deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-24 06:43:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into indicators-update

Browse Source
This commit is contained in:
Joey Caparas
2019-09-05 10:17:05 -07:00
parent 0c5b22e94d 4cd84901ce
commit 9d9c09aee8
369 changed files with 4338 additions and 4451 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/advanced-security-auditing-faq.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/advanced-security-auditing.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/audit-account-lockout.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 07/16/2018
---

2
windows/security/threat-protection/auditing/audit-application-generated.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-application-group-management.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-audit-policy-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-authentication-policy-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-authorization-policy-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-certification-services.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-computer-account-management.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-credential-validation.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-detailed-file-share.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-directory-service-access.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-directory-service-changes.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-directory-service-replication.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-distribution-group-management.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-dpapi-activity.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-file-share.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-file-system.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-group-membership.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-handle-manipulation.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-ipsec-driver.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 10/02/2018
---

2
windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 10/02/2018
---

2
windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 10/02/2018
---

2
windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 10/02/2018
---

2
windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-kernel-object.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-logoff.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 07/16/2018
---

2
windows/security/threat-protection/auditing/audit-logon.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-network-policy-server.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-account-logon-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-account-management-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-object-access-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 05/29/2017
---

2
windows/security/threat-protection/auditing/audit-other-policy-change-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-other-system-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-pnp-activity.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-process-creation.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-process-termination.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-registry.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-removable-storage.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-rpc-events.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-sam.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-security-group-management.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 02/28/2019
---

2
windows/security/threat-protection/auditing/audit-security-state-change.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-security-system-extension.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-special-logon.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-system-integrity.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-user-account-management.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/audit-user-device-claims.md
View File

@ -10,7 +10,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
---

2
windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-account-management.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-logon-events.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-object-access.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-policy-change.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-privilege-use.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-process-tracking.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-audit-system-events.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-security-audit-policies.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: Mir0sh
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance

2
windows/security/threat-protection/auditing/event-1100.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/event-1102.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/event-1104.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: none
author: Mir0sh
author: dansimp
ms.date: 04/19/2017
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
View File

@ -21,7 +21,7 @@ ms.localizationpriority: medium
- Windows 10
>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
To help protect your company from attacks which may originate from untrusted or attacker controlled font files, weve created the Blocking Untrusted Fonts feature. Using this feature, you can turn on a global setting that stops your employees from loading untrusted fonts processed using the Graphics Device Interface (GDI) onto your network. Untrusted fonts are any font installed outside of the `%windir%/Fonts` directory. Blocking untrusted fonts helps prevent both remote (web-based or email-based) and local EOP attacks that can happen during the font file-parsing process.

2
windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
View File

@ -36,4 +36,4 @@ Organizations participating in the CME effort work together to help eradicate se
Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).

4
windows/security/threat-protection/intelligence/developer-resources.md
View File

@ -24,9 +24,9 @@ If you believe that your application or program has been incorrectly detected by
Check out the following resources for information on how to submit and view submissions:
- [Submit files](https://www.microsoft.com/en-us/wdsi/filesubmission)
- [Submit files](https://www.microsoft.com/wdsi/filesubmission)
- [View your submissions](https://www.microsoft.com/en-us/wdsi/submissionhistory)
- [View your submissions](https://www.microsoft.com/wdsi/submissionhistory)
## Additional resources

2
windows/security/threat-protection/intelligence/fileless-threats.md
View File

@ -96,6 +96,6 @@ Having described the broad categories, we can now dig into the details and provi
## Defeating fileless malware
At Microsoft, we actively monitor the security landscape to identify new threat trends and develop solutions that continuously enhance Windows security and mitigate classes of threats. We instrument durable protections that are effective against a wide range of threats. Through AntiMalware Scan Interface (AMSI), behavior monitoring, memory scanning, and boot sector protection, Microsoft Defender Advanced Threat Protection [(Microsoft Defender ATP)](https://www.microsoft.com/en-us/windowsforbusiness?ocid=docs-fileless) can inspect fileless threats even with heavy obfuscation. Machine learning technologies in the cloud allow us to scale these protections against new and emerging threats.
At Microsoft, we actively monitor the security landscape to identify new threat trends and develop solutions that continuously enhance Windows security and mitigate classes of threats. We instrument durable protections that are effective against a wide range of threats. Through AntiMalware Scan Interface (AMSI), behavior monitoring, memory scanning, and boot sector protection, Microsoft Defender Advanced Threat Protection [(Microsoft Defender ATP)](https://www.microsoft.com/windowsforbusiness?ocid=docs-fileless) can inspect fileless threats even with heavy obfuscation. Machine learning technologies in the cloud allow us to scale these protections against new and emerging threats.
To learn more, read: [Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/)

