diff --git a/windows/deployment/deploy-m365.md b/windows/deployment/deploy-m365.md index 1bf5c927c7..67561a162b 100644 --- a/windows/deployment/deploy-m365.md +++ b/windows/deployment/deploy-m365.md @@ -34,10 +34,10 @@ For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor You can check out the Microsoft 365 deployment advisor and other resources for free! Just follow the steps below. -1. Obtain a free EMS 90-day trial by visiting the following link. Provide your email address and answer a few simple questions. - - [Free Trial - Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security-trial) +>[!NOTE] +>If you have not run a setup guide before, you will see the **Prepare your environment** guide first. This is to make sure you have basics covered like domain verification and a method for adding users. At the end of the "Prepare your environment" guide, there will be a **Ready to continue** button that sends you to the original guide that was selected. +1. [Obtain a free M365 trial](https://docs.microsoft.com/office365/admin/try-or-buy-microsoft-365). 2. Check out the [Microsoft 365 deployment advisor](https://portal.office.com/onboarding/Microsoft365DeploymentAdvisor#/). 3. Also check out the [Windows Analytics deployment advisor](https://portal.office.com/onboarding/WindowsAnalyticsDeploymentAdvisor#/). This advisor will walk you through deploying [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness), [Update Compliance](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), and [Device Health](https://docs.microsoft.com/windows/deployment/update/device-health-monitor). diff --git a/windows/deployment/images/wada.png b/windows/deployment/images/wada.png new file mode 100644 index 0000000000..1c715e8f0e Binary files /dev/null and b/windows/deployment/images/wada.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md index 5334c052ed..e5f643f908 100644 --- a/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 04/24/2018 --- # Take response actions on a file @@ -109,13 +108,17 @@ You can roll back and remove a file from quarantine if you’ve determined that You can prevent further propagation of an attack in your organization by banning potentially malicious files or suspected malware. If you know a potentially malicious portable executable (PE) file, you can block it. This operation will prevent it from being read, written, or executed on machines in your organization. >[!IMPORTANT] ->- This feature is available if your organization uses Windows Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md).

+>- This feature is available if your organization uses Windows Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md). +>- The Antimalware client version must be 4.18.1901.x or later. >- This feature is designed to prevent suspected malware (or potentially malicious files) from being downloaded from the web. It currently supports portable executable (PE) files, including _.exe_ and _.dll_ files. The coverage will be extended over time. >- This response action is available for machines on Windows 10, version 1703 or later. +>- The allow or block function cannot be done on files if the file's classification exists on the device's cache prior to the allow or block action. + + >[!NOTE] > The PE file needs to be in the machine timeline for you to be able to take this action. - +>- There may be a couple of minutes of latency between the time the action is taken and the actual file being blocked. ### Enable the block file feature Before you can block files, you'll need to enable the feature. @@ -149,6 +152,9 @@ Before you can block files, you'll need to enable the feature. When the file is blocked, there will be a new event in the machine timeline.
+>[!NOTE] +>-If a file was scanned before the action was taken, it may take longer to be effective on the device. + **Notification on machine user**:
When a file is being blocked on the machine, the following notification is displayed to inform the user that the file was blocked: