|
2 | 2 | description: The Set-MpPreference cmdlet configures preferences for Windows Defender scans and updates. |
3 | 3 | external help file: MSFT_MpPreference.cdxml-help.xml |
4 | 4 | Module Name: Defender |
5 | | -ms.date: 01/28/2022 |
| 5 | +ms.date: 03/02/2022 |
6 | 6 | online version: https://docs.microsoft.com/powershell/module/defender/set-mppreference?view=windowsserver2022-ps&wt.mc_id=ps-gethelp |
7 | 7 | schema: 2.0.0 |
8 | 8 | title: Set-MpPreference |
@@ -453,6 +453,7 @@ Accept wildcard characters: False |
453 | 453 |
|
454 | 454 | ### -DisableDnsParsing |
455 | 455 | Specifies whether to disable inspection of DNS traffic that occurs over a UDP channel. |
| 456 | +Network protection inspects DNS traffic that occurs over a TCP channel to provide metadata for anti-malware behavior monitoring or to allow for DNS sink holing if the "-EnableDnsSinkhole" configuration is set. This can be disabled by setting this value to "$true". |
456 | 457 |
|
457 | 458 | ```yaml |
458 | 459 | Type: Boolean |
@@ -701,8 +702,8 @@ Accept wildcard characters: False |
701 | 702 | ``` |
702 | 703 |
|
703 | 704 | ### -DisableTlsParsing |
704 | | -Specifies whether to disable inspection of TLS traffic, also known as HTTPS. |
705 | | -By default, Network Protection inspects TLS traffic. |
| 705 | +Specifies whether to disable inspection of TLS traffic. |
| 706 | +Network protection inspects TLS traffic (also known as HTTPS traffic) to see if a connection is being made to a malicious website, and to provide metadata to behavior monitoring. TLS connections to malicious websites can also be blocked if "-EnableNetworkProtection" is set to enabled. HTTP inspection can be disabled by setting this value to "$true". By default, network protection inspects TLS traffic. |
706 | 707 |
|
707 | 708 | ```yaml |
708 | 709 | Type: Boolean |
@@ -732,7 +733,8 @@ Accept wildcard characters: False |
732 | 733 | ``` |
733 | 734 |
|
734 | 735 | ### -EnableDnsSinkhole |
735 | | -Specifies whether to examine DNS traffic to detect and sinkhole DNS exfiltration attempts and other DNS based malicious attacks. |
| 736 | +Specifies whether to examine DNS traffic to detect and sinkhole DNS exfiltration attempts and other DNS based malicious attacks. |
| 737 | +Network protection can inspect the DNS traffic of a machine and, in conjunction with behavior monitoring, detect and sink hole DNS exfiltration attempts, and other DNS based malicious attacks. Set this configuration to "$true" to enable this feature. |
736 | 738 |
|
737 | 739 | ```yaml |
738 | 740 | Type: Boolean |
@@ -793,7 +795,7 @@ Accept wildcard characters: False |
793 | 795 | ``` |
794 | 796 |
|
795 | 797 | ### -EnableNetworkProtection |
796 | | -Specifies how the Network Protection Service handles web-based malicious threats, including phishing and malware. |
| 798 | +Specifies how the network protection service handles web-based malicious threats, including phishing and malware. |
797 | 799 | Possible values are Disabled, Enabled, and AuditMode. |
798 | 800 |
|
799 | 801 | ```yaml |
|
0 commit comments