mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-15 14:57:23 +00:00
Merge branch 'main' into metasecurity8
This commit is contained in:
Angela Fleischmann
GitHub
commit
ecdf87b739
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: How Windows Hello for Business works (Windows)
|
||||
description: Learn about registration, authentication, key material, and infrastructure for Windows Hello for Business.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.localizationpriority: high
|
||||
author: paolomatarazzo
|
||||
ms.author: paoloma
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4908(S) Special Groups Logon table modified. (Windows 10)
|
||||
description: Describes security event 4908(S) Special Groups Logon table modified. This event is generated when the Special Groups Logon table is modified.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4908(S): Special Groups Logon table modified.
|
||||
@ -70,7 +70,7 @@ For more information about Special Groups auditing, see [4908(S): Special Groups
|
||||
|
||||
***Field Descriptions:***
|
||||
|
||||
**Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event.
|
||||
**Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID can't be resolved, you'll see the source data in the event.
|
||||
|
||||
> [!NOTE]
|
||||
> A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers).
|
||||
@ -83,7 +83,7 @@ For more information about Special Groups auditing, see [4908(S): Special Groups
|
||||
|
||||
For 4908(S): Special Groups Logon table modified.
|
||||
|
||||
- If you use the Special Groups feature, then this event should be always monitored, especially on high value assets or computers. If this change was not planned, investigate the reason for the change.
|
||||
- If you use the Special Groups feature, then this event should be always monitored, especially on high value assets or computers. If this change wasn't planned, investigate the reason for the change.
|
||||
|
||||
- If you don’t use the Special Groups feature, then this event should be always monitored because it indicates use of the Special Groups feature outside of your standard procedures.
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4909(-) The local policy settings for the TBS were changed. (Windows 10)
|
||||
description: Describes security event 4909(-) The local policy settings for the TBS were changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4909(-): The local policy settings for the TBS were changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4910(-) The group policy settings for the TBS were changed. (Windows 10)
|
||||
description: Describes security event 4910(-) The group policy settings for the TBS were changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4910(-): The group policy settings for the TBS were changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4911(S) Resource attributes of the object were changed. (Windows 10)
|
||||
description: Describes security event 4911(S) Resource attributes of the object were changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4911(S): Resource attributes of the object were changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4912(S) Per User Audit Policy was changed. (Windows 10)
|
||||
description: Describes security event 4912(S) Per User Audit Policy was changed. This event is generated every time Per User Audit Policy is changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4912(S): Per User Audit Policy was changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4913(S) Central Access Policy on the object was changed. (Windows 10)
|
||||
description: Describes security event 4913(S) Central Access Policy on the object was changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4913(S): Central Access Policy on the object was changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4928(S, F) An Active Directory replica source naming context was established. (Windows 10)
|
||||
description: Describes security event 4928(S, F) An Active Directory replica source naming context was established.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4928(S, F): An Active Directory replica source naming context was established.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4929(S, F) An Active Directory replica source naming context was removed. (Windows 10)
|
||||
description: Describes security event 4929(S, F) An Active Directory replica source naming context was removed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4929(S, F): An Active Directory replica source naming context was removed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4930(S, F) An Active Directory replica source naming context was modified. (Windows 10)
|
||||
description: Describes security event 4930(S, F) An Active Directory replica source naming context was modified.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4930(S, F): An Active Directory replica source naming context was modified.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4931(S, F) An Active Directory replica destination naming context was modified. (Windows 10)
|
||||
description: Describes security event 4931(S, F) An Active Directory replica destination naming context was modified.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4931(S, F): An Active Directory replica destination naming context was modified.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4932(S) Synchronization of a replica of an Active Directory naming context has begun. (Windows 10)
|
||||
description: Describes security event 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4932(S): Synchronization of a replica of an Active Directory naming context has begun.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended. (Windows 10)
|
||||
description: Describes security event 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4933(S, F): Synchronization of a replica of an Active Directory naming context has ended.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4934(S) Attributes of an Active Directory object were replicated. (Windows 10)
|
||||
description: Describes security event 4934(S) Attributes of an Active Directory object were replicated.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4934(S): Attributes of an Active Directory object were replicated.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4935(F) Replication failure begins. (Windows 10)
|
||||
description: Describes security event 4935(F) Replication failure begins. This event is generated when Active Directory replication failure begins.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4935(F): Replication failure begins.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4936(S) Replication failure ends. (Windows 10)
|
||||
