Windows 10 waxa ay bixisaa sifooyin ammaan oo ku dhex jira oo qofku u isticmaali karo si uu u ilaaliyo kombayutarkiisa. Qaar ka mid ah sifooyinka ayaa si toos ah loo dajiyay, halka kuwa kalena loo baahan yahay in la habeeyo, halka kuwa kalena loo baahan yahay in la furo iyadoo ku xiran isticmaalka. Maqaalkan, waxaan ku wadaagaynaa liiska sifooyinka Amniga ee^(Security) laga heli karo Windows 10.

Summada Amniga Daaqadaha

Windows 10 Astaamaha Amniga

Qaar ka mid ah sifooyinkan amniga ayaa laga heli karaa gudaha Windows 10 , halka ay u baahan doonaan maamulaha ama ganacsiga^(Enterprise) gelitaanka si loo habeeyo.

Amniga Daaqadaha
Shaashada casriga ah
Ilaalada Codsiga
Ka faa'iidayso Ilaalada
Xakamaynta Koontada Isticmaalaha
Microsoft Bitlocker
Ilaalada aqoonsiga
Difaaca Microsoft ATP^{(Microsoft Defender ATP)} ee Ganacsiga^(Enterprise)

1] Windows Security

Waa ka- hortagga fayraska^(Antivirus) iyo xalalka amniga ku dhex-jira ee ^(Security)Microsoft kaas oo horay loogu sii rakibay Windows 10 . Waxaad u wici kartaa safka koowaad ee difaaca kaas oo hubinaya inaadan u baahnayn fayraska-ka-hortagga qolo saddexaad, qalabaynta dabka iyo wax kale. Waxaad ka akhrisan kartaa wax badan oo ku saabsan qaar ka mid ah sifooyinka muhiimka ah ee uu bixiyo Windows Security App .

Ilaalinta Tamper^{(Tamper Protection)}
Ilaalinta Ransomware^{(Ransomware Protection)}
Galitaanka Folderka la xakameeyey

2] SmartScreen

Markaad isticmaalayso browser-ka ama app-ka marka aad soo dejisanayso faylka, qaabka SmartScreen^{( SmartScreen feature)} ayaa isla markiiba xannibi kara. Waxay dhacdaa marka fayl hore oo la soo sheegay lagu calaamadiyay inuu yahay malware ama ka yimid shabakada phishing-ka. SmartScreen waxaa loo furay Microsoft Edge , Microsoft Store

3] Windows Defender Application Guard

Ilaalada Codsiga waxay hubisaa in qof kasta oo isticmaalaya Microsoft Edge uu ilaalinayo. Qalab kasta oo dunta ah ee Edge waa la dhimay iyadoo la isticmaalayo tignoolajiyada Microsoft Hyper-V . Helitaanka^(Access) xusuusta dhabta ah, kaydinta maxalliga ah, codsiyada kale ee la rakibay, ayaa ka qarsoon weerarka. Waa qayb ka mid ah Ilaalada Aaladda Difaaca Daaqadaha^{(Windows Defender Device Guard)} .

4] Difaaca Daaqadaha Windows

Exploit Guard waa qaabka amniga boot-ka-hore kaas oo ka ilaaliya aaladaha iyo nidaamyada malware-ka heerka boot-ka ah. Haddii weerarku isku dayo inuu ku xidho darawal aan wadan shahaado dhijitaal ah, markaas ma rari doono Windows ama darawalka. Waxa ay ogolaataa kaliya faylalka idman, darawalada, iyo abka.

5] Xakamaynta Koontada Isticmaalaha

UAC waxa ay joogtay in muddo ah, dhammaanteenna waanu ka xanaaqnay hadda iyo ka dib. Weligaa ma aragtay shaashadda soo booda mar kasta oo aad qorsheyneyso inaad rakibto software? Sababtoo ah software-ku wuxuu ku orday isticmaalka mudnaan la'aanta maamulka laakiin wuxuu u baahan yahay mudnaanta maamulka si uu u dhamaystiro nidaamka. Taasi waa sababta aad u hesho degdega ah si aad u oggolaato in tillaabooyinkaas la dhammaystiro. Markaa software kasta oo ku shaqeeya gadaal ma awoodi doono inuu rakibo wax fasax la'aan.