2
windows/security/threat-protection/intelligence/macro-malware.md
View File

@ -31,7 +31,7 @@ We've seen macro malware download threats from the following families:
* [Ransom:Win32/Teerac](Ransom:Win32/Teerac)
* [TrojanDownloader:Win32/Chanitor](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:Win32/Chanitor.A)
* [TrojanSpy:Win32/Ursnif](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=TrojanSpy:Win32/Ursnif)
* [Win32/Fynloski](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Win32/Fynloski)
* [Win32/Fynloski](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Win32/Fynloski)
* [Worm:Win32/Gamarue](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Win32/Gamarue)
## How to protect against macro malware

2
windows/security/threat-protection/intelligence/prevent-malware-infection.md
View File

@ -53,7 +53,7 @@ Using pirated content is not only illegal, it can also expose your device to mal
Users do not openly discuss visits to these sites, so any untoward experience are more likely to stay unreported.
To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/en-us/windows/s-mode?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as [Windows 10 Pro SKU S Mode](https://www.microsoft.com/windows/s-mode?ocid=cx-wdsi-articles), which ensures that only vetted apps from the Windows Store are installed.
## Don't attach unfamiliar removable drives

2
windows/security/threat-protection/intelligence/rootkits-malware.md
View File

@ -31,7 +31,7 @@ Many modern malware families use rootkits to try and avoid detection and removal
* [Cutwail](https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fCutwail)
* [Datrahere](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/Detrahere) (Zacinlo)
* [Datrahere](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/Detrahere) (Zacinlo)
* [Rustock](https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32%2fRustock)

4
windows/security/threat-protection/intelligence/safety-scanner-download.md
View File

@ -24,12 +24,12 @@ Microsoft Safety Scanner is a scan tool designed to find and remove malware from
- [Download Microsoft Safety Scanner (64-bit)](https://go.microsoft.com/fwlink/?LinkId=212732)
> [!NOTE]
> The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/en-us/wdsi/definitions).
> The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/wdsi/definitions).
Safety Scanner only scans when manually triggered and is available for use 10 days after being downloaded. We recommend that you always download the latest version of this tool before each scan.
> [!NOTE]
> This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/en-us/wdsi/help/troubleshooting-infection).
> This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
> [!NOTE]
> Safety scanner is a portable executable and does not appear in the Windows Start menu or as an icon on the desktop. Note where you saved this download.

4
windows/security/threat-protection/intelligence/submission-guide.md
View File

@ -52,7 +52,7 @@ We encourage all software vendors and developers to read about [how Microsoft id
## How do I track or view past sample submissions?
You can track your submissions through the [submission history page](https://www.microsoft.com/en-us/wdsi/submissionhistory). Your submission will only appear on this page if you were signed in when you submitted it.
You can track your submissions through the [submission history page](https://www.microsoft.com/wdsi/submissionhistory). Your submission will only appear on this page if you were signed in when you submitted it.
If youre not signed in when you submit a sample, you will be redirected to a tracking page. Bookmark this page if you want to come back and check on the status of your submission.
@ -66,7 +66,7 @@ Each submission is shown to be in one of the following status types:
* Closed—a final determination has been given by an analyst
If you are signed in, you can see the status of any files you submit to us on the [submission history page](https://www.microsoft.com/en-us/wdsi/submissionhistory).
If you are signed in, you can see the status of any files you submit to us on the [submission history page](https://www.microsoft.com/wdsi/submissionhistory).
## How does Microsoft prioritize submissions

