deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Indented content in list items, added missing end punctuation

Browse Source
This commit is contained in:
Gary Moore 2020-04-20 16:35:23 -07:00 committed by GitHub
parent 127ca6c050
commit 58f802b84e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md
View File

@ -53,27 +53,28 @@ When you have configured exploit protection to your desired state (including bot
3. At the bottom of the **Exploit protection** section, click **Export settings** and then choose the location and name of the XML file where you want the configuration to be saved.
> [!IMPORTANT]
> If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file.
> [!IMPORTANT]
> If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file.
![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png)
![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png)
> [!NOTE]
> When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the **System settings** and **Program settings** sections - either section will export all settings.
> [!NOTE]
> When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the **System settings** and **Program settings** sectionseither section will export all settings.
### Use PowerShell to export a configuration file
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**.
2. Enter the following cmdlet:
```PowerShell
Get-ProcessMitigation -RegistryConfigFilePath filename.xml
```
Change `filename` to any name or location of your choosing.
Change `filename` to any name or location of your choosing.
Example command
**Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml**
Example command:
**Get-ProcessMitigation -RegistryConfigFilePath C:\ExploitConfigfile.xml**
> [!IMPORTANT]
> When you deploy the configuration using Group Policy, all machines that will use the configuration must be able to access the configuration file. Ensure you place the file in a shared location.
@ -86,17 +87,18 @@ After importing, the settings will be instantly applied and can be reviewed in t
### Use PowerShell to import a configuration file
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**.
2. Enter the following cmdlet:
```PowerShell
Set-ProcessMitigation -PolicyFilePath filename.xml
```
Change `filename` to the location and name of the exploit protection XML file.
Change `filename` to the location and name of the exploit protection XML file.
Example command
**Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml**
Example command:
**Set-ProcessMitigation -PolicyFilePath C:\ExploitConfigfile.xml**
> [!IMPORTANT]
>
@ -116,14 +118,14 @@ You can only do this conversion in PowerShell.
>
> You can then convert that file using the PowerShell cmdlet described here before importing the settings into Exploit protection.
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**.
2. Enter the following cmdlet:
```PowerShell
ConvertTo-ProcessMitigationPolicy -EMETFilePath emetFile.xml -OutputFilePath filename.xml
```
Change `emetFile` to the name and location of the EMET configuration file, and change `filename` to whichever location and file name you want to use.
Change `emetFile` to the name and location of the EMET configuration file, and change `filename` to whichever location and file name you want to use.
> [!IMPORTANT]
>
@ -151,7 +153,7 @@ You can use Group Policy to deploy the configuration you've created to multiple
4. Double-click the **Use a common set of Exploit protection settings** setting and set the option to **Enabled**.
5. In the **Options::** section, enter the location and filename of the Exploit protection configuration file that you want to use, such as in the following examples:
5. In the **Options::** section, enter the location and file name of the Exploit protection configuration file that you want to use, such as in the following examples:
* C:\MitigationSettings\Config.XML
* \\\Server\Share\Config.xml