deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-22 13:53:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into secaudit

Browse Source
This commit is contained in:
Brian Lich
2016-06-06 09:25:09 -07:00
parent 2482599f99 abcbe8c675
commit 6d81b651d9
1042 changed files with 9985 additions and 1219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
windows/keep-secure/TOC.md
View File

@ -692,6 +692,115 @@
#### [Update and manage Windows Defender in Windows 10](get-started-with-windows-defender-for-windows-10.md)
#### [Configure Windows Defender in Windows 10](configure-windows-defender-in-windows-10.md)
#### [Troubleshoot Windows Defender in Windows 10](troubleshoot-windows-defender-in-windows-10.md)
### [Windows Firewall with Advanced Security](windows-firewall-with-advanced-security.md)
#### [Isolating Windows Store Apps on Your Network](isolating-apps-on-your-network.md)
#### [Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012](securing-end-to-end-ipsec-connections-by-using-ikev2.md)
#### [Windows Firewall with Advanced Security Administration with Windows PowerShell](windows-firewall-with-advanced-security-administration-with-windows-powershell.md)
#### [Windows Firewall with Advanced Security Design Guide](windows-firewall-with-advanced-security-design-guide.md)
##### [Understanding the Windows Firewall with Advanced Security Design Process](understanding-the-windows-firewall-with-advanced-security-design-process.md)
##### [Identifying Your Windows Firewall with Advanced Security Deployment Goals](identifying-your-windows-firewall-with-advanced-security-deployment-goals.md)
###### [Protect Devices from Unwanted Network Traffic](protect-devices-from-unwanted-network-traffic.md)
###### [Restrict Access to Only Trusted Devices](restrict-access-to-only-trusted-devices.md)
###### [Require Encryption When Accessing Sensitive Network Resources](require-encryption-when-accessing-sensitive-network-resources.md)
###### [Restrict Access to Only Specified Users or Computers](restrict-access-to-only-specified-users-or-devices.md)
##### [Mapping Your Deployment Goals to a Windows Firewall with Advanced Security Design](mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md)
###### [Basic Firewall Policy Design](basic-firewall-policy-design.md)
###### [Domain Isolation Policy Design](domain-isolation-policy-design.md)
###### [Server Isolation Policy Design](server-isolation-policy-design.md)
###### [Certificate-based Isolation Policy Design](certificate-based-isolation-policy-design.md)
##### [Evaluating Windows Firewall with Advanced Security Design Examples](evaluating-windows-firewall-with-advanced-security-design-examples.md)
###### [Firewall Policy Design Example](firewall-policy-design-example.md)
###### [Domain Isolation Policy Design Example](domain-isolation-policy-design-example.md)
###### [Server Isolation Policy Design Example](server-isolation-policy-design-example.md)
###### [Certificate-based Isolation Policy Design Example](certificate-based-isolation-policy-design-example.md)
##### [Designing a Windows Firewall with Advanced Security Strategy](designing-a-windows-firewall-with-advanced-security-strategy.md)
###### [Gathering the Information You Need](gathering-the-information-you-need.md)
####### [Gathering Information about Your Current Network Infrastructure](gathering-information-about-your-current-network-infrastructure.md)
####### [Gathering Information about Your Active Directory Deployment](gathering-information-about-your-active-directory-deployment.md)
####### [Gathering Information about Your Computers](gathering-information-about-your-devices.md)
####### [Gathering Other Relevant Information](gathering-other-relevant-information.md)
###### [Determining the Trusted State of Your Computers](determining-the-trusted-state-of-your-devices.md)
##### [Planning Your Windows Firewall with Advanced Security Design](planning-your-windows-firewall-with-advanced-security-design.md)
###### [Planning Settings for a Basic Firewall Policy](planning-settings-for-a-basic-firewall-policy.md)
###### [Planning Domain Isolation Zones](planning-domain-isolation-zones.md)
####### [Exemption List](exemption-list.md)
####### [Isolated Domain](isolated-domain.md)
####### [Boundary Zone](boundary-zone.md)
####### [Encryption Zone](encryption-zone.md)
###### [Planning Server Isolation Zones](planning-server-isolation-zones.md)
###### [Planning Certificate-based Authentication](planning-certificate-based-authentication.md)
###### [Documenting the Zones](documenting-the-zones.md)
###### [Planning Group Policy Deployment for Your Isolation Zones](planning-group-policy-deployment-for-your-isolation-zones.md)
####### [Planning Isolation Groups for the Zones](planning-isolation-groups-for-the-zones.md)
####### [Planning Network Access Groups](planning-network-access-groups.md)
####### [Planning the GPOs](planning-the-gpos.md)
######## [Firewall GPOs](firewall-gpos.md)
######### [GPO_DOMISO_Firewall](gpo-domiso-firewall.md)
######## [Isolated Domain GPOs](isolated-domain-gpos.md)
######### [GPO_DOMISO_IsolatedDomain_Clients](gpo-domiso-isolateddomain-clients.md)
######### [GPO_DOMISO_IsolatedDomain_Servers](gpo-domiso-isolateddomain-servers.md)
######## [Boundary Zone GPOs](boundary-zone-gpos.md)
######### [GPO_DOMISO_Boundary](gpo-domiso-boundary.md)
######## [Encryption Zone GPOs](encryption-zone-gpos.md)
######### [GPO_DOMISO_Encryption](gpo-domiso-encryption.md)
######## [Server Isolation GPOs](server-isolation-gpos.md)
####### [Planning GPO Deployment](planning-gpo-deployment.md)
##### [Appendix A: Sample GPO Template Files for Settings Used in this Guide](appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md)
#### [Windows Firewall with Advanced Security Deployment Guide](windows-firewall-with-advanced-security-deployment-guide.md)
##### [Planning to Deploy Windows Firewall with Advanced Security](planning-to-deploy-windows-firewall-with-advanced-security.md)
##### [Implementing Your Windows Firewall with Advanced Security Design Plan](implementing-your-windows-firewall-with-advanced-security-design-plan.md)
##### [Checklist: Creating Group Policy Objects](checklist-creating-group-policy-objects.md)
##### [Checklist: Implementing a Basic Firewall Policy Design](checklist-implementing-a-basic-firewall-policy-design.md)
###### [Checklist: Configuring Basic Firewall Settings](checklist-configuring-basic-firewall-settings.md)
###### [Checklist: Creating Inbound Firewall Rules](checklist-creating-inbound-firewall-rules.md)
###### [Checklist: Creating Outbound Firewall Rules](checklist-creating-outbound-firewall-rules.md)
##### [Checklist: Implementing a Domain Isolation Policy Design](checklist-implementing-a-domain-isolation-policy-design.md)
###### [Checklist: Configuring Rules for the Isolated Domain](checklist-configuring-rules-for-the-isolated-domain.md)
###### [Checklist: Configuring Rules for the Boundary Zone](checklist-configuring-rules-for-the-boundary-zone.md)
###### [Checklist: Configuring Rules for the Encryption Zone](checklist-configuring-rules-for-the-encryption-zone.md)
###### [Checklist: Configuring Rules for an Isolated Server Zone](checklist-configuring-rules-for-an-isolated-server-zone.md)
##### [Checklist: Implementing a Standalone Server Isolation Policy Design](checklist-implementing-a-standalone-server-isolation-policy-design.md)
###### [Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone](checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md)
###### [Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone](checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md)
##### [Checklist: Implementing a Certificate-based Isolation Policy Design](checklist-implementing-a-certificate-based-isolation-policy-design.md)
##### [Procedures Used in This Guide](procedures-used-in-this-guide.md)
###### [Add Production Devices to the Membership Group for a Zone](add-production-devices-to-the-membership-group-for-a-zone.md)
###### [Add Test Devices to the Membership Group for a Zone](add-test-devices-to-the-membership-group-for-a-zone.md)
###### [Assign Security Group Filters to the GPO](assign-security-group-filters-to-the-gpo.md)
###### [Change Rules from Request to Require Mode](change-rules-from-request-to-require-mode.md)
###### [Configure Authentication Methods](configure-authentication-methods.md)
###### [Configure Data Protection (Quick Mode) Settings](configure-data-protection-quick-mode-settings.md)
###### [Configure Group Policy to Autoenroll and Deploy Certificates](configure-group-policy-to-autoenroll-and-deploy-certificates.md)
###### [Configure Key Exchange (Main Mode) Settings](configure-key-exchange-main-mode-settings.md)
###### [Configure the Rules to Require Encryption](configure-the-rules-to-require-encryption.md)
###### [Configure the Windows Firewall Log](configure-the-windows-firewall-log.md)
###### [Configure the Workstation Authentication Certificate Template](configure-the-workstation-authentication-certificate-template.md)
###### [Configure Windows Firewall to Suppress Notifications When a Program Is Blocked](configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md)
###### [Confirm That Certificates Are Deployed Correctly](confirm-that-certificates-are-deployed-correctly.md)
###### [Copy a GPO to Create a New GPO](copy-a-gpo-to-create-a-new-gpo.md)
###### [Create a Group Account in Active Directory](create-a-group-account-in-active-directory.md)
###### [Create a Group Policy Object](create-a-group-policy-object.md)
###### [Create an Authentication Exemption List Rule](create-an-authentication-exemption-list-rule.md)
###### [Create an Authentication Request Rule](create-an-authentication-request-rule.md)
###### [Create an Inbound ICMP Rule](create-an-inbound-icmp-rule.md)
###### [Create an Inbound Port Rule](create-an-inbound-port-rule.md)
###### [Create an Inbound Program or Service Rule](create-an-inbound-program-or-service-rule.md)
###### [Create an Outbound Port Rule](create-an-outbound-port-rule.md)
###### [Create an Outbound Program or Service Rule](create-an-outbound-program-or-service-rule.md)
###### [Create Inbound Rules to Support RPC](create-inbound-rules-to-support-rpc.md)
###### [Create WMI Filters for the GPO](create-wmi-filters-for-the-gpo.md)
###### [Enable Predefined Inbound Rules](enable-predefined-inbound-rules.md)
###### [Enable Predefined Outbound Rules](enable-predefined-outbound-rules.md)
###### [Exempt ICMP from Authentication](exempt-icmp-from-authentication.md)
###### [Link the GPO to the Domain](link-the-gpo-to-the-domain.md)
###### [Modify GPO Filters to Apply to a Different Zone or Version of Windows](modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md)
###### [Open the Group Policy Management Console to IP Security Policies](open-the-group-policy-management-console-to-ip-security-policies.md)
###### [Open the Group Policy Management Console to Windows Firewall](open-the-group-policy-management-console-to-windows-firewall.md)
###### [Open the Group Policy Management Console to Windows Firewall with Advanced Security](open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md)
###### [Open Windows Firewall with Advanced Security](open-windows-firewall-with-advanced-security.md)
###### [Restrict Server Access to Members of a Group Only](restrict-server-access-to-members-of-a-group-only.md)
###### [Turn on Windows Firewall and Configure Default Behavior](turn-on-windows-firewall-and-configure-default-behavior.md)
###### [Verify That Network Traffic Is Authenticated](verify-that-network-traffic-is-authenticated.md)
## [Enterprise security guides](windows-10-enterprise-security-guides.md)
### [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
### [Device Guard deployment guide](device-guard-deployment-guide.md)

2
windows/keep-secure/access-credential-manager-as-a-trusted-caller.md
View File

@ -2,7 +2,7 @@
title: Access Credential Manager as a trusted caller (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Access Credential Manager as a trusted caller security policy setting.
ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/access-this-computer-from-the-network.md
View File

@ -2,7 +2,7 @@
title: Access this computer from the network (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Access this computer from the network security policy setting.
ms.assetid: f6767bc2-83d1-45f1-847c-54f5362db022
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/account-lockout-duration.md
View File

@ -2,7 +2,7 @@
title: Account lockout duration (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Account lockout duration security policy setting.
ms.assetid: a4167bf4-27c3-4a9b-8ef0-04e3c6ec3aa4
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/account-lockout-policy.md
View File

@ -2,7 +2,7 @@
title: Account Lockout Policy (Windows 10)
description: Describes the Account Lockout Policy settings and links to information about each policy setting.
ms.assetid: eb968c28-17c5-405f-b413-50728cb7b724
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/account-lockout-threshold.md
View File

@ -2,7 +2,7 @@
title: Account lockout threshold (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Account lockout threshold security policy setting.
ms.assetid: 4904bb40-a2bd-4fef-a102-260ba8d74e30
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/account-policies.md
View File

@ -2,7 +2,7 @@
title: Account Policies (Windows 10)
description: An overview of account policies in Windows and provides links to policy descriptions.
ms.assetid: 711b3797-b87a-4cd9-a2e3-1f8ef18688fb
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-administrator-account-status.md
View File

