Daar ama dami Ilaaliyaha Aqoonsiga gudaha Windows 10
Daar ama Dami Ilaalada Aqoonsiga gudaha Windows 10: (Enable or Disable Credential Guard in Windows 10: )Windows 10: Ilaalada Aqoonsiga Windows(Windows Credential Guard) waxay isticmaashaa amniga ku saleysan qaab-dhismeedka si ay u go'doomiyaan siraha si ay software nidaamka mudnaanta leh u helaan. Helitaanka aan la ogolayn ee sirahan waxay u horseedi kartaa weeraro xatooyo aqoonsiga, sida Pass-the-Hash ama Pass-The-Ticket . Ilaalada aqoonsiga Windows waxay(Windows Credential Guard) ka hortagtaa weeraradan iyagoo ilaalinaya NTLM hashes(NTLM) -ka sirta ah, Tigidhada Bixinta Tigidhada Kerberos(Kerberos Ticket Granting Tickets) , iyo aqoonsiga ay u kaydiyaan arjiyada sida aqoonsiga domainka.
Adigoo awood u siinaya ilaalinta aqoonsiga Windows sifooyinka iyo xalalka soo socda ayaa la bixiyaa:(By enabling Windows Credential Guard the following features and solutions are provided:)
Nabadgelyada qalabka wax-ka-qabashada amniga (Hardware security)
ku-saleysan ka- (Virtualization-based security)
hortagga ka-hortagga khataraha joogtada ah(Better protection against advanced persistent threats)
Hadda waxaad ogtahay muhiimada ay leedahay Ilaalada Aqoonsiga(Credential Guard) , waa inaad hubaal ka dhigtaa tan nidaamkaaga. Markaa annagoon wax wakhti lumin aan aragno sida loo suurtageliyo ama loo joojiyo ilaalinta aqoonsiga (Disable Credential Guard)Windows 10 iyadoo la kaashanayo casharrada hoos ku taxan.
Daar ama dami Ilaaliyaha(Guard) Aqoonsiga gudaha Windows 10
Hubi inaad abuurto barta soo celinta(create a restore point) haddii ay wax qaldamaan.
Habka 1: Dami ama Dami Ilaaliyaha Aqoonsiga Windows 10 adoo isticmaalaya Tifaftiraha Siyaasadda Kooxda(Method 1: Enable or Disable Credential Guard in Windows 10 using Group Policy Editor)
Fiiro gaar ah:(Note:) Habkani wuxuu shaqeeyaa kaliya haddii aad leedahay Windows Pro , Education , ama Enterprise Edition(Enterprise Edtion) . Isticmaalayaasha nooca Windows Home ka bood habkan oo raac kan ku xiga.
1. Riix Windows Key + R ka dibna ku qor regedit(regedit) oo ku dhufo Enter si aad u furto Tifaftiraha Siyaasadda Kooxda.( Group Policy Editor.)
2. U gudub jidka soo socda:
Computer Configuration > Administrative Templates > System > Device Guard
3. Hubi inaad dooratid Ilaalada Aaladda(Device Guard) marka loo eego muraayadda midig ee daaqadda laba-guji siyaasadda " Turn On Virtualization Based Security"
4.In daaqadda guryaha(Properties) ee siyaasadda kor ku xusan hubi in aad doorato Enabled.
5. Hadda laga bilaabo " Dooro Heerka Amniga Platform(Select Platform Security Level) "hoos-u-dhaca dooro Secure Boot ama Secure Boot iyo( Secure Boot or Secure Boot and DMA) Ilaalinta DMA.
6. Xiga, laga bilaabo " Qaabaynta Ilaalada Aqoonsiga(Credential Guard Configuration) "hoos u dhaca dooro karti leh quful UEFI(Enabled with UEFI lock) . Haddii aad rabto inaad meel fog ka damiso Ilaalada Aqoonsiga(Credential Guard) , dooro karti la'aan quful halkii aad ku shaqayn lahayd quful UEFI .
7.Marka la dhammeeyo, guji Codso(Apply) oo ay ku xigto OK.
8.Reboot your PC si aad u badbaadiso isbedelada.
