Data/LabelTranslation/windows10AndLater-securityTemplate-attackSurfaceReduction.json
|
{
"windows10EndpointProtectionConfiguration defenderGuardedFoldersAllowedAppPaths": { "Section": "Attack Surface Reduction Rules", "Name": "List of apps that have access to protected folders", "DataType": null }, "windows10EndpointProtectionConfiguration defenderUntrustedUSBProcessType": { "Section": "Attack Surface Reduction Rules", "Name": "Block untrusted and unsigned processes that run from USB", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdditionalGuardedFolders": { "Section": "Attack Surface Reduction Rules", "Name": "List of additional folders that need to be protected", "DataType": null }, "windows10EndpointProtectionConfiguration defenderScriptDownloadedPayloadExecutionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable content download from email and webmail clients ", "DataType": null }, "windows10EndpointProtectionConfiguration defenderProcessCreationType": { "Section": "Attack Surface Reduction Rules", "Name": "Process creation type", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsExecutableContentCreationOrLaunchType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office applications from injecting code into other processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeMacroCodeAllowWin32ImportsType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Win32 API calls from Office macro", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdobeReaderLaunchChildProcess": { "Section": "Attack Surface Reduction Rules", "Name": "Block Adobe Reader from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderPreventCredentialStealingType": { "Section": "Attack Surface Reduction Rules", "Name": "Block credential stealing from the Windows local security authority subsystem (lsass.exe", "DataType": null }, "windows10EndpointProtectionConfiguration defenderGuardMyFoldersType": { "Section": "Attack Surface Reduction Rules", "Name": "Enable folder protection", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeCommunicationAppsLaunchChildProcess": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office communication apps from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderEmailContentExecutionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable content download from email and webmail clients", "DataType": null }, "windows10EndpointProtectionConfiguration defenderScriptObfuscatedMacroCodeType": { "Section": "Attack Surface Reduction Rules", "Name": "Block execution of potentially obfuscated scripts (js/vbs/ps)", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAttackSurfaceReductionExcludedPaths": { "Section": "Attack Surface Reduction Rules", "Name": "Exclude files and paths from attack surface reduction rules", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsLaunchChildProcessType": { "Section": "Attack Surface Reduction Rules", "Name": "Block all Office applications from creating child processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderAdvancedRansomewareProtectionType": { "Section": "Attack Surface Reduction Rules", "Name": "Use advanced protection against ransomware", "DataType": null }, "windows10EndpointProtectionConfiguration defenderUntrustedExecutableType": { "Section": "Attack Surface Reduction Rules", "Name": "Block executable files from running unless they meet a prevalence, age, or trusted list criteria ", "DataType": null }, "windows10EndpointProtectionConfiguration defenderOfficeAppsOtherProcessInjectionType": { "Section": "Attack Surface Reduction Rules", "Name": "Block Office applications from injecting code into other processes", "DataType": null }, "windows10EndpointProtectionConfiguration defenderSecurityCenterBlockExploitProtectionOverride": { "Section": "Attack Surface Reduction Rules", "Name": "Block Exploit Protection override", "DataType": null }, "windows10EndpointProtectionConfiguration defenderExploitProtectionXml": { "Section": "Microsoft Defender Application Control", "Name": "Exploit Protection XML", "DataType": null }, "windows10EndpointProtectionConfiguration smartScreenEnableInShell": { "Section": "Microsoft Defender Application Control", "Name": "Turn on Windows SmartScreen", "DataType": null }, "windows10EndpointProtectionConfiguration smartScreenBlockOverrideForFiles": { "Section": "Microsoft Defender Application Control", "Name": "Block users from ignoring SmartScreen warnings", "DataType": null }, "windows10EndpointProtectionConfiguration appLockerApplicationControl": { "Section": "Microsoft Defender Application Control", "Name": "App locker application control ", "DataType": null }, "windows10GeneralConfiguration smartScreenBlockPromptOverrideForFiles": { "Section": "", "Name": "SmartScreen block prompt override for Files", "DataType": null }, "windows10EndpointProtectionConfiguration defenderNetworkProtectionType": { "Section": "", "Name": "Network Protection type", "DataType": null }, "windows10GeneralConfiguration smartScreenBlockPromptOverride": { "Section": "", "Name": "SmartScreen block override prompt", "DataType": null }, "windows10GeneralConfiguration edgeRequireSmartScreen": { "Section": "Web Protection (Microsoft Edge Legacy)", "Name": "Require SmartScreen for Microsoft Edge Legacy", "DataType": null } } |