description: Describes security event 4936(S) Replication failure ends. This event is generated when Active Directory replication failure ends.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4936(S): Replication failure ends.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4937(S) A lingering object was removed from a replica. (Windows 10)
|
||||
description: Describes security event 4937(S) A lingering object was removed from a replica.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4937(S): A lingering object was removed from a replica.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4944(S) The following policy was active when the Windows Firewall started. (Windows 10)
|
||||
description: Describes security event 4944(S) The following policy was active when the Windows Firewall started.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4944(S): The following policy was active when the Windows Firewall started.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4945(S) A rule was listed when the Windows Firewall started. (Windows 10)
|
||||
description: Describes security event 4945(S) A rule was listed when the Windows Firewall started.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4945(S): A rule was listed when the Windows Firewall started.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4946(S) A change has been made to Windows Firewall exception list. A rule was added. (Windows 10)
|
||||
description: Describes security event 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4946(S): A change has been made to Windows Firewall exception list. A rule was added.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4947(S) A change has been made to Windows Firewall exception list. A rule was modified. (Windows 10)
|
||||
description: Describes security event 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4947(S): A change has been made to Windows Firewall exception list. A rule was modified.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted. (Windows 10)
|
||||
description: Describes security event 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4948(S): A change has been made to Windows Firewall exception list. A rule was deleted.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4949(S) Windows Firewall settings were restored to the default values. (Windows 10)
|
||||
description: Describes security event 4949(S) Windows Firewall settings were restored to the default values.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4949(S): Windows Firewall settings were restored to the default values.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4950(S) A Windows Firewall setting has changed. (Windows 10)
|
||||
description: Describes security event 4950(S) A Windows Firewall setting has changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4950(S): A Windows Firewall setting has changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall. (Windows 10)
|
||||
description: Describes security event 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4951(F): A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced. (Windows 10)
|
||||
description: Security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4952(F): Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4953(F) Windows Firewall ignored a rule because it couldn't be parsed. (Windows 10)
|
||||
description: Describes security event 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4953(F): Windows Firewall ignored a rule because it couldn't be parsed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied. (Windows 10)
|
||||
description: Describes security event 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4954(S): Windows Firewall Group Policy settings have changed. The new settings have been applied.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4956(S) Windows Firewall has changed the active profile. (Windows 10)
|
||||
description: Describes security event 4956(S) Windows Firewall has changed the active profile.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4956(S): Windows Firewall has changed the active profile.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4957(F) Windows Firewall did not apply the following rule. (Windows 10)
|
||||
description: Describes security event 4957(F) Windows Firewall didn't apply the following rule.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4957(F): Windows Firewall did not apply the following rule.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4958(F) Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer. (Windows 10)
|
||||
description: Describes security event 4958(F) Windows Firewall didn't apply the following rule because the rule referred to items not configured on this computer.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4958(F): Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4964(S) Special groups have been assigned to a new logon. (Windows 10)
|
||||
description: Describes security event 4964(S) Special groups have been assigned to a new logon.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4964(S): Special groups have been assigned to a new logon.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 4985(S) The state of a transaction has changed. (Windows 10)
|
||||
description: Describes security event 4985(S) The state of a transaction has changed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 4985(S): The state of a transaction has changed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5024(S) The Windows Firewall Service has started successfully. (Windows 10)
|
||||
description: Describes security event 5024(S) The Windows Firewall Service has started successfully.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5024(S): The Windows Firewall Service has started successfully.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5025(S) The Windows Firewall Service has been stopped. (Windows 10)
|
||||
description: Describes security event 5025(S) The Windows Firewall Service has been stopped.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5025(S): The Windows Firewall Service has been stopped.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. (Windows 10)
|
||||
description: Details on security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5027(F): The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy. (Windows 10)
|
||||
description: Describes security event 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5028(F): The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy. (Windows 10)
|
||||
description: Describes security event 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5029(F): The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5030(F) The Windows Firewall Service failed to start. (Windows 10)
|
||||
description: Describes security event 5030(F) The Windows Firewall Service failed to start.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5030(F): The Windows Firewall Service failed to start.