Habka 2: Daar ama Dami Ilaaliyaha Aqoonsiga Windows 10 adoo isticmaalaya Tifaftiraha Diiwaangelinta(Method 2: Enable or Disable Credential Guard in Windows 10 using Registry Editor)
Ilaalada(Guard) Aqoonsiga waxay isticmaashaa sifooyinka amniga ku salaysan khariidaynta kuwaas oo ay tahay in marka hore laga furo sifada Windows(Windows) ka hor inta aanad awood u siin ama joojin ilaaliyaha(Guard) aqoonsiga ee Tifaftiraha Diiwaanka(Registry Editor) . Hubi(Make) in aad isticmaasho mid ka mid ah hababka hoos ku taxan si aad awood ugu yeelato sifooyinka amniga ku salaysan khayaali
Ku dar sifada amniga ku salaysan khayaali adiga oo isticmaalaya Barnaamijyada iyo Tilmaamaha(Add the virtualization-based security features by using Programs and Features)
1.Riix Windows Key + R kadibna ku qor appwiz.cpl oo ku dhufo Enter si aad u furto Program and Features.
2.Daaqadda bidix-guji " Daar ama dami Features Windows(Turn Windows Features on or off) ".
3. Hel oo balaadhi Hyper-V ka dibna si la mid ah u balaadhi Hyper-V Platform .
4. Under Hyper-V Platform checkmark "(checkmark) Hyper -V Hypervisor(Hyper-V Hypervisor) ".
5.Hadda hoos u rog oo calaamadee "Isoated User Mode"(checkmark “Isolated User Mode”) oo guji OK.
Ku dar sifooyinka amniga ku salaysan khariidaynta sawirka qad la'aanta adiga oo isticmaalaya DISM(Add the virtualization-based security features to an offline image by using DISM)
1.Riix Windows Key + X kadibna dooro Command Prompt (Admin).
2. Ku qor amarka soo socda cmd si aad ugu darto Hyper-V Hypervisor oo ku dhufo Gelida(Enter) :
dism /image:<WIM file name> /Enable-Feature /FeatureName:Microsoft-Hyper-V-Hypervisor /all OR dism /Online /Enable-Feature:Microsoft-Hyper-V /All
3.Kudar qaabka Isticmaalaha Go'doonsan(Isolated User Mode) adiga oo socodsiinaya amarka soo socda:
dism /image:<WIM file name> /Enable-Feature /FeatureName:IsolatedUserMode OR dism /Online /Enable-Feature /FeatureName:IsolatedUserMode
4.Marka la dhammeeyo, waxaad xidhi kartaa degdegga amarka.
Daar ama dami Ilaaliyaha Aqoonsiga gudaha Windows 10(Enable or Disable Credential Guard in Windows 10)
1. Riix Windows Key + R kadibna ku qor regedit(regedit) oo ku dhufo Enter si aad u furto Registry Editor.
2. U gudub furaha diiwaangelinta:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceGuard
3.Right-guji DeviceGuard ka dibna dooro New > DWORD (32-bit) Value.
4.U magacow kan cusub ee la sameeyay DWORD sida EnableVirtualizationBasedSecurity oo ku dhufo Gelida.
5.Double-guji EnableVirtualizationBasedSecurity DWORD ka dibna qiimaheeda u beddel:
Si aad u suurtageliso Amniga ku-saleysan Virtualization: 1 (To Enable Virtualization-based Security: 1)
Si aad u damiso Amniga ku-saleysan Virtualization: 0(To Disable Virtualization-based Security: 0)
6.Hadda marlabaad midig-guji DeviceGuard ka dib dooro New > DWORD (32-bit) Value oo u magacow DWORD sida RequirePlatformSecurityFeatures ka dibna ku dhufo Enter.
7.Double-guji RequirePlatformSecurityFeatures DWORD oo u beddel qiimaha 1 si aad u isticmaasho Secure Boot kaliya ama (change it’s value to 1 to use Secure Boot only or )u dhig 3 si aad u isticmaasho Secure Boot iyo ilaalinta DMA.(set it to 3 to use Secure Boot and DMA protection.)
8.Hadda u gudub furaha diiwaangelinta:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA
9.Right-guji LSA kadibna dooro New > DWORD (32-bit) Value kadibna DWORD u magacow LsaCfgFlags( LsaCfgFlags) oo ku dhufo Enter.
10.Double-guji LsaCfgFlags DWORD oo u beddel qiimaheeda si waafaqsan:
Dami Ilaaliyaha Aqoonsiga: 0 (Disable Credential Guard: 0)
Dami Ilaaliyaha Aqoonsiga Quful UEFI: 1 (Enable Credential Guard with UEFI lock: 1)
Karti Ilaalada Aqoonsiga Quful la'aan: 2(Enable Credential Guard without lock: 2)
11.Marka la dhammeeyo, xidh Tifaftiraha Diiwaanka(Registry Editor) .
Dami Ilaalada Aqoonsiga Windows 10(Disable Credential Guard in Windows 10)
Haddii Ilaalada Aqoonsiga(Credential Guard) la hawlgeliyay la'aanteed UEFI Lock markaas waxaad joojin kartaa ilaalinta aqoonsiga Windows( Disable Windows Credential Guard) adoo isticmaalaya qalabka u diyaarsanaanta qalabka iyo ilaalinta aqoonsiga(Device Guard and Credential Guard hardware readiness tool) ama habka soo socda:
1. Riix Windows Key + R kadibna ku qor regedit(regedit) oo ku dhufo Enter si aad u furto Registry Editor.
2.Dhaw oo tirtir furayaasha diiwaanka ee soo socda:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LsaCfgFlags HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\EnableVirtualizationBasedSecurity HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceGuard\RequirePlatformSecurityFeatures
3. Tirtir doorsoomayaasha EFI Windows Credential Guard adigoo isticmaalaya bcdedit(Delete the Windows Credential Guard EFI variables by using bcdedit) . Riix Windows Key + X ka dibna dooro Command Prompt (Admin).
4. Ku qor amarka soo socda cmd oo ku dhufo Gelida(Enter) :
mountvol X: /s
copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y
bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader
bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi"
bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215}
bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO
bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X:
mountvol X: /d
5.Marka la dhammeeyo, xidho amarka oo dib u bilow PC-gaaga.
6.Aqbal isla markiiba si aad u damiso Ilaalada Aqoonsiga Windows(Windows Credential Guard) .
lagu taliyay:(Recommended:)
- Oggolow ama ka hortag Windows 10 Mawduucyada si loo beddelo Icons Desktop(Allow or Prevent Windows 10 Themes to Change Desktop Icons)
- Daar fariimaha Verbose ama xaalad aad u faahfaahsan gudaha Windows 10(Enable Verbose or Highly Detailed Status Messages in Windows 10)
- Daar ama dami qaabka horumariyaha gudaha Windows 10(Enable or Disable Developer Mode in Windows 10)
- Dami yaraynta tayada gidaarka JPEG ee muraayada miiska Windows 10(Disable Desktop Wallpaper JPEG Quality Reduction in Windows 10)
Taasi waa waxa aad si guul leh u baratay sida loo suurtageliyo ama loo joojiyo ilaalinta aqoonsiga Windows 10(How to Enable or Disable Credential Guard in Windows 10) laakiin haddii aad wali hayso wax su'aalo ah oo ku saabsan casharkan markaa xor u noqo inaad ku weydiiso qaybta faallooyinka.
About the author
Waxaan ahay injineer software iyo sahamiye. Waxaan khibrad u leeyahay labada Microsoft Xbox 360 iyo Google Explorer. Waxaan awoodaa inaan bixiyo talooyinka khabiirada ee qalabyada horumarinta software-ka qaarkood, iyo sidoo kale inaan caawiyo dadka inay cilad-saaraan khaladaadka Explorer ee caadiga ah.
Related posts
Dami Farsamaynta Soo Dhawaynta Qadka gudaha Windows 10
Abuuritaanka nidaam buuxa oo kaabta sawirka gudaha Windows 10 [Hagaha ugu dambeeya]
Sida loo sameeyo kaabta sawirka System gudaha Windows 10
Sida loo tirtiro qayb ka mid ah Volume ama Drive Partition gudaha Windows 10
Sida loo Demiyo Corners-ku dheggan gudaha Windows 10
Hagaaji Aan awoodin in laga tirtiro faylalka ku meel gaadhka ah gudaha Windows 10
Sida loo isticmaalo Fn Key Lock gudaha Windows 10
Hagaaji asalka Desktop-ka Madow gudaha Windows 10
Sida loo beddelo iftiinka shaashadda gudaha Windows 10
Hagaaji kiiboodhka aan lagu qorin Windows 10 Arrinta
3 siyaabood oo loogu daro Album Art MP3 gudaha Windows 10
Sida loo sahlo hagaha firfircoon ee Windows 10
Nadiifi Disk adiga oo isticmaalaya Diskpart Clean Command gudaha Windows 10
Beddel wakhtiga si aad u muujiso Liiska Nidaamyada Hawlgelinta ee Bilawga gudaha Windows 10
Sida gabi ahaanba looga saaro McAfee Windows 10
Dib ugu magacow Folder Profile User gudaha Windows 10
Disable Touchpad marka Mouse uu ku xiran yahay Windows 10
3 siyaabood oo lagu dilo nidaamka gudaha Windows 10
Sida loo sahlo sawir-qaadista gidaarka gudaha Windows 10
Sida loo Dejiyo Wadaagista Faylasha Shabakadda ee Windows 10