deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-25 07:13:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into atp-phase2

Browse Source
This commit is contained in:
Joey Caparas
2018-08-15 10:14:30 -07:00
parent 251665a8e9 6ccc2bafd7
commit 6fe2b90ef9
64 changed files with 2064 additions and 1915 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/security-policy-settings/minimum-password-age.md
View File

@ -19,7 +19,7 @@ Describes the best practices, location, values, policy management, and security
## Reference
The **Minimum password age** policy setting determines the period of time (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after a number of days between 1 and 999, or you can specify that passwords never expire by setting the number of days to 0. If [Maximum password age](maximum-password-age.md) is between 1 and 999 days, the minimum password age must be less than the maximum password age. If Maximum password age is set to 0, **Minimum password age** can be any value between 0 and 998 days.
The **Minimum password age** policy setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0. The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998.
### Possible values

5
windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md
View File

@ -23,11 +23,16 @@ If this happens, see [Troubleshooting](#troubleshooting) for remediation steps.
## How to turn on HVCI in Windows 10
To enable HVCI on Windows 10 devices with supporting hardware throughout an enterprise, use any of these options:
- [Windows Security app](#windows-security-app)
- [Microsoft Intune (or another MDM provider)](#enable-hvci-using-intune)
- [Group Policy](#enable-hvci-using-group-policy)
- [System Center Configuration Manager](https://cloudblogs.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with-configuration-manager/)
- [Registry](#use-registry-keys-to-enable-virtualization-based-protection-of-code-integrity)
### Windows Security app
HVCI is labeled **Memory integrity** in the Windows Security app and it can be accessed via **Settings** > **Update & Security** > **Windows Security** > **Device security** > **Core isolation details** > **Memory integrity**. For more information, see [KB4096339](https://support.microsoft.com/help/4096339/windows-10-device-protection-in-windows-defender-security-center).
### Enable HVCI using Intune
Enabling in Intune requires using the Code Integrity node in the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).