mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-15 18:33:43 +00:00
fix meta data, add key words
This commit is contained in:
Joey Caparas
@ -18,7 +18,7 @@ author: mjcaparas
|
||||
|
||||
<span style="color:#ED1C24;">[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
|
||||
|
||||
As a security operations team member, you can manage Windows Defender ATP alerts as part of your routine activities. Alerts will appear in the respective queues according to their current status.
|
||||
As a security operations team member, you can manage Windows Defender ATP alerts as part of your routine activities. Alerts will appear in queues according to their current status.
|
||||
|
||||
To see a list of alerts, click any of the queues under the **Alerts queue** option in the navigation pane.
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Configure Windows Defender ATP endpoints
|
||||
description: Use Group Policy to deploy the configuration package or do manual registry changes on endpoints so that they are onboarded to the service.
|
||||
keywords: configure endpoints, client onboarding, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints
|
||||
description: Use Group Policy or SCCM to deploy the configuration package or do manual registry changes on endpoints so that they are onboarded to the service.
|
||||
keywords: configure endpoints, client onboarding, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints, sccm, system center configuration manager
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Configure Windows Defender ATP endpoint proxy and Internet connection settings
|
||||
description: Configure the Windows Defender ATP proxy and internet settings to enable communication with the cloud service.
|
||||
keywords: configure, proxy, internet, internet connectivity, settings, proxy settings
|
||||
keywords: configure, proxy, internet, internet connectivity, settings, proxy settings, web proxy auto detect, wpad, netsh, winhttp, proxy server
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Investigate Windows Defender Advanced Threat Protection domains
|
||||
description: Use the investigation options to see if machines and servers have been communicating with malicious domains.
|
||||
keywords: investigate domain, domain, malicious domain, windows defender atp, alert
|
||||
keywords: investigate domain, domain, malicious domain, windows defender atp, alert, URL
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Investigate Windows Defender Advanced Threat Protection files
|
||||
description: Use the investigation options to get details on files associated with alerts, behaviours, or events.
|
||||
keywords: investigate, investigation, file, malicious activity, attack motivation
|
||||
keywords: investigate, investigation, file, malicious activity, attack motivation, deep analysis, deep analysis report
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Investigate Windows Defender Advanced Threat Protection IP address
|
||||
description: Use the investigation options to examine possible communication between machines and external IP addresses.
|
||||
keywords: investigate, investigation, IP address, alert, windows defender atp
|
||||
keywords: investigate, investigation, IP address, alert, windows defender atp, external IP
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Monitor the Windows Defender ATP onboarding
|
||||
title: Monitor Windows Defender ATP onboarding
|
||||
description: Monitor the onboarding of the Windows Defender ATP service to ensure your endpoints are correctly configured and are sending telemetry reports.
|
||||
keywords: monitor onboarding, monitor Windows Defender ATP onboarding, monitor Windows Defender Advanced Threat Protection onboarding
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Onboard endpoints and set up the Windows Defender ATP user access
|
||||
description: Set up user access in Azure Active Directory and use Group Policy or do manual registry changes to onboard endpoints to the service.
|
||||
keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding
|
||||
description: Set up user access in Azure Active Directory and use Group Policy, SCCM, or do manual registry changes to onboard endpoints to the service.
|
||||
keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Windows Defender ATP service onboarding
|
||||
description: Assign users to the Windows Defender ATP service application in Azure Active Directory to grant access to the portal.
|
||||
keywords: service onboarding, Windows Defender Advanced Threat Protection service onboarding
|
||||
keywords: service onboarding, Windows Defender Advanced Threat Protection service onboarding, manage users,
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Windows Defender Advanced Threat Protection settings
|
||||
description: Use the menu to configure the time zone, suppression rules, and view license information.
|
||||
keywords: Windows Defender ATP settings, Windows Defender, cybersecurity threat intelligence, advanced threat protection
|
||||
keywords: Windows Defender ATP settings, Windows Defender, cybersecurity threat intelligence, advanced threat protection, time zone, utc, local time, license, suppression rules
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Troubleshoot Windows Defender ATP onboarding issues
|
||||
description: Troubleshoot issues that might arise during the onboarding of endpoints or to the Windows Defender ATP service.
