deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update use-applocker-and-software-restriction-policies-in-the-same-domain.md

Browse Source
This commit is contained in:
Joey Caparas
2020-11-02 16:59:48 -08:00
parent ed0bb185ad
commit c28ac2bf0b
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md
View File

@ -69,7 +69,7 @@ The following table compares the features and functions of Software Restriction
</tr> </tr>
<tr class="odd"> <tr class="odd">
<td align="left"><p>Enforcement mode</p></td> <td align="left"><p>Enforcement mode</p></td>
<td align="left"><p>SRP works in the “deny list mode” where administrators can create rules for files that they do not want to allow in this Enterprise whereas the rest of the file are allowed to run by default.</p> <td align="left"><p>SRP works in the “deny list mode” where administrators can create rules for files that they do not want to allow in this Enterprise whereas the rest of the file is allowed to run by default.</p>
<p>SRP can also be configured in the “allow list mode” so that by default all files are blocked and administrators need to create allow rules for files that they want to allow.</p></td> <p>SRP can also be configured in the “allow list mode” so that by default all files are blocked and administrators need to create allow rules for files that they want to allow.</p></td>
<td align="left"><p>AppLocker by default works in the “allow list mode” where only those files are allowed to run for which there is a matching allow rule.</p></td> <td align="left"><p>AppLocker by default works in the “allow list mode” where only those files are allowed to run for which there is a matching allow rule.</p></td>
</tr> </tr>
@ -146,12 +146,12 @@ The following table compares the features and functions of Software Restriction
<tr class="odd"> <tr class="odd">
<td align="left"><p>Support for rule exceptions</p></td> <td align="left"><p>Support for rule exceptions</p></td>
<td align="left"><p>SRP does not support rule exceptions.</p></td> <td align="left"><p>SRP does not support rule exceptions.</p></td>
<td align="left"><p>AppLocker rules can have exceptions which allow you to create rules such as “Allow everything from Windows except for regedit.exe”.</p></td> <td align="left"><p>AppLocker rules can have exceptions, which allow you to create rules such as “Allow everything from Windows except for regedit.exe”.</p></td>
</tr> </tr>
<tr class="even"> <tr class="even">
<td align="left"><p>Support for audit mode</p></td> <td align="left"><p>Support for audit mode</p></td>
<td align="left"><p>SRP does not support audit mode. The only way to test SRP policies is to set up a test environment and run a few experiments.</p></td> <td align="left"><p>SRP does not support audit mode. The only way to test SRP policies is to set up a test environment and run a few experiments.</p></td>
<td align="left"><p>AppLocker supports audit mode which allows you to test the effect of their policy in the real production environment without impacting the user experience. Once you are satisfied with the results, you can start enforcing the policy.</p></td> <td align="left"><p>AppLocker supports audit mode, which allows you to test the effect of their policy in the real production environment without impacting the user experience. Once you are satisfied with the results, you can start enforcing the policy.</p></td>
</tr> </tr>
<tr class="odd"> <tr class="odd">
<td align="left"><p>Support for exporting and importing policies</p></td> <td align="left"><p>Support for exporting and importing policies</p></td>
@ -160,8 +160,8 @@ The following table compares the features and functions of Software Restriction
</tr> </tr>
<tr class="even"> <tr class="even">
<td align="left"><p>Rule enforcement</p></td> <td align="left"><p>Rule enforcement</p></td>
<td align="left"><p>Internally, SRP rules enforcement happens in the user-mode which is less secure.</p></td> <td align="left"><p>Internally, SRP rules enforcement happens in the user-mode, which is less secure.</p></td>
<td align="left"><p>Internally, AppLocker rules for .exe and .dll files are enforced in the kernel-mode which is more secure than enforcing them in the user-mode.</p></td> <td align="left"><p>Internally, AppLocker rules for .exe and .dll files are enforced in the kernel-mode, which is more secure than enforcing them in the user-mode.</p></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>