@ -2,7 +2,7 @@
title: Accounts Administrator account status (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Accounts Administrator account status security policy setting.
ms.assetid: 71a3bd48-1014-49e0-a936-bfe9433af23e
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-block-microsoft-accounts.md
View File

@ -2,7 +2,7 @@
title: Accounts Block Microsoft accounts (Windows 10)
description: Describes the best practices, location, values, management, and security considerations for the Accounts Block Microsoft accounts security policy setting.
ms.assetid: 94c76f45-057c-4d80-8d01-033cf28ef2f7
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-guest-account-status.md
View File

@ -2,7 +2,7 @@
title: Accounts Guest account status (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Accounts Guest account status security policy setting.
ms.assetid: 07e53fc5-b495-4d02-ab42-5b245d10d0ce
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
View File

@ -2,7 +2,7 @@
title: Accounts Limit local account use of blank passwords to console logon only (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Accounts Limit local account use of blank passwords to console logon only security policy setting.
ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-rename-administrator-account.md
View File

@ -2,7 +2,7 @@
title: Accounts Rename administrator account (Windows 10)
description: This security policy reference topic for the IT professional describes the best practices, location, values, and security considerations for this policy setting.
ms.assetid: d21308eb-7c60-4e48-8747-62b8109844f9
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/accounts-rename-guest-account.md
View File

@ -2,7 +2,7 @@
title: Accounts Rename guest account (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Accounts Rename guest account security policy setting.
ms.assetid: 9b8052b4-bbb9-4cc1-bfee-ce25390db707
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/act-as-part-of-the-operating-system.md
View File

@ -2,7 +2,7 @@
title: Act as part of the operating system (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Act as part of the operating system security policy setting.
ms.assetid: c1b7e084-a9f7-4377-b678-07cc913c8b0c
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/ad-ds-schema-extensions-to-support-tpm-backup.md
View File

@ -2,7 +2,7 @@
title: AD DS schema extensions to support TPM backup (Windows 10)
description: This topic provides more details about this change and provides template schema extensions that you can incorporate into your organization.
ms.assetid: beb7097c-e674-4eab-b8e2-6f67c85d1f3f
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

5
windows/keep-secure/add-apps-to-protected-list-using-custom-uri.md
View File

@ -2,9 +2,10 @@
title: Add multiple apps to your enterprise data protection (EDP) Protected Apps list (Windows 10)
description: Add multiple apps to your enterprise data protection (EDP) Protected Apps list at the same time, by using the Microsoft Intune Custom URI functionality and the AppLocker.
ms.assetid: b50db35d-a2a9-4b78-a95d-a1b066e66880
keywords: ["EDP", "Enterprise Data Protection", "protected apps", "protected app list"]
ms.prod: W10
keywords: EDP, Enterprise Data Protection, protected apps, protected app list
ms.prod: w10
ms.mktglfcycl: explore
ms.pagetype: security
ms.sitesec: library
author: eross-msft
---

83
windows/keep-secure/add-production-devices-to-the-membership-group-for-a-zone.md Normal file
View File

@ -0,0 +1,83 @@
---
title: Add Production Devices to the Membership Group for a Zone (Windows 10)
description: Add Production Devices to the Membership Group for a Zone
ms.assetid: 7141de15-5840-4beb-aabe-21c1dd89eb23
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: brianlic-msft
---
# Add Production Devices to the Membership Group for a Zone
**Applies to**
- Windows 10
- Windows Server 2016 Technical Preview
After you test the GPOs for your design on a small set of devices, you can deploy them to the production devices.
**Caution**  
For GPOs that contain connection security rules that prevent unauthenticated connections, be sure to set the rules to request, not require, authentication during testing. After you deploy the GPO and confirm that all of your devices are successfully communicating by using authenticated IPsec, then you can modify the GPO to require authentication. Do not change the boundary zone GPO to require mode.
 
The method discussed in this guide uses the **Domain Computers** built-in group. The advantage of this method is that all new devices that are joined to the domain automatically receive the isolated domain GPO. To do this successfully, you must make sure that the WMI filters and security group filters exclude devices that must not receive the GPOs. Use device groups that deny both read and apply Group Policy permissions to the GPOs, such as a group used in the CG\_DOMISO\_NOIPSEC example design. Devices that are members of some zones must also be excluded from applying the GPOs for the main isolated domain. For more information, see the "Prevent members of a group from applying a GPO" section in [Assign Security Group Filters to the GPO](assign-security-group-filters-to-the-gpo.md).
Without such a group (or groups), you must either add devices individually or use the groups containing device accounts that are available to you.
**Administrative credentials**
To complete these procedures, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the membership of the group for the GPO.
In this topic:
- [Add the group Domain Devices to the GPO membership group](#to-add-domain-devices-to-the-gpo-membership-group)
- [Refresh Group Policy on the devices in the membership group](#to-refresh-group-policy-on-a-device)
- [Check which GPOs apply to a device](#to-see-what-gpos-are-applied-to-a-device)
## To add domain devices to the GPO membership group
1. Open Active Directory Users and Computers.
2. In the navigation pane, expand **Active Directory Users and Computers**, expand *YourDomainName*, and then the container in which you created the membership group.
3. In the details pane, double-click the GPO membership group to which you want to add computers.
4. Select the **Members** tab, and then click **Add**.
5. Type **Domain Computers** in the text box, and then click **OK**.
6. Click **OK** to close the group properties dialog box.
After a computer is a member of the group, you can force a Group Policy refresh on the computer.
## To refresh Group Policy on a device
From an elevated command prompt, type the following:
``` syntax
gpupdate /target:computer /force
```
After Group Policy is refreshed, you can see which GPOs are currently applied to the computer.
## To see which GPOs are applied to a device
From an elevated command prompt, type the following:
``` syntax
gpresult /r /scope:computer
```
 
 

2
windows/keep-secure/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
View File

@ -2,7 +2,7 @@
title: Add rules for packaged apps to existing AppLocker rule-set (Windows 10)
description: This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
ms.assetid: 758c2a9f-c2a3-418c-83bc-fd335a94097f
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

77
windows/keep-secure/add-test-devices-to-the-membership-group-for-a-zone.md Normal file
View File

@ -0,0 +1,77 @@
---
title: Add Test Devices to the Membership Group for a Zone (Windows 10)
description: Add Test Devices to the Membership Group for a Zone
ms.assetid: 47057d90-b053-48a3-b881-4f2458d3e431
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: brianlic-msft
---
# Add Test Devices to the Membership Group for a Zone
**Applies to**
- Windows 10
- Windows Server 2016 Technical Preview
Before you deploy your rules to large numbers of devices, you must thoroughly test the rules to make sure that communications are working as expected. A misplaced WMI filter or an incorrectly typed IP address in a filter list can easily block communications between devices. Although we recommend that you set your rules to request mode until testing and deployment is complete, we also recommend that you initially deploy the rules to a small number of devices only to be sure that the correct GPOs are being processed by each device.
Add at least one device of each supported operating system type to each membership group. Make sure every GPO for a specific version of Windows and membership group has a device among the test group. After Group Policy has been refreshed on each test device, check the output of the **gpresult** command to confirm that each device is receiving only the GPOs it is supposed to receive.
**Administrative credentials**
To complete these procedures, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the membership of the group for the GPO.
In this topic:
- [Add the test devices to the GPO membership groups](#to-add-domain-devices-to-the-gpo-membership-group)
- [Refresh Group Policy on the devices in each membership group](#to-refresh-group-policy-on-a-device)
- [Check which GPOs apply to a device](#to-see-what-gpos-are-applied-to-a-device)
## To add test devices to the GPO membership groups
1. Open Active Directory Users and Computers.
2. In the navigation pane, expand **Active Directory Users and Computers**, expand *YourDomainName*, and then expand the container that holds your membership group account.
3. In the details pane, double-click the GPO membership group to which you want to add devices.
4. Select the **Members** tab, and then click **Add**.
5. Type the name of the device in the text box, and then click **OK**.
6. Repeat steps 5 and 6 for each additional device account or group that you want to add.
7. Click **OK** to close the group properties dialog box.
After a device is a member of the group, you can force a Group Policy refresh on the device.
## To refresh Group Policy on a device
From a elevated command prompt, run the following:
``` syntax
gpupdate /target:device /force
```
After Group Policy is refreshed, you can see which GPOs are currently applied to the device.
## To see which GPOs are applied to a device
From an elevated command prompt, run the following:
``` syntax
gpresult /r /scope:computer
```
 
 

2
windows/keep-secure/add-workstations-to-domain.md
View File

@ -2,7 +2,7 @@
title: Add workstations to domain (Windows 10)
description: Describes the best practices, location, values, policy management and security considerations for the Add workstations to domain security policy setting.
ms.assetid: b0c21af4-c928-4344-b1f1-58ef162ad0b3
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

3
windows/keep-secure/additional-configuration-windows-defender-advanced-threat-protection.md
View File

@ -3,8 +3,9 @@ title: Additional Windows Defender ATP configuration settings
description: Use the Group Policy Console to configure settings that enable sample sharing from your endpoints. These settings are used in the deep analysis feature.
keywords: configuration settings, Windows Defender ATP configuration settings, Windows Defender Advanced Threat Protection configuration settings, group policy Management Editor, computer configuration, policies, administrative templates,
search.product: eADQiWindows 10XVcnh
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: security
ms.sitesec: library
author: mjcaparas
---

2
windows/keep-secure/adjust-memory-quotas-for-a-process.md
View File

@ -2,7 +2,7 @@
title: Adjust memory quotas for a process (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Adjust memory quotas for a process security policy setting.
ms.assetid: 6754a2c8-6d07-4567-9af3-335fd8dd7626
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/administer-applocker.md
View File

@ -2,7 +2,7 @@
title: Administer AppLocker (Windows 10)
description: This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.
ms.assetid: 511a3b6a-175f-4d6d-a6e0-c1780c02e818
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/administer-security-policy-settings.md
View File

@ -2,7 +2,7 @@
title: Administer security policy settings (Windows 10)
description: This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization.
ms.assetid: 7617d885-9d28-437a-9371-171197407599
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/advanced-security-audit-policy-settings.md
View File

@ -2,7 +2,7 @@
title: Advanced security audit policy settings (Windows 10)
description: This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.
ms.assetid: 93b28b92-796f-4036-a53b-8b9e80f9f171
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/advanced-security-auditing-faq.md
View File

@ -2,7 +2,7 @@
title: Advanced security auditing FAQ (Windows 10)
description: This topic for the IT professional lists questions and answers about understanding, deploying, and managing security audit policies.
ms.assetid: 80f8f187-0916-43c2-a7e8-ea712b115a06
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/advanced-security-auditing.md
View File

@ -2,7 +2,7 @@
title: Advanced security audit policies (Windows 10)
description: Advanced security audit policy settings are found in Security Settings\\Advanced Audit Policy Configuration\\System Audit Policies and appear to overlap with basic security audit policies, but they are recorded and applied differently.
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

3
windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
View File

@ -3,9 +3,10 @@ title: View and organize the Windows Defender ATP Alerts queue
description: Learn about how the Windows Defender ATP alerts queue work, and how to sort and filter lists of alerts.
keywords: alerts, queues, alerts queue, sort, order, filter, manage alerts, new, in progress, resolved, newest, time in queue, severity, time period
search.product: eADQiWindows 10XVcnh
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: mjcaparas
---

2
windows/keep-secure/allow-log-on-locally.md
View File

@ -2,7 +2,7 @@
title: Allow log on locally (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Allow log on locally security policy setting.
ms.assetid: d9e5e1f3-3bff-4da7-a9a2-4bb3e0c79055
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/allow-log-on-through-remote-desktop-services.md
View File

@ -2,7 +2,7 @@
title: Allow log on through Remote Desktop Services (Windows 10)
description: Describes the best practices, location, values, policy management, and security considerations for the Allow log on through Remote Desktop Services security policy setting.
ms.assetid: 6267c376-8199-4f2b-ae56-9c5424e76798
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

93
windows/keep-secure/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md Normal file
View File

