deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated to Links to be Locale Agnostic

Browse Source 
Updated links are located in windows/security/threat-protection/device-control/control-usb-devices-using-intune.md on lines 32 and 188
This commit is contained in:
Thomas Raya
2019-10-07 08:12:28 -07:00
committed by GitHub
parent 54ca656878
commit f9bf4352f1
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
View File

@ -29,7 +29,7 @@ Microsoft recommends [a layered approach to securing removable media](https://ak
- Windows Defender Antivirus real-time protection (RTP) to scan removable storage for malware. - Windows Defender Antivirus real-time protection (RTP) to scan removable storage for malware.
- The Attack Surface Reduction (ASR) USB rule to block untrusted and unsigned processes that run from USB. - The Attack Surface Reduction (ASR) USB rule to block untrusted and unsigned processes that run from USB.
- Direct Memory Access (DMA) protection settings to mitigate DMA attacks, including Kernel DMA Protection for Thunderbolt and blocking DMA until a user signs in. - Direct Memory Access (DMA) protection settings to mitigate DMA attacks, including Kernel DMA Protection for Thunderbolt and blocking DMA until a user signs in.
3. [Create customized alerts and response actions](#create-customized-alerts-and-response-actions) to monitor usage of removable devices based on these plug and play events or any other Microsoft Defender ATP events with [custom detection rules](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules). 3. [Create customized alerts and response actions](#create-customized-alerts-and-response-actions) to monitor usage of removable devices based on these plug and play events or any other Microsoft Defender ATP events with [custom detection rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules).
4. [Respond to threats](#respond-to-threats) from peripherals in real-time based on properties reported by each peripheral. 4. [Respond to threats](#respond-to-threats) from peripherals in real-time based on properties reported by each peripheral.
@ -185,7 +185,7 @@ Microsoft Defender ATP blocks installation and usage of prohibited peripherals b
### Limit services that use Bluetooth ### Limit services that use Bluetooth
Using Intune, you can limit the services that can use Bluetooth through the ["Bluetooth allowed services"](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-bluetooth#servicesallowedlist-usage-guide). The default state of "Bluetooth allowed services" settings means everything is allowed. As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and doesnt add the file transfer GUIDs, file transfer should be blocked. Using Intune, you can limit the services that can use Bluetooth through the ["Bluetooth allowed services"](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-bluetooth#servicesallowedlist-usage-guide). The default state of "Bluetooth allowed services" settings means everything is allowed. As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and doesnt add the file transfer GUIDs, file transfer should be blocked.
![Bluetooth](images/bluetooth.png) ![Bluetooth](images/bluetooth.png)