
+##### [Bypass traverse checking](security-policy-settings/bypass-traverse-checking.md)
+##### [Change the system time](security-policy-settings/change-the-system-time.md)
+##### [Change the time zone](security-policy-settings/change-the-time-zone.md)
+##### [Create a pagefile](security-policy-settings/create-a-pagefile.md)
+##### [Create a token object](security-policy-settings/create-a-token-object.md)
+##### [Create global objects](security-policy-settings/create-global-objects.md)
+##### [Create permanent shared objects](security-policy-settings/create-permanent-shared-objects.md)
+##### [Create symbolic links](security-policy-settings/create-symbolic-links.md)
+##### [Debug programs](security-policy-settings/debug-programs.md)
+##### [Deny access to this computer from the network](security-policy-settings/deny-access-to-this-computer-from-the-network.md)
+##### [Deny log on as a batch job](security-policy-settings/deny-log-on-as-a-batch-job.md)
+##### [Deny log on as a service](security-policy-settings/deny-log-on-as-a-service.md)
+##### [Deny log on locally](security-policy-settings/deny-log-on-locally.md)
+##### [Deny log on through Remote Desktop Services](security-policy-settings/deny-log-on-through-remote-desktop-services.md)
+##### [Enable computer and user accounts to be trusted for delegation](security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md)
+##### [Force shutdown from a remote system](security-policy-settings/force-shutdown-from-a-remote-system.md)
+##### [Generate security audits](security-policy-settings/generate-security-audits.md)
+##### [Impersonate a client after authentication](security-policy-settings/impersonate-a-client-after-authentication.md)
+##### [Increase a process working set](security-policy-settings/increase-a-process-working-set.md)
+##### [Increase scheduling priority](security-policy-settings/increase-scheduling-priority.md)
+##### [Load and unload device drivers](security-policy-settings/load-and-unload-device-drivers.md)
+##### [Lock pages in memory](security-policy-settings/lock-pages-in-memory.md)
+##### [Log on as a batch job](security-policy-settings/log-on-as-a-batch-job.md)
+##### [Log on as a service](security-policy-settings/log-on-as-a-service.md)
+##### [Manage auditing and security log](security-policy-settings/manage-auditing-and-security-log.md)
+##### [Modify an object label](security-policy-settings/modify-an-object-label.md)
+##### [Modify firmware environment values](security-policy-settings/modify-firmware-environment-values.md)
+##### [Perform volume maintenance tasks](security-policy-settings/perform-volume-maintenance-tasks.md)
+##### [Profile single process](security-policy-settings/profile-single-process.md)
+##### [Profile system performance](security-policy-settings/profile-system-performance.md)
+##### [Remove computer from docking station](security-policy-settings/remove-computer-from-docking-station.md)
+##### [Replace a process level token](security-policy-settings/replace-a-process-level-token.md)
+##### [Restore files and directories](security-policy-settings/restore-files-and-directories.md)
+##### [Shut down the system](security-policy-settings/shut-down-the-system.md)
+##### [Synchronize directory service data](security-policy-settings/synchronize-directory-service-data.md)
+##### [Take ownership of files or other objects](security-policy-settings/take-ownership-of-files-or-other-objects.md)
+
+## [Trusted Platform Module](tpm/trusted-platform-module-top-node.md)
+### [Trusted Platform Module Overview](tpm/trusted-platform-module-overview.md)
+### [TPM fundamentals](tpm/tpm-fundamentals.md)
+### [TPM Group Policy settings](tpm/trusted-platform-module-services-group-policy-settings.md)
+### [Back up the TPM recovery information to AD DS](tpm/backup-tpm-recovery-information-to-ad-ds.md)
+### [Manage TPM commands](tpm/manage-tpm-commands.md)
+### [Manage TPM lockout](tpm/manage-tpm-lockout.md)
+### [Change the TPM owner password](tpm/change-the-tpm-owner-password.md)
+### [View status, clear, or troubleshoot the TPM](tpm/initialize-and-configure-ownership-of-the-tpm.md)
+### [Understanding PCR banks on TPM 2.0 devices](tpm/switch-pcr-banks-on-tpm-2-0-devices.md)
+### [TPM recommendations](tpm/tpm-recommendations.md)
+
+## [Windows security baselines](windows-security-baselines.md)
+
+## [Windows 10 Mobile security guide](windows-10-mobile-security-guide.md)
+
+## [Change history for device security](change-history-for-device-security.md)