6] Microsoft Bitlocker

BitLocker waa xalka sirta wadista ee Microsoft kaas oo hubinaya in helitaanka xogta aan la ogolayn uu yahay mid aan la heli karin software qolo saddexaad oo aan furaha lahayn. Waxay diyaar u tahay Windows 10 Xirfadlayaasha^{(Professional)} iyo Ganacsiga^(Enterprise) .

Akhri^(Read) : Sida dib loogu dajin karo abka Windows Security gudaha Windows 10^{(reset the Windows Security app in Windows 10)} .

7] Ilaalada Aqoonsiga Difaaca Windows^{(Windows Defender Credential Guard)}

Waxaa laga heli karaa gudaha Windows 10 Enterprise iyo Server 2016 , Ilaalada Aqoonsiga waxay isticmaashaa amniga ikhtiraacida si loo hubiyo in aqoonsiga aanu qof walba heli karin, gaar ahaan software iyo daalacashada. Waxay ilaalisaa Tigidhada Bixinta Tigidhada Kerberos^{(Kerberos Ticket Granting Tickets)} , NTLM hashes^(NTLM) sirta, iyo aqoonsiga domainka.

8] Difaaca Microsoft ATP^{(Microsoft Defender ATP)} ee Ganacsiga^(Enterprise)

Xalku waa adeeg dallad oo ay Shirkaddu isticmaali karto. Waxaa ka mid ah sifooyinka soo socda

Hanjabaada & Maareynta Nuglaanta
Yaraynta dusha weerarka
Ilaalinta jiilka soo socda
Ogaanshaha barta dhamaadka iyo jawaabta
Baaritaan toos ah iyo dib u habeyn
Khubarada Khatarta Microsoft

Windows 10 hadda waa ka badbaado leh sifooyinka amniga sida UEFI ( Unified Extensible Firmware Interface ) iyo Secure Boot kaas oo nidaamkaaga ka ilaalinaya faylasha iyo koodka xaasidnimada ah.

Interface Firmware^{(Firmware Interface)} Midaysan

Midaysan Extensible Firmware Interface^{(Unified Extensible Firmware Interface)} waa muuqaal qeexaya interface software leh firmware-ka iyo nidaamka hawlgalka ee jira. Waxay maamushaa habka bootinta nidaamkaaga waxayna u baahan tahay qaab disk cusub iyo isbedel qalab firmware. UEFI waxay si dhakhso leh u bilawdaa qalabka PC waxayna ka caawisaa nidaamka qalliinka inuu si caadi ah u bootiyo. Waxay ku shaqeyn kartaa laba nooc oo kala duwan, qaabka UEFI^(UEFI) , iyo habka ku-habboon ee BIOS^{(BIOS-compatibility)} . Inta lagu jirohabka ku habboonaanta BIOS ^{(BIOS-compatibility)}UEFI waxay kombuyuutarkaaga ku dhejinaysaa si la mid ah nidaamka BIOS^(BIOS) , way ka duwan tahay oo way ka badbaadsan tahay qaabka UEFI^(UEFI) .

Markaad ku rakibto Windows 10 PC ee qaabka UEFI , waxay hubisaa oo hubisaa in wadayaasha si dhijitaal ah loo saxeexay oo la xaqiijiyay. Habkani waxa uu hubinayaa haddii mid ka mid ah software-ka heerka hoose uu saxeexay Microsoft oo uu xannibay malware-ka sida rootkits-ka inay farageliyaan nidaamka bootka.

Nidaamyada kombuyuutarrada cusub ee lagu soo raray Windows 10/8.1/8 waxay leeyihiin Interface Firmware Extensible Extensible^{(Unified Extensible Firmware Interface)} ee qaabka UEFI , laakiin nidaamyada lagu soo raray Windows 7 waxay leeyihiin UEFI oo lagu habeeyey habka BIOS-ku-habboon^{(BIOS-compatibility)} .