@ -0,0 +1,93 @@
---
title: Appendix A Sample GPO Template Files for Settings Used in this Guide (Windows 10)
description: Appendix A Sample GPO Template Files for Settings Used in this Guide
ms.assetid: 75930afd-ab1b-4e53-915b-a28787814b38
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: brianlic-msft
---
# Appendix A: Sample GPO Template Files for Settings Used in this Guide
**Applies to**
- Windows 10
- Windows Server 2016 Technical Preview
You can import an XML file containing customized registry preferences into a Group Policy Object (GPO) by using the Preferences feature of the Group Policy Management Console (GPMC).
To manually create the file, build the settings under **Computer Configuration**, **Preferences**, **Windows Settings**, **Registry**. After you have created the settings, drag the container to the desktop. An .xml file is created there.
To import an .xml file to GPMC, drag it and drop it on the **Registry** node under **Computer Configuration**, **Preferences**, **Windows Settings**. If you copy the following sample XML code to a file, and then drag and drop it on the **Registry** node, it creates a **Server and Domain Isolation** collection with the six registry keys discussed in this guide.
The following sample file uses item-level targeting to ensure that the registry keys are applied only on the versions of Windows to which they apply.
>**Note:**  The file shown here is for sample use only. It should be customized to meet the requirements of your organizations deployment. To customize this file, import it into a test GPO, modify the settings, and then drag the Server and Domain Isolation Settings node to your desktop. The new file will contain all of your customization.
``` syntax
<?xml version="1.0" encoding="utf-8"?>
<Collection clsid="{53B533F5-224C-47e3-B01B-CA3B3F3FF4BF}" name="Server and Domain Isolation Settings">
<Registry
clsid="{9CD4B2F4-923D-47f5-A062-E897DD1DAD50}"
name="Enable PMTU Discovery"
status="EnablePMTUDiscovery"
image="12"
changed="2008-05-30 20:37:37"
uid="{52C38FD7-A081-404C-A8EA-B24A9614D0B5}"
desc="&lt;b&gt;Enable PMTU Discovery&lt;/b&gt;&lt;p&gt;
This setting configures whether computers can use PMTU
discovery on the network.&lt;p&gt;
&lt;b&gt;1&lt;/b&gt; -- Enable&lt;br&gt;
&lt;b&gt;0&lt;/b&gt; -- Disable"
bypassErrors="1">
<Properties
action="U"
displayDecimal="1"
default="0"
hive="HKEY_LOCAL_MACHINE"
key="System\CurrentControlSet\Services\TCPIP\Parameters"
name="EnablePMTUDiscovery" type="REG_DWORD" value="00000001"/>
</Registry>
<Registry
clsid="{9CD4B2F4-923D-47f5-A062-E897DD1DAD50}"
name="IPsec Default Exemptions (Vista and W2K8)"
status="NoDefaultExempt"
image="12"
changed="2008-05-30 20:33:32"
uid="{AE5C505D-283E-4060-9A55-70659DFD56B6}"
desc="&lt;b&gt;IPsec Default Exemptions for Windows Server 2008
and later&lt;/b&gt;&lt;p&gt;
This setting determines which network traffic type is exempt
from any IPsec authentication requirements.&lt;p&gt;
&lt;b&gt;0&lt;/b&gt;: Exempts multicast, broadcast, RSVP, Kerberos, ISAKMP&lt;br&gt;
&lt;b&gt;1&lt;/b&gt;: Exempts multicast, broadcast, ISAKMP&lt;br&gt;
&lt;b&gt;2&lt;/b&gt;: Exempts RSVP, Kerberos, ISAKMP&lt;br&gt;
&lt;b&gt;3&lt;/b&gt;: Exempts ISAKMP only"
bypassErrors="1">
<Properties
action="U"
displayDecimal="1"
default="0"
hive="HKEY_LOCAL_MACHINE"
key="SYSTEM\CurrentControlSet\Services\PolicyAgent"
name="NoDefaultExempt"
type="REG_DWORD"
value="00000003"/>
<Filters>
<FilterOs
bool="AND" not="0"
class="NT" version="VISTA"
type="NE" edition="NE" sp="NE"/>
<FilterOs
bool="OR" not="0"
class="NT" version="2K8"
type="NE" edition="NE" sp="NE"/>
</Filters>
</Registry>
</Collection>
```

2
windows/keep-secure/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
View File

@ -2,7 +2,7 @@
title: Appendix A, Security monitoring recommendations for many audit events (Windows 10)
description: Appendix A, Security monitoring recommendations for many audit events
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/applocker-architecture-and-components.md
View File

@ -2,7 +2,7 @@
title: AppLocker architecture and components (Windows 10)
description: This topic for IT professional describes AppLockers basic architecture and its major components.
ms.assetid: efdd8494-553c-443f-bd5f-c8976535135a
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-functions.md
View File

@ -2,7 +2,7 @@
title: AppLocker functions (Windows 10)
description: This topic for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.
ms.assetid: bf704198-9e74-4731-8c5a-ee0512df34d2
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-overview.md
View File

@ -2,7 +2,7 @@
title: AppLocker (Windows 10)
description: This topic provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies.
ms.assetid: 94b57864-2112-43b6-96fb-2863c985dc9a
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-policies-deployment-guide.md
View File

@ -2,7 +2,7 @@
title: AppLocker deployment guide (Windows 10)
description: This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
ms.assetid: 38632795-be13-46b0-a7af-487a4340bea1
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-policies-design-guide.md
View File

@ -2,7 +2,7 @@
title: AppLocker design guide (Windows 10)
description: This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
ms.assetid: 1c8e4a7b-3164-4eb4-9277-11b1d5a09c7b
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-policy-use-scenarios.md
View File

@ -2,7 +2,7 @@
title: AppLocker policy use scenarios (Windows 10)
description: This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
ms.assetid: 33f71578-89f0-4063-ac04-cf4f4ca5c31f
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-processes-and-interactions.md
View File

@ -2,7 +2,7 @@
title: AppLocker processes and interactions (Windows 10)
description: This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
ms.assetid: 0beec616-6040-4be7-8703-b6c919755d8e
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-settings.md
View File

@ -2,7 +2,7 @@
title: AppLocker settings (Windows 10)
description: This topic for the IT professional lists the settings used by AppLocker.
ms.assetid: 9cb4aa19-77c0-4415-9968-bd07dab86839
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/applocker-technical-reference.md
View File

@ -2,7 +2,7 @@
title: AppLocker technical reference (Windows 10)
description: This overview topic for IT professionals provides links to the topics in the technical reference.
ms.assetid: 2b2678f8-c46b-4e1d-b8c5-037c0be255ab
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/apply-a-basic-audit-policy-on-a-file-or-folder.md
View File

@ -2,7 +2,7 @@
title: Apply a basic audit policy on a file or folder (Windows 10)
description: You can apply audit policies to individual files and folders on your computer by setting the permission type to record successful access attempts or failed access attempts in the security log.
ms.assetid: 565E7249-5CD0-4B2E-B2C0-B3A0793A51E2
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

70
windows/keep-secure/assign-security-group-filters-to-the-gpo.md Normal file
View File

@ -0,0 +1,70 @@
---
title: Assign Security Group Filters to the GPO (Windows 10)
description: Assign Security Group Filters to the GPO
ms.assetid: bcbe3299-8d87-4ec1-9e86-8e4a680fd7c8
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
author: brianlic-msft
---
# Assign Security Group Filters to the GPO
**Applies to**
- Windows 10
- Windows Server 2016 Technical Preview
To make sure that your GPO is applied to the correct computers, use the Group Policy Management MMC snap-in to assign security group filters to the GPO.
>**Important:**  This deployment guide uses the method of adding the Domain Computers group to the membership group for the main isolated domain after testing is complete and you are ready to go live in production. To make this method work, you must prevent any computer that is a member of either the boundary or encryption zone from applying the GPO for the main isolated domain. For example, on the GPOs for the main isolated domain, deny Read and Apply Group Policy permissions to the membership groups for the boundary and encryption zones.
 
**Administrative credentials**
To complete these procedures, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the relevant GPOs.
In this topic:
- [Allow members of a group to apply a GPO](#to-allow-members-of-a-group-to-apply-a-gpo)
- [Prevent members of a group from applying a GPO](#to-prevent-members-of-a-group-from-applying-a-gpo)
## To allow members of a group to apply a GPO
Use the following procedure to add a group to the security filter on the GPO that allows group members to apply the GPO.
1. Open the Group Policy Management console.
2. In the navigation pane, find and then click the GPO that you want to modify.
3. In the details pane, under **Security Filtering**, click **Authenticated Users**, and then click **Remove**.
>**Note:**  You must remove the default permission granted to all authenticated users and computers to restrict the GPO to only the groups you specify.
4. Click **Add**.
5. In the **Select User, Computer, or Group** dialog box, type the name of the group whose members are to apply the GPO, and then click **OK**. If you do not know the name, you can click **Advanced** to browse the list of groups available in the domain.
## To prevent members of a group from applying a GPO
Use the following procedure to add a group to the security filter on the GPO that prevents group members from applying the GPO. This is typically used to prevent members of the boundary and encryption zones from applying the GPOs for the isolated domain.
1. Open the Group Policy Management console.
2. In the navigation pane, find and then click the GPO that you want to modify.
3. In the details pane, click the **Delegation** tab.
4. Click **Advanced**.
5. Under the **Group or user names** list, click **Add**.
6. In the **Select User, Computer, or Group** dialog box, type the name of the group whose members are to be prevented from applying the GPO, and then click **OK**. If you do not know the name, you can click **Advanced** to browse the list of groups available in the domain.
7. Select the group in the **Group or user names** list, and then select the box in the **Deny** column for both **Read** and **Apply group policy**.
8. Click **OK**, and then in the **Windows Security** dialog box, click **Yes**.
9. The group appears in the list with **Custom** permissions.

2
windows/keep-secure/audit-account-lockout.md
View File

@ -3,7 +3,7 @@ title: Audit Account Lockout (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Account Lockout, which enables you to audit security events that are generated by a failed attempt to log on to an account that is locked out.
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-application-generated.md
View File

@ -3,7 +3,7 @@ title: Audit Application Generated (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Application Generated, which determines whether the operating system generates audit events when applications attempt to use the Windows Auditing application programming interfaces (APIs).
ms.assetid: 6c58a365-b25b-42b8-98ab-819002e31871
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-application-group-management.md
View File

@ -3,7 +3,7 @@ title: Audit Application Group Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Application Group Management, which determines whether the operating system generates audit events when application group management tasks are performed.
ms.assetid: 1bcaa41e-5027-4a86-96b7-f04eaf1c0606
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-audit-policy-change.md
View File

@ -3,7 +3,7 @@ title: Audit Audit Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Audit Policy Change, which determines whether the operating system generates audit events when changes are made to audit policy.
ms.assetid: 7153bf75-6978-4d7e-a821-59a699efb8a9
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-audit-the-access-of-global-system-objects.md
View File

@ -2,7 +2,7 @@
title: Audit Audit the access of global system objects (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Audit Audit the access of global system objects security policy setting.
ms.assetid: 20d40a79-ce89-45e6-9bb4-148f83958460
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/audit-audit-the-use-of-backup-and-restore-privilege.md
View File

@ -2,7 +2,7 @@
title: Audit Audit the use of Backup and Restore privilege (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Audit Audit the use of Backup and Restore privilege security policy setting.
ms.assetid: f656a2bb-e8d6-447b-8902-53df3a7756c5
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/audit-authentication-policy-change.md
View File

@ -3,7 +3,7 @@ title: Audit Authentication Policy Change (Windows 10)
description: This topic for the IT professional describes this Advanced Security Audit policy setting, Audit Authentication Policy Change, which determines whether the operating system generates audit events when changes are made to authentication policy.
ms.assetid: aa9cea7a-aadf-47b7-b704-ac253b8e79be
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-authorization-policy-change.md
View File

@ -3,7 +3,7 @@ title: Audit Authorization Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Authorization Policy Change, which determines whether the operating system generates audit events when specific changes are made to the authorization policy.
ms.assetid: ca0587a2-a2b3-4300-aa5d-48b4553c3b36
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-central-access-policy-staging.md
View File

@ -3,7 +3,7 @@ title: Audit Central Access Policy Staging (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Central Access Policy Staging, which determines permissions on a Central Access Policy.
ms.assetid: D9BB11CE-949A-4B48-82BF-30DC5E6FC67D
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-certification-services.md
View File

@ -3,7 +3,7 @@ title: Audit Certification Services (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Certification Services, which determines whether the operating system generates events when Active Directory Certificate Services (ADÂ CS) operations are performed.
ms.assetid: cdefc34e-fb1f-4eff-b766-17713c5a1b03
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-computer-account-management.md
View File

@ -3,7 +3,7 @@ title: Audit Computer Account Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Computer Account Management, which determines whether the operating system generates audit events when a computer account is created, changed, or deleted.
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-credential-validation.md
View File