|
||||
|
||||
@ -5,13 +5,13 @@ manager: aaroncz
|
||||
ms.author: vinpa
|
||||
description: Describes security event 5031(F) The Windows Firewall Service blocked an application from accepting incoming connections on the network.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
author: vinaypamnani-msft
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5031(F): The Windows Firewall Service blocked an application from accepting incoming connections on the network.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. (Windows 10)
|
||||
description: Describes security event 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5032(F): Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5033(S) The Windows Firewall Driver has started successfully. (Windows 10)
|
||||
description: Describes security event 5033(S) The Windows Firewall Driver has started successfully.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5033(S): The Windows Firewall Driver has started successfully.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5034(S) The Windows Firewall Driver was stopped. (Windows 10)
|
||||
description: Describes security event 5034(S) The Windows Firewall Driver was stopped.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5034(S): The Windows Firewall Driver was stopped.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5035(F) The Windows Firewall Driver failed to start. (Windows 10)
|
||||
description: Describes security event 5035(F) The Windows Firewall Driver failed to start.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5035(F): The Windows Firewall Driver failed to start.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating. (Windows 10)
|
||||
description: Describes security event 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5037(F): The Windows Firewall Driver detected critical runtime error. Terminating.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5038(F) Code integrity determined that the image hash of a file is not valid. (Windows 10)
|
||||
description: Describes security event 5038(F) Code integrity determined that the image hash of a file isn't valid.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5038(F): Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5039(-) A registry key was virtualized. (Windows 10)
|
||||
description: Describes security event 5039(-) A registry key was virtualized. This event is generated when a registry key is virtualized using LUAFV.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5039(-): A registry key was virtualized.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5051(-) A file was virtualized. (Windows 10)
|
||||
description: Describes security event 5051(-) A file was virtualized. This event is generated when a file is virtualized using LUAFV.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5051(-): A file was virtualized.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5056(S) A cryptographic self-test was performed. (Windows 10)
|
||||
description: Describes security event 5056(S) A cryptographic self-test was performed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5056(S): A cryptographic self-test was performed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5057(F) A cryptographic primitive operation failed. (Windows 10)
|
||||
description: Describes security event 5057(F) A cryptographic primitive operation failed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5057(F): A cryptographic primitive operation failed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 5058(S, F) Key file operation. (Windows 10)
|
||||
description: Describes security event 5058(S, F) Key file operation. This event is generated when an operation is performed on a file that contains a KSP key.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 5058(S, F): Key file operation.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6407(-) 1%. (Windows 10)
|
||||
description: Describes security event 6407(-) 1%. This event is a BranchCache event, which is outside the scope of this document.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6407(-): 1%.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2. (Windows 10)
|
||||
description: Describes security event 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6408(-): Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6409(-) BranchCache A service connection point object could not be parsed. (Windows 10)
|
||||
description: Describes security event 6409(-) BranchCache A service connection point object could not be parsed.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6409(-): BranchCache: A service connection point object could not be parsed.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process. (Windows 10)
|
||||
description: Describes security event 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6410(F): Code integrity determined that a file does not meet the security requirements to load into a process.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6416(S) A new external device was recognized by the System. (Windows 10)
|
||||
description: Describes security event 6416(S) A new external device was recognized by the System.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6416(S): A new external device was recognized by the System.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6419(S) A request was made to disable a device. (Windows 10)
|
||||
description: Describes security event 6419(S) A request was made to disable a device.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6419(S): A request was made to disable a device.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6420(S) A device was disabled. (Windows 10)
|
||||
description: Describes security event 6420(S) A device was disabled. This event is generated when a specific device is disabled.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6420(S): A device was disabled.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6421(S) A request was made to enable a device. (Windows 10)
|
||||
description: Describes security event 6421(S) A request was made to enable a device.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6421(S): A request was made to enable a device.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6422(S) A device was enabled. (Windows 10)
|
||||
description: Describes security event 6422(S) A device was enabled. This event is generated when a specific device is enabled.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6422(S): A device was enabled.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6423(S) The installation of this device is forbidden by system policy. (Windows 10)
|
||||
description: Describes security event 6423(S) The installation of this device is forbidden by system policy.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6423(S): The installation of this device is forbidden by system policy.
