deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 03:43:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into rs3

Browse Source
This commit is contained in:
jdeckerMS
2017-09-13 09:05:24 -07:00
parent 25436224dd 929bffd0d9
commit c22fba0115
4 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
View File

@ -129,7 +129,7 @@ The following requirements must be met before Attack Surface Reduction will work
Windows 10 version | Windows Defender Antivirus
- | -
Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md) must be enabled
Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled

2
windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
View File

@ -62,7 +62,7 @@ The following requirements must be met before Controlled Folder Access will work
Windows 10 version | Windows Defender Antivirus
-|-
Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md) must be enabled
Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
## Review Controlled Folder Access events in Windows Event Viewer

7
windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md
View File

@ -79,8 +79,7 @@ See the [Attack Surface Reduction](attack-surface-reduction-exploit-guard.md) to
- Disabled = 0
- Audit mode = 2
![](images/asr-rules-gp.png)
![](images/asr-rules-gp.png)
@ -91,13 +90,13 @@ See the [Attack Surface Reduction](attack-surface-reduction-exploit-guard.md) to
2. Enter the following cmdlet:
```PowerShell
Add-MpPreference -AttackSurfaceReductionRules_Ids <rule ID>
Set-MpPreference -AttackSurfaceReductionRules_Ids <rule ID> -AttackSurfaceReductionRules_Actions Enabled
```
You can enable the feature in audit mode using the following cmdlet:
```PowerShell
Set-MpPreference -AttackSurfaceReductionRules_Actions AuditMode
Add-MpPreference -AttackSurfaceReductionRules_Ids <rule ID> -AttackSurfaceReductionRules_Actions AuditMode
```
Use `Disabled` insead of `AuditMode` or `Enabled` to turn the feature off.