Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into wdac

windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md

@@ -99,7 +99,7 @@ Hybrid Windows Hello for Business deployments can use Azure’s Multifactor Auth
 > [!div class="checklist"]
 > * Azure MFA Service
 > * Windows Server 2016 AD FS and Azure (optional, if federated)
-> * Windows Server 2016 AD FS and third party MFA Adapter (optiona, if federated)
+> * Windows Server 2016 AD FS and third party MFA Adapter (optional, if federated)
 
 <br>
 
@@ -136,4 +136,4 @@ For federerated and non-federated environments, start with **Configure Windows H
 4. [Configure Directory Synchronization](hello-hybrid-key-trust-dirsync.md)
 5. [Configure Azure Device Registration](hello-hybrid-key-trust-devreg.md)
 6. [Configure Windows Hello for Business settings](hello-hybrid-key-whfb-settings.md)
-7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)
+7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)

windows/security/information-protection/bitlocker/bitlocker-countermeasures.md

@@ -94,7 +94,7 @@ For many years, Microsoft has recommended using pre-boot authentication to prote
 
 Although effective, pre-boot authentication is inconvenient to users. In addition, if a user forgets their PIN or loses their startup key, they’re denied access to their data until they can contact their organization’s support team to obtain a recovery key. Today, most new PCs running Windows 10, Windows 8.1, or Windows 8 provide sufficient protection against DMA attacks without requiring pre-boot authentication. For example, most modern PCs include USB port options (which are not vulnerable to DMA attacks) but do not include FireWire or Thunderbolt ports (which are vulnerable to DMA attacks).
 
-BitLocker-encrypted devices with DMA ports enabled, including FireWire or Thunderbolt ports, should be configured with pre-boot authentication if they are running Windows 10, Windows 7, Windows 8, or Windows 8.1 and disabling the ports using policy or firmware configuration is not an option. Windows 8.1 and later Modern Standby devices do not need pre-boot authentication to defend against DMA-based port attacks, as the ports will not be present on certified devices. A non-Modern Standby Windows 8.1 and later device requires pre-boot authentication if DMA ports are enabled on the device and additional mitigations described in this document are not implemented. Many customers find that the DMA ports on their devices are never used, and they choose to eliminate the possibility of an attack by disabling the DMA ports themselves, either at the hardware level or through Group Policy.
+BitLocker-encrypted devices with DMA ports enabled, including FireWire or Thunderbolt ports, should be configured with pre-boot authentication if they are running Windows 10, Windows 7, Windows 8, or Windows 8.1 and disabling the ports using policy or firmware configuration is not an option. Many customers find that the DMA ports on their devices are never used, and they choose to eliminate the possibility of an attack by disabling the DMA ports themselves, either at the hardware level or through Group Policy.
 Many new mobile devices have the system memory soldered to the motherboard, which helps prevent the cold boot–style attack, where the system memory is frozen, removed, and then placed into another device. Those devices, and most PCs, can still be vulnerable when booting to a malicious operating system, however.
 
 You can mitigate the risk of booting to a malicious operating system:

windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md

@@ -29,7 +29,7 @@ These settings, located at **Computer Configuration\Administrative Templates\Net
 |Policy name|Supported versions|Description|
 |-----------|------------------|-----------|
 |Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
-|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: 1) Please include a full domain name (www.contoso.com) in the configuration 2) You may use "." as a wildcard character to automatically trust subdomains. Configuring '.constoso.com' will automatically trust 'subdomain1.contoso.com', 'subdomain2.contoso.com etc. |
+|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: 1) Please include a full domain name (www.contoso.com) in the configuration 2) You may optionally use "." as a wildcard character to automatically trust subdomains. Configuring ".constoso.com" will automatically trust "subdomain1.contoso.com", "subdomain2.contoso.com" etc. |
 |Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
 
 ### Application-specific settings

windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: security
 author: mjcaparas
 localizationpriority: high
-ms.date: 10/23/2017
+ms.date: 03/16/2018
 ---
 # Create and build Power BI reports using Windows Defender ATP data
 
@@ -32,33 +32,94 @@ Windows Defender ATP supports the use of Power BI data connectors to enable you
 Data connectors integrate seamlessly in Power BI, and make it easy for power users to query, shape and combine data to build reports and dashboards that meet the needs of your organization. 
 
 You can easily get started by:
-- Creating a dashboard on the Power BI service 
+- Creating a dashboard on the Power BI service:
+  - From the Windows Defender ATP portal or 
+  - From the Power BI portal
 - Building a custom dashboard on Power BI Desktop and tweaking it to fit the visual analytics and reporting requirements of your organization 
 
 You can access these options from the Windows Defender ATP portal. Both the Power BI service and Power BI Desktop are supported. 
 
-## Create a Windows Defender ATP dashboard on Power BI service
+## Create a Power BI dashboard from the Windows Defender ATP portal
 Windows Defender ATP makes it easy to create a Power BI dashboard by providing an option straight from the portal. 
 
 1. In the navigation pane, select **Preferences setup** > **Power BI reports**.
-
-2.	Click **Create dashboard**. This opens up a new tab in your browser and loads the Power BI service with data from your organization.
-
+    
     ![Preferences setup with create dashboard button](images/atp-create-dashboard.png)
 
+2.	Click **Create dashboard**. You'll see a notification that things are being loaded. 
+
+    ![Image of loading](images/atp-loading.png)
+
+
+3. Specify the following details:
+    - **extensionDataSourceKind**: WDATPConnector
+    - **extensionDataSourcePath**: WDATPConnector
+    - **Authentication method**: OAuth2
+
+    ![Image of Power BI authentication method](images/atp-powerbi-extension.png)
+
+4. Click **Sign in**. If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, access your data, and be used for report refresh.
+
+      ![Consent image](images/atp-powerbi-accept.png)
+
+5.	Click **Accept**. Power BI service will start downloading your Windows Defender ATP data from Microsoft Graph. After a successful login, you'll see a notification that data is being imported:
+
+    ![Image of importing data](images/atp-powerbi-importing.png)
+    
     >[!NOTE]
-    >Loading your data in the Power BI service can take a few minutes.
+    >Depending on the number of onboarded machines, loading your data in the Power BI service can take several minutes. A larger number of machines might take longer to load. 
 
-3. If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, and access your data.
+    When importing data is completed and the dataset is ready, you’ll the following notification:
 
-      ![Consent image](images/atp-powerbi-consent.png)
+    ![Image of dataset is ready](images/atp-data-ready.png)
 
-4.	Click **Accept**. Power BI service will start downloading your Windows Defender ATP data from Microsoft Graph. 
+6. Click **View dataset** to explore your data.
 
-When the dashboard is ready, you’ll get a notification within the Power BI website. Use the link in the portal to the Power BI console after creating the dashboard.
 
 For more information, see [Create a Power BI dashboard from a report](https://powerbi.microsoft.com/en-us/documentation/powerbi-service-create-a-dashboard/).
 
+
+## Create a Power BI dashboard from the Power BI portal
+
+1. Login to [Power BI](https://powerbi.microsoft.com/).
+
+2. Click **Get Data**.
+
+3. Select **Microsoft AppSource** > **My Organization** > **Get**.
+
+    ![Image of Microsoft AppSource to get data](images/atp-get-data.png)
+
+4. In the AppSource window, select **Apps** and search for Windows Defender Advanced Threat Protection.
+
+    ![Image of AppSource to get Windows Defender ATP](images/atp-appsource.png)
+
+5. Click **Get it now**.
+
+6. Specify the following details:
+    - **extensionDataSourceKind**: WDATPConnector
+    - **extensionDataSourcePath**: WDATPConnector
+    - **Authentication method**: OAuth2
+
+    ![Image of Power BI authentication method](images/atp-powerbi-extension.png)
+
+7. Click **Sign in**. If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, access your data, and be used for report refresh.
+
+      ![Consent image](images/atp-powerbi-accept.png)
+
+8.	Click **Accept**. Power BI service will start downloading your Windows Defender ATP data from Microsoft Graph. After a successful login, you'll see a notification that data is being imported:
+
+    ![Image of importing data](images/atp-powerbi-importing.png)
+    
+    >[!NOTE]
+    >Depending on the number of onboarded machines, loading your data in the Power BI service can take several minutes. A larger number of machines might take longer to load. 
+
+    When importing data is completed and the dataset is ready, you’ll the following notification:
+
+    ![Image of dataset is ready](images/atp-data-ready.png)
+
+9. Click **View dataset** to explore your data.
+
+
 ## Build a custom Windows Defender ATP dashboard in Power BI Desktop
 You can create a custom dashboard in Power BI Desktop to create visualizations that cater to the specific views that your organization requires.  
 
@@ -93,9 +154,9 @@ After completing the steps in the Before you begin section, you can proceed with
 
 1.	Open WDATPPowerBI.pbit from the zip with Power BI Desktop.
 
-2.	If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, and access your data.
+2.	If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, access your data, and be used for report refresh.
 
-    ![Consent image](images/atp-powerbi-consent.png)
+    ![Consent image](images/atp-powerbi-accept.png)
 
 3.	Click **Accept**. Power BI Desktop will start downloading your Windows Defender ATP data from Microsoft Graph. When all data has been downloaded, you can proceed to customize your reports.
 
@@ -112,9 +173,9 @@ You can use Power BI Desktop to analyse data from Windows Defender ATP and mash
 
     ![Power BI preview connector](images/atp-powerbi-preview.png) 
 
-4.	If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, and access your data.
+4.	If this is the first time you’re using Power BI with Windows Defender ATP, you’ll need to sign in and give consent to Windows Defender ATP Power BI app. By providing consent, you’re allowing Windows Defender ATP Power BI to sign in and read your profile, access your data, and be used for report refresh.
 
-    ![Consent image](images/atp-powerbi-consent.png)
+    ![Consent image](images/atp-powerbi-accept.png)
 
 5.	Click **Accept**. Power BI Desktop will start downloading your Windows Defender ATP data from Microsoft Graph. When all data has been downloaded, you can proceed to customize your reports.