mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-25 11:47:23 +00:00
39 KiB
39 KiB
Keep Windows 10 secure
Change history for Keep Windows 10 secure
Block untrusted fonts in an enterprise)
Device Guard certification and compliance
Get apps to run on Device Guard-protected devices
Create a Device Guard code integrity policy based on a reference device
Manage identity verification using Microsoft Passport
Implement Microsoft Passport in your organization
Why a PIN is better than a password
Prepare people to use Microsoft Passport
Microsoft Passport and password changes
Microsoft Passport errors during PIN creation
Event ID 300 - Passport successfully created
Windows Hello biometrics in the enterprise)
Configure S/MIME for Windows 10 and Windows 10 Mobile
Install digital certificates on Windows 10 Mobile
Protect derived domain credentials with Credential Guard
Protect your enterprise data using enterprise data protection (EDP))
Create an enterprise data protection (EDP) policy)
Create an enterprise data protection (EDP) policy using Microsoft Intune)
Add multiple apps to your enterprise data protection (EDP) Protected Apps list)
Deploy your enterprise data protection (EDP) policy)
Create and deploy a VPN policy for enterprise data protection (EDP) using Microsoft Intune)
Create and deploy an enterprise data protection (EDP) policy using System Center Configuration Manager)
General guidance and best practices for enterprise data protection (EDP))
Enlightened apps for use with enterprise data protection (EDP))
Testing scenarios for enterprise data protection (EDP))
Use Windows Event Forwarding to help with intrusion detection
VPN profile options
Security technologies
AppLocker
Administer AppLocker
Maintain AppLocker policies
Edit an AppLocker policy
Test and update an AppLocker policy
Deploy AppLocker policies by using the enforce rules setting
Use the AppLocker Windows PowerShell cmdlets
Use AppLocker and Software Restriction Policies in the same domain
Optimize AppLocker performance
Monitor app usage with AppLocker
Manage packaged apps with AppLocker
Working with AppLocker rules
Create a rule that uses a file hash condition
Create a rule that uses a path condition
Create a rule that uses a publisher condition
Create AppLocker default rules
Add exceptions for an AppLocker rule
Create a rule for packaged apps
Delete an AppLocker rule
Edit AppLocker rules
Enable the DLL rule collection
Enforce AppLocker rules
Run the Automatically Generate Rules wizard
Working with AppLocker policies
Configure the Application Identity service
Configure an AppLocker policy for audit only
Configure an AppLocker policy for enforce rules
Display a custom URL message when users try to run a blocked app
Export an AppLocker policy from a GPO
Export an AppLocker policy to an XML file
Import an AppLocker policy from another computer
Import an AppLocker policy into a GPO
Add rules for packaged apps to existing AppLocker rule-set
Merge AppLocker policies by using Set-ApplockerPolicy
Merge AppLocker policies manually
Refresh an AppLocker policy
Test an AppLocker policy by using Test-AppLockerPolicy
AppLocker design guide
Understand AppLocker policy design decisions
Determine your application control objectives
Create a list of apps deployed to each business group
Document your app list
Select the types of rules to create
Document your AppLocker rules
Determine the Group Policy structure and rule enforcement
Understand AppLocker enforcement settings
Understand AppLocker rules and enforcement setting inheritance in Group Policy
Document the Group Policy structure and AppLocker rule enforcement
Plan for AppLocker policy management
Document your application control management processes
Create your AppLocker planning document
AppLocker deployment guide
Understand the AppLocker policy deployment process
Requirements for Deploying AppLocker Policies
Use Software Restriction Policies and AppLocker policies
Create Your AppLocker policies
Create Your AppLocker rules
Deploy the AppLocker policy into production
Use a reference device to create and maintain AppLocker policies
####### Determine which apps are digitally signed on a reference device ####### Configure the AppLocker reference device
AppLocker technical reference
What Is AppLocker?