windows/device-security/index.md

@@ -1 +1,26 @@
-# Welcome to win-device-security!
+---
+title: Device Security (Windows 10)
+description: Learn more about how to help secure your Windows 10 and Windows 10 Mobile devices.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Device Security
+
+Learn more about how to help secure your Windows 10 and Windows 10 Mobile devices.
+
+| Section | Description |
+|-|-|
+| [AppLocker](applocker/applocker-overview.md)| Describes AppLocker, and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.|
+| [BitLocker](bitlocker/bitlocker-overview.md)| Provides information about BitLocker, which is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. |
+| [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md) | Learn more about protecting high-value assets. |
+| [Device Guard deployment guide](device-guard/device-guard-deployment-guide.md) | Device Guard is a combination of hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications. If the app isn’t trusted it can’t run, period. It also means that even if an attacker manages to get control of the Windows kernel, he or she will be much less likely to be able to run malicious executable code after the computer restarts because of how decisions are made about what can run and when. |
+| [Encrypted Hard Drive](encrypted-hard-drive.md) | Provides information about Encrypted Hard Drive, which uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management.|
+| [Security auditing](auditing/security-auditing-overview.md)| Describes how the IT professional can use the security auditing features in Windows, and how organizations can benefit from using these technologies, to enhance the security and manageability of networks.|
+| [Security policy settings](security-policy-settings/security-policy-settings.md)| Provides a collection of reference topics that describe the common scenarios, architecture, and processes for security settings.|
+| [Trusted Platform Module](tpm/trusted-platform-module-top-node.md)| Provides links to information about the Trusted Platform Module (TPM), which is a secure crypto-processor that helps you with actions such as generating, storing, and limiting the use of cryptographic keys. |
+| [Windows 10 Mobile security guide](windows-10-mobile-security-guide.md) | Learn more about securing your Windows 10 Mobile devices. |
+| [Windows security baselines](windows-security-baselines.md) | Learn why you should use security baselines in your organization. |

windows/threat-protection/index.md

@@ -22,4 +22,3 @@ Learn more about how to help protect against threats in Windows 10 and Windows
 | [Windows Defender SmartScreen](windows-defender-smartscreen/windows-defender-smartscreen-overview.md) | Learn more about Windows Defender SmartScreen. |
 | [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md) | Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected. |
 | [Block untrusted fonts in an enterprise](block-untrusted-fonts-in-enterprise.md) | To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we’ve created the Blocking Untrusted Fonts feature. Using this feature, you can turn on a global setting that stops your employees from loading untrusted fonts processed using the Graphics Device Interface (GDI) onto your network. Untrusted fonts are any font installed outside of the %windir%/Fonts directory. Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process. |
- 

windows/whats-new/TOC.md

@@ -1 +1,6 @@
-# [Index](index.md)
+# [What's new in Windows 10](index.md)
+## [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
+## [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
+## [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
+
+

windows/whats-new/index.md

@@ -1 +1,42 @@
-# Welcome to win-whats-new!
+---
+title: What's new in Windows 10 (Windows 10)
+description: Learn about new features in Windows 10 for IT professionals, such as Enterprise Data Protection, Windows Hello, Device Guard, and more.
+ms.assetid: F1867017-76A1-4761-A200-7450B96AEF44
+keywords: ["What's new in Windows 10", "Windows 10", "anniversary update", "contribute", "edit topic"]
+ms.prod: w10
+author: TrudyHa
+localizationpriority: high
+---
+
+# What's new in Windows 10
+
+
+Windows 10 provides IT professionals with advanced protection against modern security threats and comprehensive management and control over devices and apps, as well as flexible deployment, update, and support options. Learn about new features in Windows 10 for IT professionals, such as Windows Information Protection, Windows Hello, Device Guard, and more. 
+
+## In this section
+
+- [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
+- [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
+- [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
+
+
+- [Edit an existing topic using the Contribute link](contribute-to-a-topic.md)
+
+## Learn more
+
+- [Windows 10 roadmap](https://www.microsoft.com/en-us/WindowsForBusiness/windows-roadmap)
+- [Windows 10 release information](https://technet.microsoft.com/en-us/windows/release-info)
+- [Windows 10 update history](https://support.microsoft.com/en-us/help/12387/windows-10-update-history)
+- [Windows 10 content from Microsoft Ignite](https://go.microsoft.com/fwlink/p/?LinkId=613210)
+- [Compare Windows 10 Editions](https://go.microsoft.com/fwlink/p/?LinkId=690485)
+
+
+
+ 
+
+ 
+
+
+
+
+