deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'dansimp-new-security-toc' of https://github.com/MicrosoftDocs/windows-docs-pr into dansimp-new-security-toc

Browse Source
This commit is contained in:
denisebmsft
2021-09-16 16:53:04 -07:00
parent a117b86295 387bd90a72
commit 5fe6794144
5 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/TOC.yml
View File

@ -1,7 +1,7 @@
- name: Windows security
href: index.yml
- name: Windows and Zero Trust
- name: Zero Trust and Windows
href: zero-trust-windows-device-health.md
expanded: true
- name: Hardware security

2
windows/security/threat-protection/auditing/TOC.yml
View File

@ -763,3 +763,5 @@
href: registry-global-object-access-auditing.md
- name: File System (Global Object Access Auditing)
href: file-system-global-object-access-auditing.md
- name: Windows security
href: /windows/security/index.yml

2
windows/security/threat-protection/security-policy-settings/TOC.yml
View File

@ -347,3 +347,5 @@
href: synchronize-directory-service-data.md
- name: Take ownership of files or other objects
href: take-ownership-of-files-or-other-objects.md
- name: Windows security
href: /windows/security/index.yml

2
windows/security/threat-protection/windows-firewall/TOC.yml
View File

@ -250,3 +250,5 @@
href: quarantine.md
- name: Firewall settings lost on upgrade
href: firewall-settings-lost-on-upgrade.md
- name: Windows security
href: /windows/security/index.yml

6
windows/security/zero-trust-windows-device-health.md
View File

@ -23,7 +23,7 @@ The [Zero Trust Principles](https://www.microsoft.com/security/business/zero-tru
**Use least-privileged access**. Limit user access with just-in-time and just-enough-access, risk-based adaptive polices, and data protection to help secure data and maintain productivity.
**Assume breach**. Assume breach operates in a manner that minimizes blast radius and segments access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.
**Assume breach**. Prevent attackers from obtaining access to minimize potential damage to data and systems. Protect privileged roles, verify end-to-end encryption, use analytics to get visibility, and drive threat detection to improve defenses.
For Windows 11, the Zero Trust concept of verify explicitly applies to the risks introduced by both devices and users. Windows 11 provides IT administrators the attestation and measurements to determine whether a device meets requirements and can be trusted. And Windows 11 works out of the box with Microsoft Intune and Azure Active Directory, so access decisions and enforcement are seamless. Plus, IT Administrators can easily customize Windows 11 to meet specific user and policy requirements for access, privacy, compliance, and more.
@ -50,3 +50,7 @@ A summary of the steps involved in attestation and Zero Trust on the device side
6. The attestation service returns an attestation report that contains information about the security features based on the policy configured in the attestation service.
7. The device then sends the report to the MEM cloud to assess the trustworthiness of the platform according to the admin-configured device compliance rules.
8. Conditional access, along with device-compliance state then decides to grant access to protected resource or not.
## Additional Resources
Learn more about Microsoft Zero Trust solutions in the [Zero Trust Guidance Center](/security/zero-trust/)