Category | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
admin | Active Users Ww | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/activity-reports/active-users-ww.md | Title: "Assess the Microsoft 365 Active Users report"--++ audience: Admin |
admin | About Exchange Online Admin Role | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/about-exchange-online-admin-role.md | Title: "About the Exchange Online admin role" f1.keywords: - NOCSH--++ audience: Admin |
admin | Add New Employee | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/add-new-employee.md | Title: "Add a new employee to Microsoft 365" f1.keywords: - NOCSH--++ audience: Admin |
admin | Admin Center Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/admin-center-overview.md | Title: "Microsoft 365 admin center - Overview" f1.keywords: - NOCSH--++ audience: Admin |
admin | Create Dns Records At 1 1 Internet | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-1-1-internet.md | Title: "Connect your DNS records at IONOS by 1&1 to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At 123 Reg Co Uk | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-123-reg-co-uk.md | Title: "Connect your DNS records at 123-reg.co.uk to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Aws | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-aws.md | Title: "Connect your DNS records at Amazon Web Services (AWS) to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Cloudflare | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-cloudflare.md | Title: "Connect your DNS records at Cloudflare to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Godaddy | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-godaddy.md | Title: "Connect your DNS records at GoDaddy to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Namecheap | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-namecheap.md | Title: "Connect your DNS records at Namecheap to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Network Solutions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-network-solutions.md | Title: "Connect your DNS records at Network Solutions to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Ovh | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-ovh.md | Title: "Connect your DNS records at OVH to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Web Com | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-web-com.md | Title: "Connect your DNS records at web.com to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Wix | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-at-wix.md | Title: "Connect your DNS records at Wix to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records Using Windows Based Dns | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/create-dns-records-using-windows-based-dns.md | Title: "Create DNS records for Microsoft using Windows-based DNS" f1.keywords: - NOCSH--++ audience: Admin |
admin | Update Dns Records To Retain Current Hosting Provider | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/dns/update-dns-records-to-retain-current-hosting-provider.md | Title: "Update DNS records to keep your website with your current hosting provider" f1.keywords: - NOCSH--++ audience: Admin |
admin | Change Email Address | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/change-email-address.md | Title: "Change your email address to use your custom domain" f1.keywords: - NOCSH--++ audience: Admin |
admin | Buy A Domain Name | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/buy-a-domain-name.md | Title: "Buy a domain name" f1.keywords: - NOCSH--++ audience: Admin |
admin | Change Nameservers At Any Domain Registrar | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/change-nameservers-at-any-domain-registrar.md | Title: "Change nameservers to set up Microsoft 365 with any domain registrar" f1.keywords: - CSH--++ audience: Admin |
admin | Create Dns Records At Any Dns Hosting Provider | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider.md | Title: "Add DNS records to connect your domain" f1.keywords: - CSH--++ audience: Admin |
admin | Dns Basics | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/dns-basics.md | Title: "DNS basics" f1.keywords: - NOCSH--++ audience: Admin |
admin | Domain Connect | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/domain-connect.md | Title: "Using Domain Connect" f1.keywords: - NOCSH--++ audience: Admin |
admin | Find And Fix Issues | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/find-and-fix-issues.md | Title: "Find and fix issues after adding your domain or DNS records" f1.keywords: - NOCSH--++ audience: Admin |
admin | Find Your Domain Registrar | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/find-your-domain-registrar.md | Title: "Find your domain registrar" f1.keywords: - CSH--++ audience: Admin |
admin | Information For Dns Records | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/information-for-dns-records.md | Title: "Gather the information you need to create DNS records" f1.keywords: - NOCSH--++ audience: Admin |
