split up steps topic

2025-06-25 15:23:40 +00:00 · 2018-02-28 15:56:05 -08:00
parent cd51a485b6
commit 7fbd7f1f6a
9 changed files with 25 additions and 48 deletions
--- a/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md
@ -11,7 +11,7 @@
 ### [Customize Exploit protection](customize-exploit-protection.md)
 #### [Import, export, and deploy Exploit protection configurations](import-export-exploit-protection-emet-xml.md)
 ### [Memory integrity](memory-integrity.md)
-#### [Requirements and deployment planning guidelines for virtualization-based protection of code integrity](requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md)
+#### [Requirements for virtualization-based protection of code integrity](requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md)
 #### [Enable virtualization-based protection of code integrity](enable-virtualization-based-protection-of-code-integrity.md)
 ## [Attack surface reduction](attack-surface-reduction-exploit-guard.md)
 ### [Evaluate Attack surface reduction](evaluate-attack-surface-reduction.md)
--- a/windows/security/threat-protection/windows-defender-exploit-guard/images/turn-windows-features-on-or-off.png
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/images/turn-windows-features-on-or-off.png
--- a/windows/security/threat-protection/windows-defender-exploit-guard/memory-integrity.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/memory-integrity.md
@ -22,17 +22,7 @@ ms.date: 02/20/2018
 **Applies to:**

 - Windows 10, version 1709
+- Windows Server 2016

-
-
-**Audience**
-
- Enterprise security administrators
-
-
-**Manageability available with**
-
- Windows Defender Security Center app
- Group Policy
- PowerShell
+Memory integrity is a powerful system mitigation that leverages hardware virtualization and the Windows Hyper-V hypervisor to protect Windows kernel-mode processes against the injection and execution of malicious or unverified code. Code integrity validation is performed in a secure environment that is resistant to attack from malicious software, and page permissions for kernel mode are set and maintained by the Hyper-V hypervisor. Memory integrity helps block many types of malware from running on computers that run Windows 10 and Windows Server 2016.

--- a/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
@ -15,8 +15,6 @@ ms.date: 10/20/2017
 -   Windows 10
 -   Windows Server 2016

-## Hardware, firmware, and software requirements for Windows Defender Device Guard
-
 Computers must meet certain hardware, firmware, and software requirements in order to take adavantage of all of the virtualization-based security (VBS) features in Windows Defender Device Guard. Computers lacking these requirements can still be protected by Windows Defender Application Control (WDAC) policies—the difference is that those computers will not be as hardened against certain threats. 

 For example, hardware that includes CPU virtualization extensions and SLAT will be hardened against malware that attempts to gain access to the kernel, but without protected BIOS options such as “Boot only from internal hard drive,” the computer could be booted (by a malicious person who has physical access) into an operating system on bootable media.