deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 18:33:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #1005 from MicrosoftDocs/response-action-perms

Browse Source 
add table
This commit is contained in:
jcaparas
2019-08-29 10:30:44 -07:00
committed by GitHub
parent 393cb60953 91ca711503
commit cd0292549f
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
View File

@ -40,6 +40,18 @@ Response actions run along the top of the file page, and include:
You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
Some actions require certain permissions. The following table describes what action certain permissions can take on portable executable (PE) and non-PE files:
Permission | PE files | Non-PE files
:---|:---|:---
View data | X | X
Alerts investigation | ☑ | X
Live response basic | X | X
Live response advanced | ☑ |☑
For more information on roles, see [Create and manage roles for role-based access control](user-roles.md).
## Stop and quarantine files in your network
You can contain an attack in your organization by stopping the malicious process and quarantining the file where it was observed.