|
||||
keywords: troubleshoot onboarding, onboarding issues, event viewer, data collection and preview builds
|
||||
keywords: troubleshoot onboarding, onboarding issues, event viewer, data collection and preview builds, telemetry and diagnostics
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
@ -173,7 +173,7 @@ First, you should check that the service is set to start automatically when Wind
|
||||
|
||||
### Ensure the service is set to start
|
||||
|
||||
**Use the command line to check the Windows 10 telemetry and diganostics service startup type**:
|
||||
**Use the command line to check the Windows 10 telemetry and diagnostics service startup type**:
|
||||
|
||||
1. Open an elevated command-line prompt on the endpoint:
|
||||
|
||||
@ -195,7 +195,7 @@ If the **START_TYPE** is not set to **AUTO_START**, then you'll need to set the
|
||||
|
||||
|
||||
|
||||
**Use the command line to set the Windows 10 telemetry and diganostics service to automatically start:**
|
||||
**Use the command line to set the Windows 10 telemetry and diagnostics service to automatically start:**
|
||||
|
||||
1. Open an elevated command-line prompt on the endpoint:
|
||||
|
||||
@ -215,7 +215,7 @@ If the **START_TYPE** is not set to **AUTO_START**, then you'll need to set the
|
||||
sc qc diagtrack
|
||||
```
|
||||
|
||||
**Use the Windows Services console to check the Windows 10 telemetry and diganostics service startup type**:
|
||||
**Use the Windows Services console to check the Windows 10 telemetry and diagnostics service startup type**:
|
||||
|
||||
1. Open the services console:
|
||||
|
||||
@ -230,7 +230,7 @@ If the **START_TYPE** is not set to **AUTO_START**, then you'll need to set the
|
||||
If the startup type is not set to **Automatic**, you'll need to change it so the service starts when the endpoint does.
|
||||
|
||||
|
||||
**Use the Windows Services console to set the Windows 10 telemetry and diganostics service to automatically start:**
|
||||
**Use the Windows Services console to set the Windows 10 telemetry and diagnostics service to automatically start:**
|
||||
|
||||
1. Open the services console:
|
||||
|
||||
@ -248,7 +248,7 @@ If the startup type is not set to **Automatic**, you'll need to change it so the
|
||||
|
||||
### Ensure the service is running
|
||||
|
||||
**Use the command line to check the Windows 10 telemetry and diganostics service is running**:
|
||||
**Use the command line to check the Windows 10 telemetry and diagnostics service is running**:
|
||||
|
||||
1. Open an elevated command-line prompt on the endpoint:
|
||||
|
||||
@ -269,7 +269,7 @@ If the service is running, the result should look like the following screenshot:
|
||||
If the service **STATE** is not set to **RUNNING**, then you'll need to start it.
|
||||
|
||||
|
||||
**Use the command line to start the Windows 10 telemetry and diganostics service:**
|
||||
**Use the command line to start the Windows 10 telemetry and diagnostics service:**
|
||||
|
||||
1. Open an elevated command-line prompt on the endpoint:
|
||||
|
||||
@ -289,7 +289,7 @@ If the service **STATE** is not set to **RUNNING**, then you'll need to start it
|
||||
sc query diagtrack
|
||||
```
|
||||
|
||||
**Use the Windows Services console to check the Windows 10 telemetry and diganostics service is running**:
|
||||
**Use the Windows Services console to check the Windows 10 telemetry and diagnostics service is running**:
|
||||
|
||||
1. Open the services console:
|
||||
|
||||
@ -304,7 +304,7 @@ If the service **STATE** is not set to **RUNNING**, then you'll need to start it
|
||||
If the service is not running, you'll need to start it.
|
||||
|
||||
|
||||
**Use the Windows Services console to start the Windows 10 telemetry and diganostics service:**
|
||||
**Use the Windows Services console to start the Windows 10 telemetry and diagnostics service:**
|
||||
|
||||
1. Open the services console:
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Troubleshoot Windows Defender Advanced Threat Protection
|
||||
description: Find solutions and work arounds to known issues such as server errors when trying to access the service.
|
||||
keywords: troubleshoot Windows Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials
|
||||
keywords: troubleshoot Windows Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, whitelist, event viewer
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Use the Windows Defender Advanced Threat Protection portal
|
||||
description: Learn about the features on Windows Defender ATP portal, including how alerts work, and suggestions on how to investigate possible breaches and attacks.
|
||||
keywords: dashboard, alerts queue, manage alerts, investigation, investigate alerts, investigate machines, submit files, deep analysis, high, medium, low, severity,
|
||||
keywords: dashboard, alerts queue, manage alerts, investigation, investigate alerts, investigate machines, submit files, deep analysis, high, medium, low, severity, ioc, ioa
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Windows Defender Advanced Threat Protection - Windows Defender
|
||||
description: Windows Defender Advanced Threat Protection is an enterprise security service that helps detect and respond to possible cybersecurity threats related to advanced persistent threats.
|
||||
keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security
|
||||
keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, endpoint behavioral sensor, cloud security, analytics, threat intelligence
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
Reference in New Issue
Block a user