clean/linted tpm recs

2025-06-22 05:43:41 +00:00 · 2019-08-01 15:53:15 -04:00
parent c2dcb444d1
commit d1fcdadae4
1 changed files with 37 additions and 38 deletions
--- a/windows/security/information-protection/tpm/tpm-recommendations.md
+++ b/windows/security/information-protection/tpm/tpm-recommendations.md
@ -20,6 +20,7 @@ ms.date: 11/29/2018
 # TPM recommendations

 **Applies to**
+
 - Windows 10
 - Windows Server 2016

@ -108,25 +109,23 @@ For end consumers, TPM is behind the scenes but is still very relevant. TPM is u

 The following table defines which Windows features require TPM support.

-| Windows Features        | TPM Required | Supports TPM 1.2   | Supports TPM 2.0   | Details  |
-|-------------------------|--------------|--------------------|--------------------|----------|
-| Measured Boot           | Yes          | Yes                | Yes                | Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot         |
-| BitLocker               | Yes           | Yes                | Yes                | TPM 1.2 or 2.0 is required, but [Automatic Device Encryption requires Modern Standby](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) including TPM 2.0 support |
-| Device Encryption       | Yes          | N/A                | Yes                | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0. |
-| Windows Defender Application Control (Device Guard)            | No           | Yes                | Yes                |          |
-| Windows Defender Exploit Guard | No   | N/A                | N/A                |           |
-| Windows Defender System Guard | Yes   | No                | Yes                |           |
-| Credential Guard        | No           | Yes                | Yes                | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported.   |
-| Device Health Attestation| Yes         | Yes                | Yes                |          |
-| Windows Hello/Windows Hello for Business| No | Yes          | Yes                | Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support.         |
-| UEFI Secure Boot        | No            | Yes               | Yes                |          |
-| TPM Platform Crypto Provider Key Storage Provider| Yes | Yes| Yes                |          |
-| Virtual Smart Card      | Yes           | Yes               | Yes                |          |
-| Certificate storage     | No            | Yes               | Yes                | TPM is only required when the certificate is stored in the TPM. |
-| Autopilot               | Yes           | No                | Yes                | TPM 2.0 and UEFI firmware is required. |
-| SecureBIO               | Yes           | No                | Yes                | TPM 2.0 and UEFI firmware is required. |
-| DRTM                    | Yes           | No                | Yes                | TPM 2.0 and UEFI firmware is required. |
-
+ Windows Features | TPM Required | Supports TPM 1.2  | Supports TPM 2.0  | Details  |
+-|-|-|-|-
+ Measured Boot | Yes | Yes | Yes | Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot
+ BitLocker | Yes | Yes | Yes | TPM 1.2 or 2.0 is required, but [Automatic Device Encryption requires Modern Standby](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) including TPM 2.0 support
+ Device Encryption | Yes | N/A | Yes | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0.
+ Windows Defender Application Control (Device Guard) | No | Yes | Yes
+ Windows Defender System Guard | Yes | No | Yes
+ Credential Guard | No | Yes | Yes | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported.
+ Device Health Attestation| Yes | Yes | Yes
+ Windows Hello/Windows Hello for Business| No | Yes | Yes | Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support.
+ UEFI Secure Boot | No | Yes | Yes
+ TPM Platform Crypto Provider Key Storage Provider| Yes | Yes | Yes
+ Virtual Smart Card | Yes | Yes | Yes
+ Certificate storage | No | Yes | Yes | TPM is only required when the certificate is stored in the TPM.
+ Autopilot | Yes | No | Yes | TPM 2.0 and UEFI firmware is required.
+ SecureBIO | Yes | No | Yes | TPM 2.0 and UEFI firmware is required.
+ DRTM | Yes | No | Yes | TPM 2.0 and UEFI firmware is required.

 ## OEM Status on TPM 2.0 system availability and certified parts