@ -3,7 +3,7 @@ title: Audit Credential Validation (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Credential Validation, which determines whether the operating system generates audit events on credentials that are submitted for a user account logon request.
ms.assetid: 6654b33a-922e-4a43-8223-ec5086dfc926
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-detailed-directory-service-replication.md
View File

@ -3,7 +3,7 @@ title: Audit Detailed Directory Service Replication (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Detailed Directory Service Replication, which determines whether the operating system generates audit events that contain detailed tracking information about data that is replicated between domain controllers.
ms.assetid: 1b89c8f5-bce7-4b20-8701-42585c7ab993
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-detailed-file-share.md
View File

@ -3,7 +3,7 @@ title: Audit Detailed File Share (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Detailed File Share, which allows you to audit attempts to access files and folders on a shared folder.
ms.assetid: 60310104-b820-4033-a1cb-022a34f064ae
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-directory-service-access.md
View File

@ -3,7 +3,7 @@ title: Audit Directory Service Access (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Directory Service Access, which determines whether the operating system generates audit events when an Active Directory Domain Services (ADÂ DS) object is accessed.
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-directory-service-changes.md
View File

@ -3,7 +3,7 @@ title: Audit Directory Service Changes (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Directory Service Changes, which determines whether the operating system generates audit events when changes are made to objects in Active Directory Domain Services (ADÂ DS).
ms.assetid: 9f7c0dd4-3977-47dd-a0fb-ec2f17cad05e
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-directory-service-replication.md
View File

@ -3,7 +3,7 @@ title: Audit Directory Service Replication (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Directory Service Replication, which determines whether the operating system generates audit events when replication between two domain controllers begins and ends.
ms.assetid: b95d296c-7993-4e8d-8064-a8bbe284bd56
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-distribution-group-management.md
View File

@ -3,7 +3,7 @@ title: Audit Distribution Group Management (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Distribution Group Management, which determines whether the operating system generates audit events for specific distribution-group management tasks.
ms.assetid: d46693a4-5887-4a58-85db-2f6cba224a66
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-dpapi-activity.md
View File

@ -3,7 +3,7 @@ title: Audit DPAPI Activity (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit DPAPI Activity, which determines whether the operating system generates audit events when encryption or decryption calls are made into the data protection application interface (DPAPI).
ms.assetid: be4d4c83-c857-4e3d-a84e-8bcc3f2c99cd
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-file-share.md
View File

@ -3,7 +3,7 @@ title: Audit File Share (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit File Share, which determines whether the operating system generates audit events when a file share is accessed.
ms.assetid: 9ea985f8-8936-4b79-abdb-35cbb7138f78
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-file-system.md
View File

@ -3,7 +3,7 @@ title: Audit File System (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit File System, which determines whether the operating system generates audit events when users attempt to access file system objects.
ms.assetid: 6a71f283-b8e5-41ac-b348-0b7ec6ea0b1f
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-filtering-platform-connection.md
View File

@ -3,7 +3,7 @@ title: Audit Filtering Platform Connection (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Connection, which determines whether the operating system generates audit events when connections are allowed or blocked by the Windows Filtering Platform.
ms.assetid: d72936e9-ff01-4d18-b864-a4958815df59
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-filtering-platform-packet-drop.md
View File

@ -3,7 +3,7 @@ title: Audit Filtering Platform Packet Drop (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Packet Drop, which determines whether the operating system generates audit events when packets are dropped by the Windows Filtering Platform.
ms.assetid: 95457601-68d1-4385-af20-87916ddab906
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-filtering-platform-policy-change.md
View File

@ -3,7 +3,7 @@ title: Audit Filtering Platform Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Filtering Platform Policy Change, which determines whether the operating system generates audit events for certain IPsec and Windows Filtering Platform actions.
ms.assetid: 0eaf1c56-672b-4ea9-825a-22dc03eb4041
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-force-audit-policy-subcategory-settings-to-override.md
View File

@ -2,7 +2,7 @@
title: Audit Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings (Windows 10)
description: Describes the best practices, location, values, and security considerations for the Audit Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings security policy setting.
ms.assetid: 8ddc06bc-b6d6-4bac-9051-e0d77035bd4e
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/audit-group-membership.md
View File

@ -3,7 +3,7 @@ title: Audit Group Membership (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Group Membership, which enables you to audit group memberships when they are enumerated on the client PC.
ms.assetid: 1CD7B014-FBD9-44B9-9274-CC5715DE58B9
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-handle-manipulation.md
View File

@ -3,7 +3,7 @@ title: Audit Handle Manipulation (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Handle Manipulation, which determines whether the operating system generates audit events when a handle to an object is opened or closed.
ms.assetid: 1fbb004a-ccdc-4c80-b3da-a4aa7a9f4091
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-ipsec-driver.md
View File

@ -3,7 +3,7 @@ title: Audit IPsec Driver (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit IPsec Driver, which determines whether the operating system generates audit events for the activities of the IPsec driver.
ms.assetid: c8b8c02f-5ad0-4ee5-9123-ea8cdae356a5
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-ipsec-extended-mode.md
View File

@ -3,7 +3,7 @@ title: Audit IPsec Extended Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Extended Mode, which determines whether the operating system generates audit events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
ms.assetid: 2b4fee9e-482a-4181-88a8-6a79d8fc8049
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-ipsec-main-mode.md
View File

@ -3,7 +3,7 @@ title: Audit IPsec Main Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Main Mode, which determines whether the operating system generates events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Main Mode negotiations.
ms.assetid: 06ed26ec-3620-4ef4-a47a-c70df9c8827b
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-ipsec-quick-mode.md
View File

@ -3,7 +3,7 @@ title: Audit IPsec Quick Mode (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Quick Mode, which determines whether the operating system generates audit events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Quick Mode negotiations.
ms.assetid: 7be67a15-c2ce-496a-9719-e25ac7699114
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-kerberos-authentication-service.md
View File

@ -3,7 +3,7 @@ title: Audit Kerberos Authentication Service (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Authentication Service, which determines whether to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests.
ms.assetid: 990dd6d9-1a1f-4cce-97ba-5d7e0a7db859
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-kerberos-service-ticket-operations.md
View File

@ -3,7 +3,7 @@ title: Audit Kerberos Service Ticket Operations (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kerberos Service Ticket Operations, which determines whether the operating system generates security audit events for Kerberos service ticket requests.
ms.assetid: ddc0abef-ac7f-4849-b90d-66700470ccd6
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-kernel-object.md
View File

