deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into Benny-54-cleanup-cm1

Browse Source
This commit is contained in:
Benny Shilpa
2022-05-16 17:39:35 +05:30
committed by GitHub
parent 749f0066f9 56f7803ff8
commit b41f88c1d9
125 changed files with 269 additions and 580 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/client-management/mdm/policy-csp-audit.md
View File

@ -1714,7 +1714,7 @@ The following are the supported values:
<!--/Scope-->
<!--Description-->
This policy setting allows you to audit events generated when encryption or decryption requests are made to the Data Protection application interface (DPAPI). DPAPI is used to protect secret information such as stored password and key information. For more information about DPAPI, see https://go.microsoft.com/fwlink/?LinkId=121720.
This policy setting allows you to audit events generated when encryption or decryption requests are made to the Data Protection application interface (DPAPI). DPAPI is used to protect secret information such as stored password and key information. For more information about DPAPI, see [How to use Data Protection](/dotnet/standard/security/how-to-use-data-protection).
If you configure this policy setting, an audit event is generated when an encryption or decryption request is made to DPAPI. Success audits record successful requests and Failure audits record unsuccessful requests.
If you don't configure this policy setting, no audit event is generated when an encryption or decryption request is made to DPAPI.
@ -2862,7 +2862,7 @@ If you don't configure this policy setting, no audit event is generated when an
> [!Note]
> Only the System Access Control List (SACL) for SAM_SERVER can be modified.
Volume: High on domain controllers. For information about reducing the number of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121698).
Volume: High on domain controllers. For more information about reducing the number of events generated by auditing the access of global system objects, see [Audit the access of global system objects](/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects).
<!--/Description-->
<!--DbMapped-->

4
windows/client-management/mdm/policy-csp-defender.md
View File

@ -7,7 +7,7 @@ ms.prod: w10
ms.technology: windows
author: dansimp
ms.localizationpriority: medium
ms.date: 12/29/2021
ms.date: 05/12/2022
ms.reviewer:
manager: dansimp
ms.collection: highpri
@ -863,7 +863,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 for desktop.
This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (Azure Site Recovery) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
This policy setting enables setting the state (Block/Audit/Off) for each attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
For more information about ASR rule ID and status ID, see [Enable Attack Surface Reduction](/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction).