deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 22:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/Microsoft/windows-itpro-docs

Browse Source
This commit is contained in:
Brian Lich 2017-11-09 08:38:50 -08:00
commit e2339ecd08
6 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devices/surface-hub/differences-between-surface-hub-and-windows-10-enterprise.md
View File

@ -32,7 +32,7 @@ Surface Hub doesn't have a lock screen or a screen saver, but it has a similar f
### User sign-in
Surface Hub is designed to be used in communal spaces, such as meeting rooms. Unlike Windows PCs, anyone can walk up and use a Surface Hub without requiring a user to sign in. To enable this communal functionality, Surface Hub does not support Windows sign-in the same way that Windows 10 Enterprise does (e.g., signing in a user to the OS and using those crednetials throughout the OS). Instead, there is always a local, auto signed-in, low-privilege user signed in to the Surface Hub. It doesn't support signing in any additional users, including admin users (e.g., when an admin signs in, they are not signed in to the OS).
Surface Hub is designed to be used in communal spaces, such as meeting rooms. Unlike Windows PCs, anyone can walk up and use a Surface Hub without requiring a user to sign in. To enable this communal functionality, Surface Hub does not support Windows sign-in the same way that Windows 10 Enterprise does (e.g., signing in a user to the OS and using those credentials throughout the OS). Instead, there is always a local, auto signed-in, low-privilege user signed in to the Surface Hub. It doesn't support signing in any additional users, including admin users (e.g., when an admin signs in, they are not signed in to the OS).
Users can sign in to a Surface Hub, but they will not be signed in to the OS. For example, when a user signs in to Apps or My Meetings and Files, the users is signed in only to the apps or services, not to the OS. As a result, the signed-in user is able to retrieve their cloud files and personal meetings stored in the cloud, and these credentials are discarded when **End session** is activated.

2
devices/surface-hub/prepare-your-environment-for-surface-hub.md
View File

@ -68,7 +68,7 @@ Surface Hub interacts with a few different products and services. Depending on t
A device account is an Exchange resource account that Surface Hub uses to display its meeting calendar, join Skype for Business calls, send email, and (optionally) to authenticate to Exchange. See [Create and test a device account](create-and-test-a-device-account-surface-hub.md) for details.
After you've created your device account, to verify that it's setup correctly, run Surface Hub device account validation PowerShell scripts. For more information, see [Surface Hub device account scripts](https://gallery.technet.microsoft.com/scriptcenter/Surface-Hub-device-account-6db77696) in Script Center, or [PowerShell scripts for Surface Hub](appendix-a-powershell-scripts-for-surface-hub.md) later in this guide.
After you've created your device account, to verify that it's setup correctly, run Surface Hub device account validation PowerShell scripts. For more information, see [PowerShell scripts for Surface Hub](appendix-a-powershell-scripts-for-surface-hub.md) later in this guide.

3
windows/device-security/device-guard/deploy-code-integrity-policies-steps.md
View File

@ -73,6 +73,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
|Matt Nelson | @enigma0x3|
|Oddvar Moe |@Oddvarmoe|
|Alex Ionescu | @aionescu|
|Lee Christensen|@tifkin_|
<br />
@ -134,6 +135,7 @@ Microsoft recommends that you block the following Microsoft-signed applications
<Deny ID="ID_DENY_FSI_ANYCPU" FriendlyName="fsiAnyCpu.exe" FileName="fsiAnyCpu.exe" MinimumFileVersion = "65535.65535.65535.65535" />
<Deny ID="ID_DENY_MSHTA" FriendlyName="mshta.exe" FileName="mshta.exe" MinimumFileVersion = "65535.65535.65535.65535" />
<Deny ID="ID_DENY_VISUALUIAVERIFY" FriendlyName="visualuiaverifynative.exe" FileName="visualuiaverifynative.exe" MinimumFileVersion = "65535.65535.65535.65535" />
<Deny ID="ID_DENY_RUNSCRIPTHELPER" FriendlyName="runscripthelper.exe" FileName="runscripthelper.exe" MinimumFileVersion="65535.65535.65535.65535" />
<Deny ID="ID_DENY_D_1" FriendlyName="Powershell 1" Hash="02BE82F63EE962BCD4B8303E60F806F6613759C6" />
<Deny ID="ID_DENY_D_2" FriendlyName="Powershell 2" Hash="13765D9A16CC46B2113766822627F026A68431DF" />
@ -418,6 +420,7 @@ Microsoft recommends that you block the following Microsoft-signed applications
<FileRuleRef RuleID="ID_DENY_FSI_ANYCPU" />
<FileRuleRef RuleID="ID_DENY_MSHTA" />
<FileRuleRef RuleID="ID_DENY_VISUALUIAVERIFY" />
<FileRuleRef RuleID="ID_DENY_RUNSCRIPTHELPER"/>
<FileRuleRef RuleID="ID_DENY_D_1" />
<FileRuleRef RuleID="ID_DENY_D_2" />
<FileRuleRef RuleID="ID_DENY_D_3" />

6
windows/threat-protection/use-windows-event-forwarding-to-assist-in-instrusion-detection.md
View File

@ -606,9 +606,9 @@ Here are the minimum steps for WEF to operate:
<Query Id="7" Path="Microsoft-Windows-DNS-Client/Operational">
<!-- DNS Client events Query Completed (3008) -->
<Select Path="Microsoft-Windows-DNS-Client/Operational">*[System[(EventID=3008)]]</Select>
<!—suppresses local machine name resolution events-->
<!-- suppresses local machine name resolution events -->
<Suppress Path="Microsoft-Windows-DNS-Client/Operational">*[EventData[Data[@Name="QueryOptions"]="140737488355328"]]</Suppress>
<!—suppresses empty name resolution events -->
<!-- suppresses empty name resolution events -->
<Suppress Path="Microsoft-Windows-DNS-Client/Operational">*[EventData[Data[@Name="QueryResults"]=""]]</Suppress>
</Query>
<Query Id="8" Path="Security">
@ -636,7 +636,7 @@ Here are the minimum steps for WEF to operate:
<Select Path="Microsoft-Windows-DriverFrameworks-UserMode/Operational">*[System[(EventID=2004)]]</Select>
</Query>
<Query Id="14" Path=" Windows PowerShell">
<!—Legacy PowerShell pipeline execution details (800) -->
<!-- Legacy PowerShell pipeline execution details (800) -->
<Select Path=" Windows PowerShell">*[System[(EventID=800)]]</Select>
</Query>
</QueryList>

9
windows/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md
View File

@ -19,6 +19,15 @@ Answering frequently asked questions about Windows Defender Application Guard (A
## Frequently Asked Questions
| | |
|---|----------------------------|
|**Q:** |Can I enable Application Guard on machines equipped with 4GB RAM?|
|**A:** |We recommend 8GB RAM for optimal performance but you may use the following registry values to enable Application Guard on machines that aren't meeting the recommended hardware configuration. |
||HKLM\software\Microsoft\Hvsi\SpecRequiredProcessorCount - Default is 4 cores. |
||HKLM\software\Microsoft\Hvsi\SpecRequiredMemoryInGB - Default is 8GB.|
||HKLM\software\Microsoft\Hvsi\SpecRequiredFreeDiskSpaceInGB - Default is 5GB.|
<br>
| | |
|---|----------------------------|
|**Q:** |Can employees download documents from the Application Guard Edge session onto host devices?|

5
windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
View File

@ -17,12 +17,15 @@ ms.date: 08/11/2017
The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
>[!NOTE]
>Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host.
## Hardware requirements
Your environment needs the following hardware to run Windows Defender Application Guard.
|Hardware|Description|
|--------|-----------|
|64-bit CPU|A 64-bit computer is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs).|
|64-bit CPU|A 64-bit computer with minimum 4 cores is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs).|
|CPU virtualization extensions|Extended page tables, also called _Second Level Address Translation (SLAT)_<br><br>**-AND-**<br><br>One of the following virtualization extensions for VBS:<br><br>VT-x (Intel)<br><br>**-OR-**<br><br>AMD-V|
|Hardware memory|Microsoft recommends 8GB RAM for optimal performance|
|Hard disk|5 GB free space, solid state disk (SSD) recommended|