6
windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
View File

@ -18,7 +18,7 @@ search.appverid: met150
# Top scoring in industry tests
Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) technologies consistently achieve high scores in independent tests, demonstrating the strength of its enterprise threat protection capabilities. Microsoft aims to be transparent about these test scores. This page summarizes the results and provides analysis.
Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) technologies consistently achieve high scores in independent tests, demonstrating the strength of its enterprise threat protection capabilities. Microsoft aims to be transparent about these test scores. This page summarizes the results and provides analysis.
## Next generation protection
@ -94,6 +94,6 @@ MITRE tested the ability of products to detect techniques commonly used by the t
It is important to remember that Microsoft sees a wider and broader set of threats beyond whats tested in the evaluations highlighted above. For example, in an average month, we identify over 100 million new threats. Even if an independent tester can acquire and test 1% of those threats, that is a million tests across 20 or 30 products. In other words, the vastness of the malware landscape makes it extremely difficult to evaluate the quality of protection against real world threats.
The capabilities within [Microsoft Defender ATP](https://www.microsoft.com/en-us/windowsforbusiness?ocid=cx-docs-avreports) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into industry antivirus tests, and address some of the latest and most sophisticated threats. Isolating AV from the rest of Microsoft Defender ATP creates a partial picture of how our security stack operates in the real world. For example, attack surface reduction and endpoint detection & response capabilities can help prevent malware from getting onto devices in the first place. We have proven that [Microsoft Defender ATP components catch samples](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports) that Windows Defender Antivirus missed in these industry tests, which is more representative of how effectively our security suite protects customers in the real world.
The capabilities within [Microsoft Defender ATP](https://www.microsoft.com/windowsforbusiness?ocid=cx-docs-avreports) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into industry antivirus tests, and address some of the latest and most sophisticated threats. Isolating AV from the rest of Microsoft Defender ATP creates a partial picture of how our security stack operates in the real world. For example, attack surface reduction and endpoint detection & response capabilities can help prevent malware from getting onto devices in the first place. We have proven that [Microsoft Defender ATP components catch samples](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports) that Windows Defender Antivirus missed in these industry tests, which is more representative of how effectively our security suite protects customers in the real world.
Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Microsoft Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).
Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Microsoft Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Microsoft Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).

2
windows/security/threat-protection/intelligence/understanding-malware.md
View File

@ -21,7 +21,7 @@ Malware is a term used to describe malicious applications and code that can caus
Cybercriminals that distribute malware are often motivated by money and will use infected computers to launch attacks, obtain banking credentials, collect information that can be sold, sell access to computing resources, or extort payment from victims.
As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp)), businesses can stay protected with next-generation protection and other security capabilities.
As criminals become more sophisticated with their attacks, Microsoft is here to help. Windows 10 is the most secure version of Windows yet and includes many features to help protect you whether you're at home, at work, or on the go. With Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp)), businesses can stay protected with next-generation protection and other security capabilities.
For good general tips, check out the [prevent malware infection](prevent-malware-infection.md) topic.

2
windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
View File

@ -50,4 +50,4 @@ To be eligible for VIA your organization must:
3. Be willing to sign and adhere to the VIA membership agreement.
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).

2
windows/security/threat-protection/intelligence/virus-initiative-criteria.md
View File

@ -54,4 +54,4 @@ Your organization must meet the following eligibility requirements to qualify fo
### Apply now
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry).
If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry).

2
windows/security/threat-protection/intelligence/worms-malware.md
View File

@ -34,7 +34,7 @@ Jenxcus (also known as Dunihi), Gamarue (also known as Androm), and Bondat have
Both Bondat and Gamarue have clever ways of obscuring themselves to evade detection. By hiding what they are doing, they try to avoid detection by security software.
* [**WannaCrypt**](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Ransom:Win32/WannaCrypt) also deserves a mention here. Unlike older worms that often spread just because they could, modern worms often spread to drop a payload (e.g. ransomware).
* [**WannaCrypt**](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Ransom:Win32/WannaCrypt) also deserves a mention here. Unlike older worms that often spread just because they could, modern worms often spread to drop a payload (e.g. ransomware).
This image shows how a worm can quickly spread through a shared USB drive.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
View File

@ -22,7 +22,7 @@ ms.topic: article
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Microsoft Defender ATP with.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The AlertEvents table in the Advanced hunting schema contains information about alerts on Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.

4
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
View File

@ -24,7 +24,7 @@ ms.date: 04/24/2018
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
## Performance best practices
The following best practices serve as a guideline of query performance best practices and for you to get faster results and be able to run complex queries.
@ -93,4 +93,4 @@ ProcessCreationEvents
| where CanonicalCommandLine contains "stop" and CanonicalCommandLine contains "MpsSvc"
```
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The FileCreationEvents table in the Advanced hunting schema contains information about file creation, modification, and other file system events. Use this reference to construct queries that return information from the table.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The ImageLoadEvents table in the Advanced hunting schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The LogonEvents table in the Advanced hunting schema contains information about user logons and other authentication events. Use this reference to construct queries that return information from the table.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The MachineInfo table in the Advanced hunting schema contains information about machines in the organization, including OS version, active users, and computer name. Use this reference to construct queries that return information from the table.

2
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md
View File

@ -24,7 +24,7 @@ ms.date: 07/24/2019
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
The MachineNetworkInfo table in the Advanced hunting schema contains information about networking configuration of machines, including network adapters, IP and MAC addresses, and connected networks or domains. Use this reference to construct queries that return information from the table.

Some files were not shown because too many files have changed in this diff Show More