admin | Remove A Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/remove-a-domain.md | Title: "Remove a domain" f1.keywords: - NOCSH--++ audience: Admin |
admin | Transfer A Domain From Microsoft To Another Host | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/transfer-a-domain-from-microsoft-to-another-host.md | Title: "Transfer a domain from Microsoft to another host" f1.keywords: - NOCSH--++ audience: Admin |
admin | Transfer Data Manually | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/transfer-data-manually.md | Title: "Transfer data manually between two accounts" f1.keywords: - NOCSH--++ audience: Admin |
admin | What Is A Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/what-is-a-domain.md | Title: "What is a domain?" f1.keywords: - CSH--++ audience: Admin |
admin | Manage Industry News | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/manage-industry-news.md | Title: "Manage Industry news" f1.keywords: - NOCSH--++ audience: Admin |
admin | Manage Microsoft Rewards | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/manage-microsoft-rewards.md | Title: "Manage Microsoft Rewards" f1.keywords: - CSH--++ audience: Admin |
admin | Servicenow Aad Oauth Token | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/servicenow-aad-oauth-token.md | Title: "Configure Microsoft 365 support integration with Azure AD Auth Token" f1.keywords: - NOCSH--++ audience: Admin These prerequisites are necessary to set up the Microsoft 365 support integratio - OIDC Metadata URL: `https://login.microsoftonline.com/{microsoft-365-tenant-name}/.well-known/openid-configuration` - - UserClaim: **appId** + - UserClaim: **appid** - UserField: **User ID** |
admin | Servicenow Basic Authentication | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/servicenow-basic-authentication.md | Title: "Configure support integration with ServiceNow - Basic Authentication" f1.keywords: - NOCSH--++ audience: Admin These steps are required to set up the integration between your ServiceNow insta The Microsoft 365 support integration app will execute tests to ensure the integration is working. If there is a problem with the configuration, an error message will explain what needs to be fixed. Otherwise, the application is ready. :::image type="content" source="../../media/ServiceNow-guide/snowbasic-9.png" lightbox="../../media/ServiceNow-guide/snowbasic-9.png" alt-text="Graphical user interface, text, application, email Description automatically generated"::: +1. \[ServiceNow Admin\] Enable Microsoft support integration for an existing user. ++ Microsoft 365 support integration is enabled for the user with one of these roles: ++ - x\_mioms\_m365\_assis.insights\_user ++ - x\_mioms\_m365\_assis.administrator + 1. \[OPTIONAL\] [The user with role x_mioms_m365_assis.administrator link] Link Microsoft 365 Admin account.+ If any user has the role x_mioms_m365_assis.administrator and is using different Microsoft 365 accounts to manage a Microsoft 365 support case, they must go to Microsoft 365 support > Link Account to set up their Microsoft 365 admin email.+ :::image type="content" source="../../media/ServiceNow-guide/ServiceNow-guide-image21.png" alt-text="Graphical user interface, text, application Description automatically generated"::: |
admin | Servicenow Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/servicenow-overview.md | Title: "Microsoft 365 support integration with ServiceNow configuration overview" f1.keywords: - NOCSH--++ audience: Admin |
admin | Servicenow Testing The Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/servicenow-testing-the-configuration.md | Title: "Testing the ServiceNow configuration" f1.keywords: - NOCSH--++ audience: Admin |
admin | Servicenow Troubleshooting | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/servicenow-troubleshooting.md | Title: "Troubleshooting Microsoft 365 support integration with ServiceNow" f1.keywords: - NOCSH--++ audience: Admin |
admin | Become The Admin | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/become-the-admin.md | Title: "Perform an internal admin takeover" f1.keywords: - CSH--++ audience: Admin |
admin | Icann Verification Of Contact Information | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/icann-verification-of-contact-information.md | Title: "ICANN Verification of Contact Information" f1.keywords: - NOCSH--++ audience: Admin |
admin | Mailbox Not Found Error | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/mailbox-not-found-error.md | Title: "Getting a mailbox not found error in Outlook on the web" f1.keywords: - CSH--++ audience: Admin |
admin | Move A Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/move-a-domain.md | Title: "Move a domain verified in an unmanaged account" f1.keywords: - CSH--++ audience: Admin |
admin | Move Email And Data To Office 365 Business Premium | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/move-email-and-data-to-office-365-business-premium.md | Title: "Move email and data to Microsoft 365 Business Standard" f1.keywords: - NOCSH--++ audience: Admin |
