-2. Select **Upload custom apps**. Only a custom line of apps for Word, PowerPoint, Excel and Outlook is supported.

-> For Word, Excel and PowerPoint use a [SharePoint App Catalog](https://dev.office.com/docs/add-ins/publish/publish-task-pane-and-content-add-ins-to-an-add-in-catalog) to deploy add-ins to users in an on-premises environment with no connection to Microsoft 365 and/or support for SharePoint add-ins required. For Outlook use Exchange control panel to deploy in an on-premises environment without a connection to Microsoft 365.

-2. If you forgot your login password, you can use your login email address to reset the password. The Fapiao management system will send a new password to your email address. You can use the new password to login.

-

-

-

-

-

-> Auto-policies use service-side labeling with conditions to automatically apply retention labels to items. You can also automatically apply a retention label with a label policy when you do the following:

-The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see the permissions information for [records management](get-started-with-records-management.md#permissions) or [data lifeycle management](get-started-with-data-lifecycle-management.md#permissions-for-retention-policies-and-retention-labels), depending on the solution you're using.

-

- - **Solutions** > **Records management** > > **Label policies** tab > **Auto-apply a label**

-

- - **Solutions** > **Data lifeycle management** > **Label policies** tab > **Auto-apply a label**

-

-

- - If you chose **Adaptive**: On the **Choose adaptive policy scopes and locations** page, select **Add scopes** and select one or more adaptive scopes that have been created. Then, select one or more locations. The locations that you can select depend on the [scope types](retention-settings.md#configuration-information-for-adaptive-scopes) added. For example, if you only added a scope type of **User**, you will be able to select **Exchange email** but not **SharePoint sites**.

-

-

->

-

-```

-```

-The following query for SharePoint identifies documents that contain a credit card number:

-```

-```

-The following query contains typical keywords to help identify documents or emails for human resources:

-```

-Note that this final example uses the best practice of always including operators between keywords. A space between keywords (or two property:value expressions) is the same as using AND. By always adding operators, it's easier to see that this example query will identify only content that contains all these keywords, instead of content that contains any of the keywords. If your intention is to identify content that contains any of the keywords, specify OR instead of AND. As this example shows, when you always specify the operators, it's easier to correctly interpret the query.

-```

-```

-When you select a label to use for auto-applying retention labels for cloud attachments, make sure the label retention setting **Start the retention period based on** is **When items were labeled**.

- - SharePoint sites, pages, lists, forms, folders, document sets, and OneNote pages.

- - Files shared by users who don't have access to those files.

- - Files that are deleted or moved before the cloud attachment is sent. For example, a user copies and pastes a previously shared attachment from another message, without first confirming that the file is still available. Or, somebody forwards an old message when the file is now deleted.

- - Files that are shared by guests or users outside your organization.

- - Files in draft emails and messages that aren't sent.

- - Empty files.

-

-

-Classifiers are available to use as a condition for [Office auto-labeling with sensitivity labels](apply-sensitivity-label-automatically.md), [auto-apply retention label policy based on a condition](apply-retention-labels-automatically.md#configuring-conditions-for-auto-apply-retention-labels) and in [communication compliance](communication-compliance.md).

- > [!NOTE]

- > Source Code is trained to detect when the bulk of the text is source code. It does not detect source code text that is interspersed with plain text.

-These appear in the **Microsoft Purview compliance portal** > **Data classification** > **Trainable classifiers** view with the status of `Ready to use`.

-You start creating a custom trainable classifier by feeding it examples that are definitely in the category. Once it processes those examples, you test it by giving it a mix of both matching and non-matching examples. The classifier then makes predictions as to whether any given item falls into the category you're building. You then confirm its results, sorting out the true positives, true negatives, false positives, and false negatives to help increase the accuracy of its predictions.

-Assessment templates contain the controls and action recommendations for assessments, based on certifications for different privacy regulations and standards. Your organization's available templates may include one or more templates that were included as part of your licensing agreement, along with any additional premium templates that you have purchased.

-Each template, whether included or premium, exists in two versions: one for use with Microsoft 365 (or other Microsoft products as available), and a universal version that can be tailored to assess other products that you use. You can choose the appropriate template type for the product you want to assess.

-To learn more about templates, see [Working with assessment templates](compliance-manager-templates.md).

-A template is a framework of controls for creating an assessment in Compliance Manager. Our comprehensive set of templates can help your organization comply with national, regional, and industry-specific requirements governing the collection and use of data.

-We refer to templates by the same name as their underlying certification or regulation, such as the EU GDPR template and the ISO/IEC 27701:2019 template.

-Compliance Manger can be used to assess different types of products. All templates apart from the baseline come in at least one version that applies to a pre-defined product, such as Microsoft 365, and a universal version that can be tailored to suit other products. Assessments from universal templates are more generalized but offer expanded versatility, since they can help you easily track your organization's compliance across multiple products.

- - If there's a value for the **ExternalDirectoryObjectId** property, the mailbox retention period has expired, and you can recover the inactive mailbox by running the **New-Mailbox -InactiveMailbox** command.

-|

-|[Win 10 lab environment](https://download.microsoft.com/download/3/3/a/33a3c7d7-b393-4f78-9b90-2d5eb7fd98e8/Win10_21H1_lab.zip)|[Win 11 lab environment](https://download.microsoft.com/download/9/d/9/9d9e278e-a1ea-4704-85e1-cb24f3806f45/Win11_Lab_05.09.zip)|

-|[Win 10 lab guides](https://download.microsoft.com/download/2/9/9/29952cdb-b98d-4f9b-9d6e-9fb49644b0a0/Win10_21H1_Lab_05.12.zip)|[Win 11 lab guides](https://download.microsoft.com/download/9/d/9/9d9e278e-a1ea-4704-85e1-cb24f3806f45/Win11_Lab_Guides_05.09.zip)|

-|Windows 10 Enterprise, Version 21H1|Windows 11 Enterprise|

-> Please use a broadband internet connection to download this content and allow approximately 30 minutes for automatic provisioning. The lab environment requires a minimum of 16 GB of available memory and 150 GB of free disk space. For optimal performance, 32 GB of available memory and 300 GB of free space is recommended. The evaluation software in these labs expires 90-120 days after activation. New versions of the labs will be published in August, 2022.

-For this option, you must have at least two computers running at each office location that support the pre-requisites. OneDrive for Windows version must be up-to-date and installed on each computer. For more information on OneDrive versions, see the [OneDrive release notes](https://support.office.com/article/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0). Network measurements are planned to be added to other Office 365 client applications soon.

-You don't need to add locations in the Admin Center with this method as they're automatically identified at the city resolution. Multiple office locations within the same city won't be shown when using Windows Location Services. Location information is rounded to the nearest 300 meters by 300 meters so that more precise location information isn't accessed.

-Measurement samples and office locations should start to appear 24 hours after these pre-requisites have been met.

-For this option, neither Windows Location Services nor Wi-Fi is required. Your OneDrive for Windows version must be up-to-date and installed on at least one computer at the location.

-Test reports are linked to a location if it was added with LAN subnet information, otherwise they are shown at the city location only.

- [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/hardware-and-software-requirements-0) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)

- [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/SharePoint/install/software-boundaries-and-limits-0)

- [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/hardware-and-software-requirements-0) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)

- [SharePoint Server 2007](/previous-versions/office/sharepoint-2007-products-and-technologies/cc262787(v=office.12)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/SharePoint/install/software-boundaries-and-limits-0)

-> [!TIP]

-> - [Configure Microsoft Defender for Endpoint on iOS features](ios-configure-features.md)

-You can use this article to help clarify what protection is provided by the different features available in Defender for Endpoint Plan 1, Defender for Endpoint Plan 2 and the Defender Vulnerability Management add-on.

-| [Defender for Endpoint Plan 1](defender-endpoint-plan-1.md) | [Defender for Endpoint Plan 2](microsoft-defender-endpoint.md) | [Defender Vulnerability Management add-on](../defender-vulnerability-management/defender-vulnerability-management-capabilities.md)|

-|:|:|:|

-| [Next-generation protection](defender-endpoint-plan-1.md#next-generation-protection) <br/>(includes antimalware and antivirus) <p> [Attack surface reduction](defender-endpoint-plan-1.md#attack-surface-reduction) <p> [Manual response actions](defender-endpoint-plan-1.md#manual-response-actions) <p> [Centralized management](defender-endpoint-plan-1.md#centralized-management) <p>[Security reports](defender-endpoint-plan-1.md#reporting) <p>[APIs](defender-endpoint-plan-1.md#apis) | Defender for Endpoint Plan 1 capabilities, plus: <p> <p> [Device discovery](device-discovery.md) <p> [Device inventory](machines-view-overview.md) <p> [Core Defender Vulnerability Management capabilities](../defender-vulnerability-management/defender-vulnerability-management-capabilities.md) <p> [Threat Analytics](threat-analytics.md) <p> [Automated investigation and response](automated-investigations.md) <p> [Advanced hunting](advanced-hunting-overview.md) <p> [Endpoint detection and response](overview-endpoint-detection-response.md) <p> [Microsoft Threat Experts](microsoft-threat-experts.md) | Additional Defender Vulnerability Management for Defender for Endpoint Plan 2: <p> [Security baselines assessment](../defender-vulnerability-management/tvm-security-baselines.md) <p> [Block vulnerable applications](../defender-vulnerability-management/tvm-block-vuln-apps.md) <p> [Browser extensions](../defender-vulnerability-management/tvm-browser-extensions.md) <p> [Digital certificate assessment](../defender-vulnerability-management/tvm-certificate-inventory.md) <p> [Network share analysis](../defender-vulnerability-management/tvm-network-share-assessment.md)|

-| [Support for Windows 10, iOS, Android OS, and macOS devices](defender-endpoint-plan-1.md#cross-platform-support) | Support for Windows (client and server) and non-Windows platforms<br/> (macOS, iOS, Android, and Linux) | Support for Windows (client and server) and non-Windows platforms<br/> (macOS, iOS, Android, and Linux) |

-| To try Defender for Endpoint Plan 1, visit [https://aka.ms/mdep1trial](https://aka.ms/mdep1trial) | To try Defender for Endpoint Plan 2, visit [https://aka.ms/MDEp2OpenTrial](https://aka.ms/MDEp2OpenTrial) | To try Microsoft Defender Vulnerability Management add-on, visit [https://aka.ms/AddonPreviewTrial](https://aka.ms/AddonPreviewTrial). For more information, see [Get Defender Vulnerability Management](../defender-vulnerability-management/get-defender-vulnerability-management.md).

-## Next steps

-Microsoft Defender for Endpoint device control protects against data loss, by monitoring and controlling media use by devices in your organization, such as the use of removable storage devices and USB drives.

-With the device control report, you can view events that relate to media usage, such as:

-Device control in Microsoft Defender for Endpoint empowers security administrators with tools that enable them to track their organization's device control security through reports. You can find the device control report in the Microsoft 365 Defender portal by going to **Reports > Device protection**.

-> [!div class="mx-imgBorder"]

-> 

-The page provides a dashboard with aggregated number of events per type and a list of events. Administrators can filter on time range, media class name, and device ID.

-The device control report can have a 12-hour delay from the time a media connection occurs to the time the event is reflected in the card or in the domain list.

-description: Learn how to design a web app to get programmatic access to Microsoft Defender for Endpoint without a user.

-> The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory

-> The [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory) NuGet package and Azure AD Authentication Library (ADAL) have been deprecated. No new features have been added since June 30, 2020. We strongly encourage you to upgrade, see the [migration guide](/azure/active-directory/develop/msal-migration) for more details.

- using Microsoft.IdentityModel.Clients.ActiveDirectory;

- ```console

- string appSecret = "22222222-2222-2222-2222-222222222222"; // Paste your own app secret here for a test, and then store it in a safe place!

- const string authority = "https://login.microsoftonline.com";

- const string wdatpResourceId = "https://api.securitycenter.microsoft.com";

- AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/");

- ClientCredential clientCredential = new ClientCredential(appId, appSecret);

- AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult();

- string token = authenticationResult.AccessToken;

-The following code was tested with NuGet Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8.

-1. Install NuGet [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/).

- using Microsoft.IdentityModel.Clients.ActiveDirectory;

- const string authority = "https://login.microsoftonline.com";

- const string wdatpResourceId = "https://api.securitycenter.microsoft.com";

- AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/");

- ClientCredential clientCredential = new ClientCredential(appId, appSecret);

- AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult();

- string token = authenticationResult.AccessToken;

- console.write(token)

- ```

-### Get an access token using PowerShell

-```PowerShell

-if(!(Get-Package adal.ps)) { Install-Package -Name adal.ps } # Install the ADAL.PS package in case it's not already present

-$tenantId = '' # Paste your directory (tenant) ID here.

-$clientId = '' # Paste your application (client) ID here.

-$redirectUri = '' # Paste your app's redirection URI

-$authority = "https://login.windows.net/$tenantId"

-$resourceUrl = 'https://api.security.microsoft.com'

-$response = Get-ADALToken -Resource $resourceUrl -ClientId $clientId -RedirectUri $redirectUri -Authority $authority -PromptBehavior:Always

-$response.AccessToken | clip

-$response.AccessToken

-1. Make sure that the *roles* claim within the decoded token contains the desired permissions.

-> The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8.

-1. Install NuGet [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/).

- using Microsoft.IdentityModel.Clients.ActiveDirectory;

- string tenantId = ""; // Paste your directory (tenant) ID here

- string clientId = ""; // Paste your application (client) ID here

- string appSecret = ""; // Paste your own app secret here to test, then store it in a safe place, such as the Azure Key Vault!

- const string authority = "https://login.windows.net";

- const string wdatpResourceId = "https://api.security.microsoft.com";

- AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/");

- ClientCredential clientCredential = new ClientCredential(clientId, appSecret);

- AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult();

- string token = authenticationResult.AccessToken;

-> The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8.

-1. Install NuGet [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/).

- using Microsoft.IdentityModel.Clients.ActiveDirectory;

- string tenantId = ""; // Paste your directory (tenant) ID here

- string clientId = ""; // Paste your application (client) ID here

- string appSecret = ""; // Paste your own app secret here to test, then store it in a safe place, such as the Azure Key Vault!

- const string authority = "https://login.windows.net";

- const string wdatpResourceId = "https://api.security.microsoft.com";

- AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/");

- ClientCredential clientCredential = new ClientCredential(clientId, appSecret);

- AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult();

- string token = authenticationResult.AccessToken;

-> [!IMPORTANT]

-> Delegated access to Microsoft Defender for Endpoint in the Microsoft 365 Defender portal currently allows access to a single tenant per browser window.

- - **Exclude these users, groups, and domains**: To add exceptions for the internal recipients that the policy applies to (recpient exceptions), select this option and configure the exceptions. The settings and behavior are exactly like the conditions.

- - The language identifier for the the **Display name** and **Disclaimer** values. Quarantine notifications are already localized based on the recipient's language settings. The **Display name** and **Disclaimer** values are used in quarantine notifications that apply to the recipient's language.

- - **Exclude these users, groups, and domains**: To add exceptions for the internal recipients that the policy applies to (recpient exceptions), select this option and configure the exceptions. The settings and behavior are exactly like the conditions.

-1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Reports** > **Email & collaboration** \> **Reports for download**. To go directly to the **Reports for download** page, use <https://security.microsoft.com/ReportsForDownload?viewid=custom>.