Data/LabelTranslation/windows10AndLater-securityTemplate-attackSurfaceReduction.json
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 |
{
"windows10EndpointProtectionConfiguration defenderGuardedFoldersAllowedAppPaths": { "Section": "Attack Surface Reduction Rules", "Name": "List of apps that have access to protected folders", "DataType": null }, "windows10EndpointProtectionConfiguration defenderUntrustedUSBProcessType": { "Section": "Attack Surface Reduction Rules", "Name": "Block untrusted and unsigned processes that run from USB", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdditionalGuardedFolders": { "Section": "Attack Surface Reduction Rules", "Name": "List of additional folders that need to be protected", "DataType": null }, "windows10EndpointProtectionConfiguration defenderScriptDownloadedPayloadExecutionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable content download from email and webmail clients ", "DataType": null }, "windows10EndpointProtectionConfiguration defenderProcessCreationType": { "Section": "Attack Surface Reduction Rules", "Name": "Process creation type", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsExecutableContentCreationOrLaunchType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office applications from injecting code into other processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeMacroCodeAllowWin32ImportsType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Win32 API calls from Office macro", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdobeReaderLaunchChildProcess": { "Section": "Attack Surface Reduction Rules", "Name": "Block Adobe Reader from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderPreventCredentialStealingType": { "Section": "Attack Surface Reduction Rules", "Name": "Block credential stealing from the Windows local security authority subsystem (lsass.exe", "DataType": null }, "windows10EndpointProtectionConfiguration defenderGuardMyFoldersType": { "Section": "Attack Surface Reduction Rules", "Name": "Enable folder protection", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeCommunicationAppsLaunchChildProcess": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office communication apps from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderEmailContentExecutionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable content download from email and webmail clients", "DataType": null }, "windows10EndpointProtectionConfiguration defenderScriptObfuscatedMacroCodeType": { "Section": "Attack Surface Reduction Rules", "Name": "Block execution of potentially obfuscated scripts (js/vbs/ps)", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAttackSurfaceReductionExcludedPaths": { "Section": "Attack Surface Reduction Rules", "Name": "Exclude files and paths from attack surface reduction rules", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsLaunchChildProcessType": { "Section": "Attack Surface Reduction Rules", "Name": "Block all Office applications from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdvancedRansomewareProtectionType": { "Section": "Attack Surface Reduction Rules", "Name": "Use advanced protection against ransomware", "DataType": null }, "windows10EndpointProtectionConfiguration defenderUntrustedExecutableType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable files from running unless they meet a prevalence, age, or trusted list criteria ", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsOtherProcessInjectionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office applications from injecting code into other processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderSecurityCenterBlockExploitProtectionOverride": { "Section": "Attack Surface Reduction Rules", "Name": "Block Exploit Protection override", "DataType": null }, "windows10EndpointProtectionConfiguration defenderExploitProtectionXml": { "Section": "Microsoft Defender Application Control", "Name": "Exploit Protection XML", "DataType": null }, "windows10EndpointProtectionConfiguration smartScreenEnableInShell": { "Section": "Microsoft Defender Application Control", "Name": "Turn on Windows SmartScreen", "DataType": null }, "windows10EndpointProtectionConfiguration smartScreenBlockOverrideForFiles": { "Section": "Microsoft Defender Application Control", "Name": "Block users from ignoring SmartScreen warnings", "DataType": null }, "windows10EndpointProtectionConfiguration appLockerApplicationControl": { "Section": "Microsoft Defender Application Control", "Name": "App locker application control ", "DataType": null }, "windows10GeneralConfiguration smartScreenBlockPromptOverrideForFiles": { "Section": "", "Name": "SmartScreen block prompt override for Files", "DataType": null }, "windows10EndpointProtectionConfiguration defenderNetworkProtectionType": { "Section": "", "Name": "Network Protection type", "DataType": null }, "windows10GeneralConfiguration smartScreenBlockPromptOverride": { "Section": "", "Name": "SmartScreen block override prompt", "DataType": null }, "windows10GeneralConfiguration edgeRequireSmartScreen": { "Section": "Web Protection (Microsoft Edge Legacy)", "Name": "Require SmartScreen for Microsoft Edge Legacy", "DataType": null } } |