admin | Pilot Microsoft 365 From My Custom Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/pilot-microsoft-365-from-my-custom-domain.md | Title: "Pilot Microsoft 365 from my custom domain" f1.keywords: - CSH--++ audience: Admin |
admin | Remove A Domain From Another Account | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/remove-a-domain-from-another-account.md | Title: "Remove a domain from another account" f1.keywords: - CSH--++ audience: Admin |
admin | Set Up Dns Records Vsb | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/set-up-dns-records-vsb.md | Title: "Connect your domain to Microsoft 365" f1.keywords: - CSH--++ audience: Admin |
admin | Sign Up For Online Services | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/sign-up-for-online-services.md | Title: "Your domain may be in use if someone else in your organization signed up with it" f1.keywords: - NOCSH--++ audience: Admin |
admin | Sign Up With A Personal Email Address | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/sign-up-with-a-personal-email-address.md | Title: "Signing up for Office 365 with a personal email address" f1.keywords: - NOCSH--++ audience: Admin |
admin | Apps Health | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/apps-health.md | Title: "Microsoft Productivity Score - Microsoft 365 apps health" f1.keywords: - NOCSH--++ audience: Admin |
admin | Communication | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/communication.md | Title: "Microsoft Productivity Score - Communication" f1.keywords: - NOCSH--++ audience: Admin |
admin | Content Collaboration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/content-collaboration.md | Title: "Microsoft Productivity Score - Content collaboration" f1.keywords: - NOCSH--++ audience: Admin |
admin | Meetings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/meetings.md | Title: "Microsoft Productivity Score - Meetings" f1.keywords: - NOCSH--++ audience: Admin |
admin | Mobility | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/mobility.md | Title: "Microsoft Productivity Score - Mobility" f1.keywords: - NOCSH--++ audience: Admin |
admin | Privacy | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/privacy.md | Title: "Microsoft Productivity Score - Privacy" f1.keywords: - NOCSH--++ audience: Admin |
admin | Productivity Score | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/productivity-score.md | Title: "Microsoft Productivity Score" f1.keywords: - NOCSH--++ audience: Admin |
admin | Teamwork | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/teamwork.md | Title: "Microsoft Productivity Score - Teamwork" f1.keywords: - NOCSH--++ audience: Admin |
admin | Gdpr Compliance | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/security-and-compliance/gdpr-compliance.md | Title: "GDPR simplified A guide for your small business" f1.keywords: - NOCSH--++ audience: Admin |
admin | Create Dns Records When You Manage Your Dns Records | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/services-in-china/create-dns-records-when-you-manage-your-dns-records.md | Title: "Create DNS records for Office 365 when you manage your DNS records" f1.keywords: - CSH--++ audience: Admin |
admin | Purpose Of Cname | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/services-in-china/purpose-of-cname.md | Title: "What's the purpose of the Office 365 CNAME record for MSOID?" f1.keywords: - NOCSH--++ audience: Admin |
admin | Add Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/add-domain.md | Title: "Add a domain to Microsoft 365" f1.keywords: - NOCSH--++ audience: Admin |
admin | Install Applications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/install-applications.md | Title: "Install Office applications" f1.keywords: - NOCSH--++ audience: Admin |
compliance | Create Ediscovery Holds | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-ediscovery-holds.md | The following table lists the limits for eDiscovery cases and case holds. | Description of limit | Limit | |:--|:--| |Maximum number of cases for an organization. <br/> |No limit <br/> |- |Maximum number of eDiscovery holds for an organization. <br/> |10,000 <br/> | + |Maximum number of eDiscovery hold policies for an organization. <br/> |10,000 <br/> | |Maximum number of mailboxes in a single eDiscovery hold. This limit includes the combined total of user mailboxes, and the mailboxes associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> |1,000 <br/> | |Maximum number of sites in a single eDiscovery hold. This limit includes the combined total of OneDrive for Business sites, SharePoint sites, and the sites associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> |100 <br/> | |Maximum number of cases displayed on the eDiscovery home page, and the maximum number of items displayed on the Holds, Searches, and Export tabs within a case. <sup>1</sup> |1,000| |
