This website requires JavaScript.
Explore
Help
Sign In
deepblue
/
windows-itpro-docs
Watch
1
Star
0
Fork
0
You've already forked windows-itpro-docs
mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced
2025-05-19 16:57:23 +00:00
Code
Issues
Actions
3
Packages
Projects
Releases
Wiki
Activity
windows-itpro-docs
/
windows
/
security
/
threat-protection
/
windows-defender-application-control
/
TOC.md
Jordan Geurten
3f47374149
Initial commit of recommended driver block policy
2020-10-16 10:00:24 -07:00
13 KiB
Raw
Blame
History
Application Control for Windows
WDAC and AppLocker Overview
WDAC and AppLocker Feature Availability
Virtualization-based code integrity
WDAC design guide
Plan for WDAC policy lifecycle management
Design your initial WDAC policy
Understand WDAC policy design decisions
Understand WDAC policy rules and file rules
Authorize apps deployed with a WDAC managed installer
Configure a WDAC managed installer
Authorize reputable apps with Intelligent Security Graph (ISG)
Use multiple WDAC policies
Microsoft recommended block rules
Microsoft recommended driver block rules
Create your initial WDAC policy
Example WDAC base policies
Policy creation for common WDAC usage scenarios
Create a WDAC policy for lightly-managed devices
Create a WDAC policy for fully-managed devices
Create a WDAC policy for fixed-workload devices
Windows Defender Application Control deployment guide
Audit WDAC policies
Merge WDAC policies
Enforce WDAC policies
Deploy WDAC policies using Group Policy
Deploy WDAC policies using Intune
Allow COM object registration
Use WDAC with .NET hardening
Manage packaged apps with WDAC
Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules
Use code signing to simplify application control for classic Windows applications
Optional: Use the WDAC Signing Portal in the Microsoft Store for Business
Optional: Create a code signing cert for WDAC
Deploy catalog files to support WDAC
Use signed policies to protect Windows Defender Application Control against tampering
Disable WDAC policies
LOB Win32 Apps on S Mode
Windows Defender Application Control operational guide
Understanding Application Control event IDs
Understanding Application Control event tags
Query WDAC events with Advanced hunting
AppLocker
Administer AppLocker
Maintain AppLocker policies
Edit an AppLocker policy
Test and update an AppLocker policy
Deploy AppLocker policies by using the enforce rules setting
Use the AppLocker Windows PowerShell cmdlets
Use AppLocker and Software Restriction Policies in the same domain
Optimize AppLocker performance
Monitor app usage with AppLocker
Manage packaged apps with AppLocker
Working with AppLocker rules
Create a rule that uses a file hash condition
Create a rule that uses a path condition
Create a rule that uses a publisher condition
Create AppLocker default rules
Add exceptions for an AppLocker rule
Create a rule for packaged apps
Delete an AppLocker rule
Edit AppLocker rules
Enable the DLL rule collection
Enforce AppLocker rules
Run the Automatically Generate Rules wizard
Working with AppLocker policies
Configure the Application Identity service
Configure an AppLocker policy for audit only
Configure an AppLocker policy for enforce rules
Display a custom URL message when users try to run a blocked app
Export an AppLocker policy from a GPO
Export an AppLocker policy to an XML file
Import an AppLocker policy from another computer
Import an AppLocker policy into a GPO
Add rules for packaged apps to existing AppLocker rule-set
Merge AppLocker policies by using Set-ApplockerPolicy
Merge AppLocker policies manually
Refresh an AppLocker policy
Test an AppLocker policy by using Test-AppLockerPolicy
AppLocker design guide
Understand AppLocker policy design decisions
Determine your application control objectives
Create a list of apps deployed to each business group
Document your app list
Select the types of rules to create
Document your AppLocker rules
Determine the Group Policy structure and rule enforcement
Understand AppLocker enforcement settings
Understand AppLocker rules and enforcement setting inheritance in Group Policy
Document the Group Policy structure and AppLocker rule enforcement
Plan for AppLocker policy management
AppLocker deployment guide
Understand the AppLocker policy deployment process
Requirements for Deploying AppLocker Policies
Use Software Restriction Policies and AppLocker policies
Create Your AppLocker policies
Create Your AppLocker rules
Deploy the AppLocker policy into production
Use a reference device to create and maintain AppLocker policies
Determine which apps are digitally signed on a reference device
Configure the AppLocker reference device
AppLocker technical reference
What Is AppLocker?
Requirements to use AppLocker
AppLocker policy use scenarios
How AppLocker works
Understanding AppLocker rule behavior
Understanding AppLocker rule exceptions
Understanding AppLocker rule collections
Understanding AppLocker allow and deny actions on rules
Understanding AppLocker rule condition types
Understanding the publisher rule condition in AppLocker
Understanding the path rule condition in AppLocker
Understanding the file hash rule condition in AppLocker
Understanding AppLocker default rules
Executable rules in AppLocker
Windows Installer rules in AppLocker
Script rules in AppLocker
DLL rules in AppLocker
Packaged apps and packaged app installer rules in AppLocker
AppLocker architecture and components
AppLocker processes and interactions
AppLocker functions
Security considerations for AppLocker
Tools to Use with AppLocker
Using Event Viewer with AppLocker
AppLocker Settings
