MD-101-Manage and protect devices Summary
Version vom 8. November 2019, 04:28 Uhr von Rladmin (Diskussion | Beiträge)
- Windows Defender features are managed through pwershell, gpos or intune
- Windows Defender Credential Guard requires Windows 10 Enterprise or Education and TPM and virtualization has to be enabled
- Windows Defender Exploit Guard
- Exploit Protection
- Attack Surface Reduction Rules
- Network Protection
- Controlled Folder Access
- Windows Defender Application Guard
- requirements like Credential Guard
- new browser windows in virtualized sandboxes
- Windows Defender Application Control to determine which apps are safe to run in the organization
- Threat Agent Status for monitoring Defender on enrolled devices
- Ways to enroll Windows devices
- Add a work or school account
- Enroll in MDM only (user-driven)
- Android and iOS devices can be enrolled by downloading the Company Portal app from the app store and signing in with the organsation account
- Enroll in MDM only (Device Enrollment Manager)
- Azure AD Join during OOBE
- Azure AD Join using Windows Autopilot
- Autopilot can be configured to be user-driven or self-deploying
- Azure AD Join using bulk enrollment
- Windows Analytics and Log Analytics require an Azure subscription