@ -3,7 +3,7 @@ title: Audit Kernel Object (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Kernel Object, which determines whether the operating system generates audit events when users attempt to access the system kernel, which includes mutexes and semaphores.
ms.assetid: 75619d8b-b1eb-445b-afc9-0f9053be97fb
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-logoff.md
View File

@ -3,7 +3,7 @@ title: Audit Logoff (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Logoff, which determines whether the operating system generates audit events when logon sessions are terminated.
ms.assetid: 681e51f2-ba06-46f5-af8c-d9c48d515432
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-logon.md
View File

@ -3,7 +3,7 @@ title: Audit Logon (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Logon, which determines whether the operating system generates audit events when a user attempts to log on to a computer.
ms.assetid: ca968d03-7d52-48c4-ba0e-2bcd2937231b
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-mpssvc-rule-level-policy-change.md
View File

@ -3,7 +3,7 @@ title: Audit MPSSVC Rule-Level Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit MPSSVC Rule-Level Policy Change, which determines whether the operating system generates audit events when changes are made to policy rules for the Microsoft Protection Service (MPSSVC.exe).
ms.assetid: 263461b3-c61c-4ec3-9dee-851164845019
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-network-policy-server.md
View File

@ -3,7 +3,7 @@ title: Audit Network Policy Server (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Network Policy Server, which determines whether the operating system generates audit events for RADIUS (IAS) and Network Access Protection (NAP) activity on user access requests (Grant, Deny, Discard, Quarantine, Lock, and Unlock).
ms.assetid: 43b2aea4-26df-46da-b761-2b30f51a80f7
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-non-sensitive-privilege-use.md
View File

@ -3,7 +3,7 @@ title: Audit Non Sensitive Privilege Use (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Non-Sensitive Privilege Use, which determines whether the operating system generates audit events when non-sensitive privileges (user rights) are used.
ms.assetid: 8fd74783-1059-443e-aa86-566d78606627
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-account-logon-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Account Logon Events (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Other Account Logon Events, which allows you to audit events generated by responses to credential requests submitted for a user account logon that are not credential validation or Kerberos tickets.
ms.assetid: c8c6bfe0-33d2-4600-bb1a-6afa840d75b3
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-account-management-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Account Management Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Account Management Events, which determines whether the operating system generates user account management audit events.
ms.assetid: 4ce22eeb-a96f-4cf9-a46d-6642961a31d5
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-logonlogoff-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Logon/Logoff Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, which determines whether Windows generates audit events for other logon or logoff events.
ms.assetid: 76d987cd-1917-4907-a739-dd642609a458
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-object-access-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Object Access Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Object Access Events, which determines whether the operating system generates audit events for the management of Task Scheduler jobs or COM+ objects.
ms.assetid: b9774595-595d-4199-b0c5-8dbc12b6c8b2
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-policy-change-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Policy Change Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Policy Change Events, which determines whether the operating system generates audit events for security policy changes that are not otherwise audited in the Policy Change category.
ms.assetid: 8618502e-c21c-41cc-8a49-3dc1eb359e60
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-privilege-use-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other Privilege Use Events (Windows 10)
description: This security policy setting is not used.
ms.assetid: 5f7f5b25-42a6-499f-8aa2-01ac79a2a63c
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-other-system-events.md
View File

@ -3,7 +3,7 @@ title: Audit Other System Events (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other System Events, which determines whether the operating system audits various system events.
ms.assetid: 2401e4cc-d94e-41ec-82a7-e10914295f8b
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-pnp-activity.md
View File

@ -3,7 +3,7 @@ title: Audit PNP Activity (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit PNP Activity, which determines when plug and play detects an external device.
ms.assetid: A3D87B3B-EBBE-442A-953B-9EB75A5F600E
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-policy.md
View File

@ -2,7 +2,7 @@
title: Audit Policy (Windows 10)
description: Provides information about basic audit policies that are available in Windows and links to information about each setting.
ms.assetid: 2e8ea400-e555-43e5-89d6-0898cb89da90
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security

2
windows/keep-secure/audit-process-creation.md
View File

@ -3,7 +3,7 @@ title: Audit Process Creation (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Creation, which determines whether the operating system generates audit events when a process is created (starts).
ms.assetid: 67e39fcd-ded6-45e8-b1b6-d411e4e93019
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-process-termination.md
View File

@ -3,7 +3,7 @@ title: Audit Process Termination (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Process Termination, which determines whether the operating system generates audit events when an attempt is made to end a process.
ms.assetid: 65d88e53-14aa-48a4-812b-557cebbf9e50
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-registry.md
View File

@ -3,7 +3,7 @@ title: Audit Registry (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Registry, which determines whether the operating system generates audit events when users attempt to access registry objects.
ms.assetid: 02bcc23b-4823-46ac-b822-67beedf56b32
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-removable-storage.md
View File

@ -3,7 +3,7 @@ title: Audit Removable Storage (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Removable Storage, which determines when there is a read or a write to a removable drive.
ms.assetid: 1746F7B3-8B41-4661-87D8-12F734AFFB26
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-rpc-events.md
View File

@ -3,7 +3,7 @@ title: Audit RPC Events (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit RPC Events, which determines whether the operating system generates audit events when inbound remote procedure call (RPC) connections are made.
ms.assetid: 868aec2d-93b4-4bc8-a150-941f88838ba6
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-sam.md
View File

@ -3,7 +3,7 @@ title: Audit SAM (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit SAM, which enables you to audit events that are generated by attempts to access Security Account Manager (SAM) objects.
ms.assetid: 1d00f955-383d-4c95-bbd1-fab4a991a46e
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-security-group-management.md
View File

@ -3,7 +3,7 @@ title: Audit Security Group Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Security Group Management, which determines whether the operating system generates audit events when specific security group management tasks are performed.
ms.assetid: ac2ee101-557b-4c84-b9fa-4fb23331f1aa
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-security-state-change.md
View File

@ -3,7 +3,7 @@ title: Audit Security State Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
ms.assetid: decb3218-a67d-4efa-afc0-337c79a89a2d
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

2
windows/keep-secure/audit-security-system-extension.md
View File

@ -3,7 +3,7 @@ title: Audit Security System Extension (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Security System Extension, which determines whether the operating system generates audit events related to security system extensions.
ms.assetid: 9f3c6bde-42b2-4a0a-b353-ed3106ebc005
ms.pagetype: security
ms.prod: W10
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
author: Mir0sh

Some files were not shown because too many files have changed in this diff Show More