Merge branch 'master' into MDBranch19H1Update

2025-05-12 13:27:23 +00:00 · 2019-05-14 09:10:29 -07:00 · 2019-05-14 09:10:29 -07:00 · 80b4b588b1
commit 80b4b588b1
parent 7e1f1cb739 597afc7ffc
6 changed files with 19 additions and 16 deletions
--- a/windows/security/information-protection/windows-information-protection/images/wip-azure-advanced-settings-optional.png
+++ b/windows/security/information-protection/windows-information-protection/images/wip-azure-advanced-settings-optional.png
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md
@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/29/2019
+ms.date: 05/09/2019
 ---

 # Enable attack surface reduction rules
@ -26,7 +26,7 @@ Each ASR rule contains three settings:

 To use ASR rules, you need either a Windows 10 Enterprise E3 or E5 license. We recommend an E5 license so you can take advantage of the advanced monitoring and reporting capabilities available in Windows Defender Advanced Threat Protection (Windows Defender ATP). These advanced capabilities aren't available with an E3 license, but you can develop your own monitoring and reporting tools to use in conjunction with ASR rules.

-You can enable attack surface reduction rules by using any of the these methods:
+You can enable attack surface reduction rules by using any of these methods:

 - [Microsoft Intune](#intune) 
 - [Mobile Device Management (MDM)](#mdm)
@ -131,7 +131,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 >[!WARNING]
 >If you manage your computers and devices with Intune, SCCM, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.

-1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**.
+1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**.

 2. Enter the following cmdlet:

--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/29/2019
+ms.date: 05/09/2019
 ---

 # Enable controlled folder access
@ -22,7 +22,7 @@ ms.date: 04/29/2019

 [Controlled folder access](controlled-folders-exploit-guard.md) helps you protect valuable data from malicious apps and threats, such as ransomware. It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md). Controlled folder access is included with Windows 10 and Windows Server 2019.

-You can enable controlled folder access by using any of the these methods:
+You can enable controlled folder access by using any of these methods:

 - [Windows Security app](#windows-security-app)
 - [Microsoft Intune](#intune) 
@ -59,9 +59,12 @@ For more information about disabling local list merging, see [Prevent or allow u
   ![Create endpoint protection profile](images/create-endpoint-protection-profile.png) 
 1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**. 
 1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**. 
+
   ![Enable controlled folder access in Intune](images/enable-cfa-intune.png)
+
   >[!NOTE]
   >Wilcard is supported for applications, but not for folders. Subfolders are not protected. 
+
 1. Click **OK** to save each open blade and click **Create**. 
 1. Click the profile **Assignments**, assign to **All Users & All Devices**, and click **Save**.

@ -93,14 +96,14 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
    - **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
    - **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.

-    ![Screenshot of group policy option with Enabled and then Enable selected in the drop down](images/cfa-gp-enable.png)
+      ![Screenshot of group policy option with Enabled and then Enable selected in the drop-down](images/cfa-gp-enable.png)

 >[!IMPORTANT]
 >To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu.

 ## PowerShell

-1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**.
+1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**.

 2. Enter the following cmdlet:

--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/22/2019
+ms.date: 05/09/2019
 ---

 # Enable exploit protection
@ -26,7 +26,7 @@ Many features from the Enhanced Mitigation Experience Toolkit (EMET) are include

 You can also set mitigations to [audit mode](evaluate-exploit-protection.md). Audit mode allows you to test how the mitigations would work (and review events) without impacting the normal use of the machine.

-You can enable each mitigation separately by using any of the these methods:
+You can enable each mitigation separately by using any of these methods:

 - [Windows Security app](#windows-security-app)
 - [Microsoft Intune](#intune) 
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/22/2019
+ms.date: 05/10/2019
 ---

 # Enable network protection
@ -22,7 +22,7 @@ ms.date: 04/22/2019

 [Network protection](network-protection-exploit-guard.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. 
 You can [audit network protection](evaluate-network-protection.md) in a test environment to see which apps would be blocked before you enable it.  
-You can enable network protection by using any of the these methods:
+You can enable network protection by using any of these methods:

 - [Microsoft Intune](#intune) 
 - [Mobile Device Management (MDM)](#mdm)
@ -87,7 +87,7 @@ You can confirm network protection is enabled on a local computer by using Regis

 ## PowerShell

-1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
+1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**
 2. Enter the following cmdlet:

    ```
@ -100,7 +100,7 @@ You can enable the feature in audit mode using the following cmdlet:
 Set-MpPreference -EnableNetworkProtection AuditMode
 ```

-Use `Disabled` insead of `AuditMode` or `Enabled` to turn the feature off.
+Use `Disabled` instead of `AuditMode` or `Enabled` to turn the feature off.


 ## Related topics
--- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/02/2019
+ms.date: 05/10/2019
 ---

 # Evaluate network protection
@ -22,7 +22,7 @@ ms.date: 04/02/2019

 [Network protection](network-protection-exploit-guard.md) helps prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.

-This topic helps you evaluate Network protection by enabling the feature and guiding you to a testing site. The site in this evaluation topic are not malicious, they are specially created websites that pretend to be malicious. The site will replicate the behavior that would happen if a user visted a malicious site or domain.
+This topic helps you evaluate Network protection by enabling the feature and guiding you to a testing site. The site in this evaluation topic are not malicious, they are specially created websites that pretend to be malicious. The site will replicate the behavior that would happen if a user visited a malicious site or domain.


 >[!TIP]
@ -34,7 +34,7 @@ You can enable network protection in audit mode to see which IP addresses and do

 You might want to do this to make sure it doesn't affect line-of-business apps or to get an idea of how often blocks occur.

-1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator**
+1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**
 2. Enter the following cmdlet:

    ```PowerShell