Wiki source code of Use Cases für Defender Management
Last modified by jklein on 2024/08/13 08:28
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.1 | 1 | {{aagon.priorisierung}} |
| 2 | 160 | ||
| 3 | {{/aagon.priorisierung}} | ||
| 4 | |||
| |
2.1 | 5 | Below are two possible use cases for Defender Management: |
| |
1.1 | 6 | |
| |
2.1 | 7 | * [[ASR rules: Event IDs 1121 and 1122 occur in conjunction with an lsass.exe and block the operation>>doc:ACMP.66.ACMP-Solutions.Security.Defender Management.Use Cases für Defender Management.ASR-Regeln\: Die Ereignis-ID’s 1121 und 1122 treten in Verbindung mit einer lsass\.exe auf und blockieren den Vorgang.WebHome]] |
| 8 | * [[VirTool: Win32/DefenderTamperingRestore triggers a threat alert >>doc:ACMP.66.ACMP-Solutions.Security.Defender Management.Use Cases für Defender Management.VirTool\:Win32DefenderTamperingRestore triggert einen Bedrohungs-Alarm.WebHome]] | ||
| |
1.1 | 9 | |
| 10 |