compliance | Dlp Policy Tips Reference | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-policy-tips-reference.md | DLP policy tips in Outlook Web Access is supported for all the conditions, excep **Conditions:** -- Sender Is-- Sender Domain Is - Recipient is a member of - Header contains words or phrases - Header matches patterns-- Document size equals or is greater than - Message type is-- Message importance is - Content character set contains words-- Subject or body contains words or phrases-- Subject or body matches patterns-- Content character set contains words-- Content is received from - Has sender overridden the policy tip - Message size equals or is greater than - Sender AD attribute contains words or phrases - Sender AD attribute matches patterns+- Sender IP ranges +- Recipient AD attribute contains words or phrases +- Recipient AD attribute matches patterns +- Document name contains words or phrases +- Document name matches patterns - Document content contains words or phrases - Document content matches patterns |
compliance | Sensitive Information Type Learn About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-learn-about.md | Microsoft provides a large number of pre-configured SITs or you can create your - [Retention labels](retention.md) - [Insider risk management](insider-risk-management.md) - [Communication compliance](communication-compliance.md)-- [Inside risk management](insider-risk-management-solution-overview.md) - [Auto-labelling policies](apply-sensitivity-label-automatically.md#how-to-configure-auto-labeling-for-office-apps) - [Microsoft Priva](/privacy/priva) |
contentunderstanding | Document Understanding Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/document-understanding-overview.md | Document understanding models support the following file types: ### Supported languages Document understanding models support the following languages:+- English - French - German - Italian |
security | Device Discovery Faq | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-discovery-faq.md | As device discovery uses passive methods to discover devices in the network, any Devices will actively be probed when changes in device characteristics are observed to make sure the existing information is up-to-date (typically, devices probed no more than once in a three-week period) -## My security tool raised alert on UnicastScanner.ps1 or port scanning activity initiated by it, what should I do? +## My security tool raised alert on UnicastScanner.ps1 / PSScript_{GUID}.ps1 or port scanning activity initiated by it, what should I do? The active probing scripts are signed by Microsoft and are safe. You can add the following path to your exclusion list: `C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Downloads\*.ps1` |
security | Indicator File | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/indicator-file.md | This feature is designed to prevent suspected malware (or potentially malicious 2. Select the **File hashes** tab. -3. Select **Add indicator**. +3. Select **Add item**. 4. Specify the following details: - Indicator - Specify the entity details and define the expiration of the indicator. |
security | Ios Configure Features | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ios-configure-features.md | Microsoft Defender for Endpoint has the capability of detecting unmanaged and ma ## Web Protection and VPN -By default, Defender for Endpoint on iOS includes and enables the web protection feature. [Web protection](web-protection-overview.md) helps to secure devices against web threats and protect users from phishing attacks. Defender for Endpoint on iOS uses a VPN in order to provide this protection. Please note this is a local VPN and unlike traditional VPN, network traffic is not sent outside the device. +By default, Defender for Endpoint on iOS includes and enables the web protection feature. [Web protection](web-protection-overview.md) helps to secure devices against web threats and protect users from phishing attacks. Note that Anti-phishing and custom indicators (URL and IP addresses) are supported as part of Web Protection. Web Content Filtering is currently not supported on iOS. ++Defender for Endpoint on iOS uses a VPN in order to provide this capability. Please note this is a local VPN and unlike traditional VPN, network traffic is not sent outside the device. While enabled by default, there might be some cases that require you to disable VPN. For example, you want to run some apps that do not work when a VPN is configured. In such cases, you can choose to disable VPN from the app on the device by following the steps below: |
security | Ios Install | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ios-install.md | This step simplifies the onboarding process by setting up the VPN profile. For a > [!IMPORTANT] > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. +> [!NOTE] +> Zero-touch cannot be configured on iOS devices that are enrolled without user affinity (user-less devices or shared devices). Admins can configure Microsoft Defender for Endpoint to deploy and activate silently. In this flow, the administrator creates a deployment profile and the user is simply notified of the installation. Defender for Endpoint is automatically installed without the need for the user to open the app. Follow the steps below to setup zero-touch or silent deployment of Defender for Endpoint on enrolled iOS devices: |