Requirements to use AppLocker
AppLocker policy use scenarios
How AppLocker works
Understanding AppLocker rule behavior
Understanding AppLocker rule exceptions
Understanding AppLocker rule collections
Understanding AppLocker allow and deny actions on rules
Understanding AppLocker rule condition types
####### Understanding the publisher rule condition in AppLocker ####### Understanding the path rule condition in AppLocker ####### Understanding the file hash rule condition in AppLocker
Understanding AppLocker default rules
####### Executable rules in AppLocker ####### Windows Installer rules in AppLocker ####### Script rules in AppLocker ####### DLL rules in AppLocker ####### Packaged apps and packaged app installer rules in AppLocker
AppLocker architecture and components
AppLocker processes and interactions
AppLocker functions
Security considerations for AppLocker
Tools to Use with AppLocker
Using Event Viewer with AppLocker
AppLocker Settings
BitLocker
BitLocker frequently asked questions (FAQ)
Prepare your organization for BitLocker: Planning and policies
BitLocker basic deployment
BitLocker: How to deploy on Windows Server 2012 and later
BitLocker: How to enable Network Unlock
BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker
BitLocker: Use BitLocker Recovery Password Viewer
BitLocker Group Policy settings
BCD settings and BitLocker
BitLocker Recovery Guide
Protect BitLocker from pre-boot attacks
Types of attacks for volume encryption keys
BitLocker Countermeasures
Choose the Right BitLocker Countermeasure
Protecting cluster shared volumes and storage area networks with BitLocker
Encrypted Hard Drive
Security auditing
Basic security audit policies
Create a basic audit policy for an event category
Apply a basic audit policy on a file or folder
View the security event log
Basic security audit policy settings
Audit account logon events
Audit account management
Audit directory service access
Audit logon events
Audit object access
Audit policy change
Audit privilege use
Audit process tracking
Audit system events
Advanced security audit policies
Planning and deploying advanced security audit policies
Advanced security auditing FAQ
Which editions of Windows support advanced audit policy configuration
Using advanced security auditing options to monitor dynamic access control objects
Monitor the central access policies that apply on a file server
Monitor the use of removable storage devices
Monitor resource attribute definitions
Monitor central access policy and rule definitions
Monitor user and device claims during sign-in
Monitor the resource attributes on files and folders
Monitor the central access policies associated with files and folders
Monitor claim types
Advanced security audit policy settings
Audit Credential Validation
Audit Kerberos Authentication Service
Audit Kerberos Service Ticket Operations
Audit Other Account Logon Events
Audit Application Group Management
Audit Computer Account Management
Audit Distribution Group Management
Audit Other Account Management Events
Audit Security Group Management
Audit User Account Management
Audit DPAPI Activity
Audit PNP Activity
Audit Process Creation
Audit Process Termination
Audit RPC Events
Audit Detailed Directory Service Replication
Audit Directory Service Access
Audit Directory Service Changes
Audit Directory Service Replication
Audit Account Lockout
Audit User/Device Claims
Audit Group Membership
Audit IPsec Extended Mode
Audit IPsec Main Mode
Audit IPsec Quick Mode
Audit Logoff
Audit Logon
Audit Network Policy Server
Audit Other Logon/Logoff Events
Audit Special Logon
Audit Application Generated
Audit Certification Services
Audit Detailed File Share
Audit File Share
Audit File System
Audit Filtering Platform Connection
Audit Filtering Platform Packet Drop
Audit Handle Manipulation
Audit Kernel Object
Audit Other Object Access Events
Audit Registry
Audit Removable Storage
Audit SAM
Audit Central Access Policy Staging
Audit Audit Policy Change
Audit Authentication Policy Change
Audit Authorization Policy Change
Audit Filtering Platform Policy Change
Audit MPSSVC Rule-Level Policy Change
Audit Other Policy Change Events
Audit Sensitive Privilege Use
Audit Non-Sensitive Privilege Use
Audit Other Privilege Use Events
Audit IPsec Driver
Audit Other System Events
Audit Security State Change
Audit Security System Extension
Audit System Integrity
Registry (Global Object Access Auditing)
File System (Global Object Access Auditing)
Security policy settings
Administer security policy settings
Network List Manager policies
Configure security policy settings
Security policy settings reference
Account Policies
Password Policy
####### Enforce password history ####### Maximum password age ####### Minimum password age ####### Minimum password length ####### Password must meet complexity requirements ####### Store passwords using reversible encryption
Account Lockout Policy
####### Account lockout duration ####### Account lockout threshold ####### Reset account lockout counter after
Kerberos Policy
####### Enforce user logon restrictions ####### Maximum lifetime for service ticket ####### Maximum lifetime for user ticket ####### Maximum lifetime for user ticket renewal ####### Maximum tolerance for computer clock synchronization