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: 6424(S) The installation of this device was allowed, after having previously been forbidden by policy. (Windows 10)
|
||||
description: Describes security event 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: none
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# 6424(S): The installation of this device was allowed, after having previously been forbidden by policy.
|
||||
|
||||
@ -4,7 +4,7 @@ description: The policy setting, File System (Global Object Access Auditing), en
|
||||
ms.assetid: 4f215d61-0e23-46e4-9e58-08511105d25b
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# File System (Global Object Access Auditing)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: How to get a list of XML data name elements in <EventData> (Windows 10)
|
||||
description: This reference article for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in <EventData>.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# How to get a list of XML data name elements in EventData
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to use advanced security auditing options to monitor chan
|
||||
ms.assetid: 553f98a6-7606-4518-a3c5-347a33105130
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor central access policy and rule definitions
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to monitor changes to claim types that are associated wit
|
||||
ms.assetid: 426084da-4eef-44af-aeec-e7ab4d4e2439
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor claim types
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to monitor changes to resource attribute definitions when
|
||||
ms.assetid: aace34b0-123a-4b83-9e09-f269220e79de
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor resource attribute definitions
|
||||
|
||||
@ -4,7 +4,7 @@ description: Monitor changes to central access policies associated with files an
|
||||
ms.assetid: 2ea8fc23-b3ac-432f-87b0-6a16506e8eed
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor the central access policies associated with files and folders
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to monitor changes to the central access policies that ap
|
||||
ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor the central access policies that apply on a file server
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to use advanced security auditing options to monitor atte
|
||||
ms.assetid: 4944097b-320f-44c7-88ed-bf55946a358b
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor the resource attributes on files and folders
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how advanced security auditing options can be used to monitor
|
||||
ms.assetid: b0a9e4a5-b7ff-41c6-96ff-0228d4ba5da8
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor the use of removable storage devices
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn how to monitor user and device claims that are associated wit
|
||||
ms.assetid: 71796ea9-5fe4-4183-8475-805c3c1f319f
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Monitor user and device claims during sign-in
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: Other Events (Windows 10)
|
||||
description: Describes the Other Events auditing subcategory, which includes events that are generated automatically and enabled by default.
|
||||
ms.pagetype: security
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: medium
|
||||
@ -11,7 +11,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Other Events
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn to deploy an effective security audit policy in a network tha
|
||||
ms.assetid: 7428e1db-aba8-407b-a39e-509671e5a442
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Plan and deploy advanced security audit policies
|
||||
|
||||
@ -4,7 +4,7 @@ description: The Advanced Security Audit policy setting, Registry (Global Object
|
||||
ms.assetid: 953bb1c1-3f76-43be-ba17-4aed2304f578
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Registry (Global Object Access Auditing)
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn about security auditing features in Windows, and how your org
|
||||
ms.assetid: 2d9b8142-49bd-4a33-b246-3f0c2a5f32d4
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Security auditing
|
||||
|
||||
@ -4,7 +4,7 @@ description: Domain admins can set up advanced security audit options in Windows
|
||||
ms.assetid: 0d2c28ea-bdaf-47fd-bca2-a07dce5fed37
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Using advanced security auditing options to monitor dynamic access control objects
|
||||
|
||||
@ -4,7 +4,7 @@ description: The security log records each event as defined by the audit policie
|
||||
ms.assetid: 20DD2ACD-241A-45C5-A92F-4BE0D9F198B9
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# View the security event log
|
||||
|
||||
@ -4,7 +4,7 @@ description: This reference topic for the IT professional describes which versio
|
||||
ms.assetid: 87c71cc5-522d-4771-ac78-34a2a0825f31
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/09/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Which editions of Windows support advanced audit policy configuration
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Enable virtualization-based protection of code integrity
|
||||
description: This article explains the steps to opt in to using HVCI on Windows devices.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
ms.author: vinpa
|
||||
@ -12,7 +12,7 @@ ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 12/16/2021
|
||||
ms.reviewer:
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Enable virtualization-based protection of code integrity
|
||||
|
||||
@ -1,14 +1,14 @@
|
||||
---
|
||||
title: Windows Defender Application Control and virtualization-based code integrity
|
||||
description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with Windows Defender Application Control (WDAC).
