Windows 10 附带其内部安全应用程序 — Windows 安全(Windows Security)性,具有一组默认设置,可确保计算机安全。但是,作为消费者,您必须了解这些设置,并在有遗漏时进行更改。在这篇文章中,我们将介绍Windows 10版本 2004 及更高版本中所有可用的Windows 安全设置。(Windows Security Settings)
(Windows Security)Windows 10中的(Windows 10)Windows 安全设置
该应用程序(App)可以通过三种主要方式启动——在“开始”菜单(Start Menu)、“设置”应用程序(Settings app)或“系统托盘(System Tray)”图标中搜索。所有通知都显示在操作中心(Action Center),您绝对不能错过它们。打开软件后,仪表板将提供对所有功能的快速访问。这是列表:
- 病毒和威胁防护
- 账户保护
- 防火墙和网络保护
- 应用程序和浏览器控制
- 设备安全
- 设备性能和运行状况
- 家庭选择
其中一些设置(如家庭选项)提供从(Family Options)Microsoft网站直接管理的链接,而其他设置则提供精细控制。
1] 病毒和威胁防护
扫描选项: (Scan Options: )除了快速(Quick)、完整(Full)和自定义扫描(Custom Scan)之外,最重要的是Windows Defender 离线扫描(Windows Defender Offline scan)。此方法能够删除难以删除的恶意软件,尤其是连接到互联网或处于正常模式时。
保护设置: (Protection Settings: )它是软件最重要的部分,提供实时(Real-time)保护、云交付(Cloud-delivered)保护、自动(Automatic)样本提交、篡改(Tamper)保护、控制(Control)文件夹访问、排除(Exclusions)和通知控制。在所有这些中,请确保打开篡改保护(Tamper Protection),以便其他软件无法更改Windows 安全(Windows Security)设置。
勒索软件保护:(Ransomware Protection: )然后是受控文件夹访问,这是所有Windows用户必须的。您可以使用它来保护文件、文件夹和内存区域免受未经许可寻求访问的程序的影响。虽然这可能很烦人,因为您会经常收到提示,但这是为了您的利益。此功能与连接到OneDrive的勒索(OneDrive)软件(Ransomware)数据恢复一起,将确保可以在勒索软件攻击的情况下恢复文件。
阅读(Read):如何在 Windows 11 中使用 Windows 安全性以获得最佳保护。
2]帐户保护
它可以快速访问与您的帐户相关的一些关键设置。因此,它只是一个仪表板,其中包括Microsoft Account、 Windows Hello和Dynamic Lock。
3]防火墙和网络保护
在这里,您可以通过更改域网络(Domain Network)、专用网络(Private Network)和公共网络(Public Network)的设置来配置可以访问您的网络的人员和对象。单击(Click)其中任何一个,您可以配置是否应打开Windows Defender 防火墙(Windows Defender Firewall)以及是否应阻止所有传入连接。
然后您可以设置可以直接打开以下经典设置的链接。
- 允许应用程序通过防火墙
- 网络和 Internet 疑难解答
- 防火墙通知设置
- 高级设置
- 将防火墙恢复为默认值
4]应用程序和浏览器控制
此部分管理应用程序保护和在线安全。从更广泛的角度来看,您有以下几点
虽然将SmartScreen设置为所有三个都保持为警告(Warn)很重要,但更重要的是设置隔离浏览和漏洞利用保护。
隔离浏览将确保 Windows Defender 应用程序防护(Defender Application Guard)在隔离浏览环境中打开Microsoft Edge 。它将确保保护计算机免受恶意软件的侵害。漏洞利用保护类似于UAC,它确保没有程序以管理员权限运行,除非
5]设备安全
它是一项硬件安全功能,如果您的设备支持它,您将可以从这里访问它们。如果您看到消息“您的(Your)设备符合标准硬件安全要求”,这是因为计算机共享了系统中可用的TPM 2.0、启用安全(Secure)启动、DEP或UEFI MAT。
它提供访问:
- 核心隔离:(Core isolation: Offers added )通过将计算机进程与操作系统和设备隔离,提供针对恶意软件和其他攻击的额外保护。
- 内存完整性(Memory integrity)可防止恶意代码访问高安全性进程。
- 安全启动(Secure boot)可防止恶意软件在启动期间感染您的系统。
- 安全处理器(The security processor)提供额外的加密功能。
6]设备性能和健康
本节为您提供有关计算机性能的鸟瞰图。提供了一份健康报告,其中分享了与存储、应用程序和软件以及Windows 时间服务(Windows Time Service)相关的问题。
7]家庭选项
最后一部分是家庭(Family) 选项(Options),但更多的是关于向消费者介绍该功能以及他们可以从中获得什么。我们已经详细讨论了家长控制,如果您让家里的孩子共享您的计算机,我们建议使用它。您可以设置屏幕时间习惯,跟踪浏览内容,还可以让您的孩子购买应用程序和游戏。
(Windows Security)Windows上的Windows安全提供了一个完整的包,允许您控制计算机的安全方面。从浏览到计算机硬件安全再到家长控制。
如果您是第一次设置计算机,请(setting up the computer for the first time)确保立即进行配置。
Windows Security settings in Windows 10
Windows 10 comes with its in-house security app — Windows Security with a set of default settings, which makes sure the computer is safe. However, it is essential that as a consumer, you are aware of these settings, and change if there is something a miss. In this post, we will go through all the available Windows Security Settings in Windows 10 version 2004, and later.