security | Live Response Command Examples | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/live-response-command-examples.md | registry HKEY_CURRENT_USER\Console ``` ```console-# Show information about a specific registry value +# Show information about a specific registry value (the double backslash \\ indicates a registry value versus key) registry HKEY_CURRENT_USER\Console\\ScreenBufferSize ``` remediate file c:\Users\user\Desktop\malware.exe remediate process 7960 ``` +```console +# Remediate a registry value (the double backslash \\ indicates a registry value versus key) +remediate registry HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SPStartup +``` + ```console # See list of all remediated entities remediate list |
security | Live Response | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/live-response.md | - + Title: Investigate entities on devices using live response in Microsoft Defender for Endpoint description: Access a device using a secure remote shell connection to do investigative work and take immediate response actions on a device in real time. keywords: remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file, For scenarios when you'd like get a file from a device you're investigating, you > The following file size limits apply: > > - `getfile` limit: 3 GB-> - `fileinfo` limit: 10 GB +> - `fileinfo` limit: 30 GB > - `library` limit: 250 MB ### Download a file in the background Select the **Command log** tab to see the commands used on the device during a s - Live response sessions are limited to 25 live response sessions at a time. - Live response session inactive timeout value is 30 minutes.+- Individual live response commands have a time limit of 10 minutes, with the exception of `getfile`, `findfile`, and `run`, which have a limit of 30 minutes. - A user can initiate up to 10 concurrent sessions. - A device can only be in one session at a time. - The following file size limits apply: Select the **Command log** tab to see the commands used on the device during a s ## Related article -- [Live response command examples](live-response-command-examples.md)+- [Live response command examples](live-response-command-examples.md) |
security | Schedule Antivirus Scans | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/schedule-antivirus-scans.md | ms.localizationpriority: medium Previously updated : 10/18/2021- Last updated : 02/22/2022+ ms.technology: mde In addition to always-on, real-time protection and [on-demand antivirus](run-sca When you set up scheduled scans, you can specify whether the scan should be a full or quick scan. In most cases, a quick scan is recommended. -<br> --**** +<br/><br/> |Quick scan|Full scan|Custom scan| ||||-|(Recommended) A quick scan looks at all the locations where there could be malware registered to start with the system, such as registry keys and known Windows startup folders. <p> Combined with always-on, real-time protection, which reviews files when they are opened and closed, and whenever a user navigates to a folder, a quick scan helps provide strong protection against malware that starts with the system and kernel-level malware. <p> In most cases, a quick scan is sufficient and is the recommended option for scheduled scans.|A full scan starts by running a quick scan and then continues with a sequential file scan of all mounted fixed disks and removable/network drives (if the full scan is configured to do so). <p> A full scan can take a few hours or days to complete, depending on the amount and type of data that needs to be scanned. <p> When the full scan is complete, new security intelligence is available, and a new scan is then required to make sure that no other threats are detected with the new security intelligence. <p> Because of the time and resources involved in a full scan, in general, Microsoft does not recommend scheduling full scans.|A custom scan is a quick scan that runs on the files and folders you specify. For example, you can opt to scan a USB drive, or a specific folder on your device's local drive.| -| +|(Recommended) A quick scan looks at all the locations where there could be malware registered to start with the system, such as registry keys and known Windows startup folders. <br/><br/>Combined with always-on, real-time protection, which reviews files when they are opened and closed, and whenever a user navigates to a folder, a quick scan helps provide strong protection against malware that starts with the system and kernel-level malware.<br/><br/>In most cases, a quick scan is sufficient and is the recommended option for scheduled scans.|A full scan starts by running a quick scan and then continues with a sequential file scan of all mounted fixed disks and removable/network drives (if the full scan is configured to do so).<br/><br/>A full scan can take a few hours or days to complete, depending on the amount and type of data that needs to be scanned.<br/><br/>When the full scan is complete, new security intelligence is available, and a new scan is then required to make sure that no other threats are detected with the new security intelligence.<br/><br/>Because of the time and resources involved in a full scan, in general, Microsoft does not recommend scheduling full scans.|A custom scan runs on files and folders that you specify. For example, you can choose to scan a USB drive, or a specific folder on your device's local drive.| > [!NOTE] > By default, quick scans run on mounted removable devices, such as USB drives. When you set up scheduled scans, you can specify whether the scan should be a fu ## How do I know which scan type to choose? Use the following table to choose a scan type.--<br> --**** +<br/><br/> |Scenario|Recommended scan type| ||| Use the following table to choose a scan type. |Threats, such as malware, are detected on an individual device|Quick scan <p> In most cases, a quick scan will catch and clean up detected malware.| |You want to run an [on-demand scan](run-scan-microsoft-defender-antivirus.md)|Quick scan| |You want to make sure a portable device, such as a USB drive, does not contain malware|Custom scan <p> A custom scan enables you to select specific locations, folders, or files, and runs a quick scan.|-| ## What else do I need to know about quick and full scans? |
security | User Roles | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/user-roles.md | The following steps guide you on how to create roles in Microsoft 365 Defender. > [!NOTE] > This setting is only available in the Microsoft Defender for Endpoint administrator (default) role. -- **Manage security settings in Defender for Cloud** - Configure alert suppression settings, manage folder exclusions for automation, onboard and offboard devices, and manage email notifications, manage evaluation lab+- **Manage security settings in Security Center** - Configure alert suppression settings, manage folder exclusions for automation, onboard and offboard devices, manage email notifications, and manage evaluation lab - **Live response capabilities** - **Basic** commands: |
security | Office 365 Ti | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/office-365-ti.md | Use [Explorer (and real-time detections)](threat-explorer.md) to analyze threats To view and use this report in the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Email & collaboration** \> **Explorer**. Or, to go directly to the **Explorer** page, use <https://security.microsoft.com/threatexplorer>. +## Office 365 Threat Intelligence connection ++This feature is only available if you have an active Office 365 E5 subscription or the Threat Intelligence add-on. For more information, see the Office 365 Enterprise E5 product page. ++When you turn on this feature, you'll be able to incorporate data from Microsoft Defender for Office 365 into Microsoft 365 Defender to conduct a comprehensive security investigation across Office 365 mailboxes and Windows devices. ++> [!NOTE] +> You'll need to have the appropriate license to enable this feature. ++To receive contextual device integration in Office 365 Threat Intelligence, you'll need to enable the Defender for Endpoint settings in the Security & Compliance dashboard. + ### Incidents Use the Incidents list (this is also called Investigations) to see a list of in flight security incidents. Incidents are used to track threats such as suspicious email messages, and to conduct further investigation and remediation. |
security | Use Dkim To Validate Outbound Email | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-dkim-to-validate-outbound-email.md | Step 1: Click on the domain you wish to configure DKIM on DKIM page (https://sec ![DKIM page in the Microsoft 365 Defender portal with a domain selected.](../../media/126996261-2d331ec1-fc83-4a9d-a014-bd7e1854eb07.png) -Step 2: Click on Create DKIM keys. +Step 2: Slide the toggle to **Enable**. You will see a pop-up window stating that you need to add CNAME records. -![Domain details flyout with the Create DKIM keys button.](../../media/127001645-4ccf89e6-6310-4a91-85d6-aaedbfd501d3.png) +![Slide the toggle to Enabled to enable DKIM.](../../media/126995186-9b3fdefa-a3a9-4f5a-9304-1099a2ce7cef.png) Step 3: Copy the CNAMES shown in the pop up window -![Publish CNAMEs pop up window that contains the two CNAME records to copy.](../../media/127001787-3cce2c29-e0e4-4712-af53-c51dcba33c46.png) - Step 4: Publish the copied CNAME records to your DNS service provider. On your DNS provider's website, add CNAME records for DKIM that you want to enable. Make sure that the fields are set to the following values for each: Next, see [**Use DMARC to validate email**](use-dmarc-to-validate-email.md). [An **This test will validate** that the DKIM signing configuration has been configured correctly, and that the proper DNS entries have been published. +> [!NOTE] +> This feature requires a Microsoft 365 administrator account. This feature isn't available for Microsoft 365 Government, Microsoft 365 operated by 21Vianet, or Microsoft 365 Germany. + <div class="nextstepaction"> <p><a href="https://admin.microsoft.com/AdminPortal/?searchSolutions=DKIM#/homepage" data-linktype="external">Run Tests: DKIM</a></p> </div> |