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
ms.author: vinpa
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.custom: asr
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Windows Defender Application Control and virtualization-based protection of code integrity
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: Deployment guidelines for Windows Defender Device Guard (Windows 10)
|
||||
description: Plan your deployment of Hypervisor-Protected Code Integrity (also known as Memory Integrity). Learn about hardware requirements, deployment approaches, code signing and code integrity policies.
|
||||
keywords: virtualization, security, malware
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
@ -13,7 +13,7 @@ ms.topic: conceptual
|
||||
ms.date: 10/20/2017
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Baseline protections and other qualifications for virtualization-based protection of code integrity
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Configure the Group Policy settings for Microsoft Defender Application Guard (Windows)
|
||||
description: Learn about the available Group Policy settings for Microsoft Defender Application Guard.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -12,7 +12,7 @@ ms.date: 08/22/2022
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.custom: sasr
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Configure Microsoft Defender Application Guard policy settings
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Enable hardware-based isolation for Microsoft Edge (Windows)
|
||||
description: Learn about the Microsoft Defender Application Guard modes (Standalone or Enterprise-managed), and how to install Application Guard in your enterprise.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -12,7 +12,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.custom: asr
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Prepare to install Microsoft Defender Application Guard
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Microsoft Defender Application Guard Extension
|
||||
description: Learn about the Microsoft Defender Application Guard browser extension, which extends Application Guard's protection to more web browsers.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
ms.author: vinpa
|
||||
@ -9,7 +9,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.custom: asr
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Microsoft Defender Application Guard Extension
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Microsoft Defender Application Guard (Windows 10 or Windows 11)
|
||||
description: Learn about Microsoft Defender Application Guard and how it helps to combat malicious content and malware out on the Internet.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -12,7 +12,7 @@ ms.date: 09/09/2021
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.custom: asr
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Microsoft Defender Application Guard overview
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows)
|
||||
description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -11,7 +11,7 @@ ms.date: 09/28/2020
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
# Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
|
||||
**Applies to:**
|
||||
|
||||
@ -1,13 +1,13 @@
|
||||
---
|
||||
title: Microsoft Defender SmartScreen overview
|
||||
description: Learn how Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
author: vinaypamnani-msft
|
||||
ms.author: vinpa
|
||||
ms.localizationpriority: high
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
adobe-target: true
|
||||
---
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Set up and use Microsoft Defender SmartScreen on individual devices (Windows)
|
||||
description: Learn how employees can use Windows Security to set up Microsoft Defender SmartScreen. Microsoft Defender SmartScreen protects users from running malicious apps.
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -11,7 +11,7 @@ ms.date: 10/13/2017
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
ms.author: vinpa
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Set up and use Microsoft Defender SmartScreen on individual devices
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes best practices, security considerations, and more for the
|
||||
ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Access Credential Manager as a trusted caller
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, policy management,
|
||||
ms.assetid: f6767bc2-83d1-45f1-847c-54f5362db022
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 06/11/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Access this computer from the network - security policy setting
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
|
||||
ms.assetid: a4167bf4-27c3-4a9b-8ef0-04e3c6ec3aa4
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/16/2021
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Account lockout duration
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the Account Lockout Policy settings and links to informat
|
||||
ms.assetid: eb968c28-17c5-405f-b413-50728cb7b724
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 10/11/2018
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Account Lockout Policy
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
|
||||
ms.assetid: 4904bb40-a2bd-4fef-a102-260ba8d74e30
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 11/02/2018
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Account lockout threshold
|
||||
|
||||
@ -4,7 +4,7 @@ description: An overview of account policies in Windows and provides links to po
|
||||
ms.assetid: 711b3797-b87a-4cd9-a2e3-1f8ef18688fb
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Account Policies
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
|
||||
ms.assetid: 71a3bd48-1014-49e0-a936-bfe9433af23e
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/01/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Accounts: Administrator account status
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, management, and sec
|
||||
ms.assetid: 94c76f45-057c-4d80-8d01-033cf28ef2f7
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/10/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Accounts: Block Microsoft accounts
|
||||
|
||||
@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
|
||||
ms.assetid: 07e53fc5-b495-4d02-ab42-5b245d10d0ce
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Accounts: Guest account status - security policy setting
|
||||
|
||||
@ -4,7 +4,7 @@ description: Learn best practices, security considerations, and more for the pol
|
||||
ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Accounts: Limit local account use of blank passwords to console logon only
|
||||
|
||||
@ -4,7 +4,7 @@ description: This security policy reference topic for the IT professional descri
|
||||
ms.assetid: d21308eb-7c60-4e48-8747-62b8109844f9
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: m365-security
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
@ -15,7 +15,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: windows-sec
|
||||
ms.technology: itpro-security
|
||||
---
|
||||
|
||||
# Accounts: Rename administrator account
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user