Windows Security settings in Windows 10
The App can be launched in three main ways — by searching in the Start Menu, from the Settings app, or from the System Tray icon. All the notification appears on in the Action Center, and you must not miss them at all. Once you open the software, the dashboard offers quick access to all the features. Here is the list:
- Virus and threat protection
- Account Protection
- Firewall and network protection
- App and browser control
- Device Security
- Device performance and health
- Family options
Some of these settings, like Family Options, offer links to directly manage from Microsoft websites, while others provide granular control.
1] Virus and threat protection
Scan Options: Apart from Quick, Full, and Custom Scan, the most important is the Windows Defender Offline scan. This method is capable of removing malicious software, which is difficult to remove, especially connected to the internet or when in normal mode.
Protection Settings: It is the most important part of the software which offers Real-time protection, Cloud-delivered protection, Automatic sample submission, Tamper protection, Control folder access, Exclusions, and notification controls. Of all of these, make sure to turn on Tamper Protection so no other software can change Windows Security settings.
Ransomware Protection: Then comes Controlled Folder Access, which is a must for all Windows users. You can use this to protect files, folders, and memory areas from programs that seek access without permission. While it may be annoying as you will get prompted more than often, but it’s for your benefit. This feature, along with Ransomware data recovery connected to OneDrive, will make sure the files can be recovered in case of a ransomware attack.
Read: How to use Windows Security in Windows 11 for the best protection.
2] Account Protection
It offers quick access to some of the crucial settings related to your account. So it’s merely a dashboard which includes Microsoft Account, Windows Hello, and Dynamic Lock.
3] Firewall and network protection
Here you can configure who and what can access your network by changing settings for Domain Network, Private Network, and Public Network. Click on any of them, and you can configure if Windows Defender Firewall should be on and if all incoming connections should be blocked.
Then you can set of the links which can directly open the following classic settings.
- Allow an app through Firewall
- Network and Internet troubleshooter
- Firewall notification settings
- Advanced settings
- Restore firewalls to default
4] App and browser control
This section manages app protection and online security. On a broader perspective, you have the following
- SmartScreen
- Apps and files
- Microsoft Edge
- Microsoft Store Apps
- Isolated Browsing
- Exploit Protection
While it is essential to keep the SmartScreen setting to Warn for all three, what is even more important is to setup Isolated Browsing and Exploit Protection.
Isolated browsing will make sure that Windows Defender Application Guard opens Microsoft Edge in an isolated browsing environment. It will make sure to protect the computer form malware. Exploit Protection is similar to UAC which makes sure no programs runs with admin privilege unless
5] Device Security
Its a hardware security feature, and if your devices support it, you will get to access them from here. If you see the message “Your device meets the requirements for standard hardware security,” its because the computer shared either of TPM 2.0, Secure boot enabled, DEP, or UEFI MAT available in the system.
It offers access to:
- Core isolation: Offers added protection against malware and other attacks by isolating computer processes from your operating system and device.
- Memory integrity prevents malicious code from accessing high-security processes.
- Secure boot prevents malware from infecting your system during boot.
- The security processor provides additional encryption features.
6] Device performance and health
This section gives you a bird view of how your computer is performing. A healthy report is available which shares issues related to storage, apps, and software, and Windows Time Service.
7] Family options
The last section is the Family Options, but its more about educating the consumers about the feature, and what they can get out of it. We have talked about Parental control in detail, and if you gave kids in the house-sharing your computer, we recommend using it. You can set up screen time habits, keep track of what is browsing, and also allow your kids to buy apps and games.
Windows Security on Windows offers a complete package that allows you to control the security aspects of the computer. Right from browsing to computer hardware security to parental control.
If you are setting up the computer for the first time, make sure to configure it right away.