Windows 10 Astaamaha u baahan UEFI

Boot ammaan^{(Secure Boot )} ah - Boot^{(Secure Boot)} ammaan ah waa sifo ammaan oo hubinaysa in kombuyutarkaagu u isticmaalo kaliya software la aamini karo si uu u bootiyo. UEFI waxayhubisaa saxeexa dhijitaalka ah ee software kasta oo ay ku jiraan bootloader nidaamka hawlgalka iyo wadayaasha. Kumbuyuutarku ma bootin doono haddii bootloader-ka ama darawaladu aanay si dhijitaal ah u saxeexin soo-saaraha.
Bilowga Hore ee Anti-Malware^{(Early Launch Anti-Malware)} -^{(Early Launch Anti-Malware – )} Habkani waxa uu xakameyaa rarka darawallada boot-ka oo hubiya in aanay jirin wax buka ama bootin aan la garanayn oo raraya. Waxay hubinaysaa in darawallada boot-ka ee qolo saddexaad aysan xajin ka hor inta uusan bilaaban software-ka anti-malware ee PC-gaagu.
Boot la Cabbiray -^{(Measured Boot – )} Habkani wuxuu ku siinayaa diiwaanka dhammaan qaybaha boot-ka ee lagu shubay kahor software-ka-hortagga malware-ka ee kombuyutarkaaga. Loggu waxa loo diraa seerfar fog si loo qiimeeyo iyo in loo hubiyo in qaybuhu ahaayeen kuwo la aamini karo iyo in kale.

Qaabka Sugan ee Virtual ee Windows 10

Ilaalada Aaladda –^{(Device Guard –)} Habkani waxa uu ku shaqeeyaa ogaanshaha ku salaysan saxeexa oo waxa uu xidhaa qalabka haddii la ogaado codsi kasta oo shaki leh. Waxay isticmaashaa saxeexyada dhijitaalka ah si ay u xaqiijiso haddii codsigu yahay mid la aamini karo iyo in kale. Ilaalada Aaladda^{(Device Guard)} waa isku-dar ka kooban qalabka iyo sifooyinka amniga software-ka. Xitaa haddii mashiinka la jabsado oo jabsadayaashu ay galaan Windows Kernel , ma socodsiin karaan koodhka xaasidnimada ah ee la fulin karo.
Ilaalada Aqoonsiga -^{(Credential Guard – )} Tilmaamahan wuxuu adeegsadaa amniga ku saleysan farsamada wuxuuna bixiyaa amniga goobta, amniga qalabka^(Hardware) , ka ilaalin wanaagsan^(Better) oo ka dhanka ah hanjabaadaha joogtada ah ee horumarsan, iyo Maareynta^{(Manageability)} . Habkani wuxuu xannibayaa farsamooyinka weerarka tuugada aqoonsiga si uu u ilaaliyo aqoonsigaaga. Siraha waxaa ilaaliya amniga ku saleysan farsameynta iyo xitaa malware-ka ku shaqeeya mudnaanta maamul ma soo saari karo.

Shaxdani waxa ay dejinaysaa tafaasiisha ku saabsan in sifadu u baahan tahay UEFI iyo TPM iyo in kale^(TPM)

Windows 10 - Saamaynta amniga

Windows 10 wuxuu soo maray waddo dheer oo ammaan ah sidii hore. Macaamiishu waxay isticmaali karaan barnaamijka Amniga Windows^{(Windows Security)} halka Shirkaduhu ay isticmaali karaan Difaaca ATP^{(Defender ATP)} si ay u ilaaliyaan. Waxaan rajeynayaa in boostada ay awood u leedahay inay muujiso kuwa ugu caansan Windows 10 Tilmaamaha Amniga^{(Security Features)} .

List of Windows 10 Security features that help you stay safe

Windows 10 offers built-in security features that one can use to safeguard their computer. Some of the features are enabled by default, while others need to be configured, while others need to be enabled depending on the usage. In this post, we are sharing the list of Security features available in Windows 10.

Windows Security logo

Windows 10 Security Features

Some of these security features are available in Windows 10, while will need admin or Enterprise access to configure them.

Windows Security
Smart Screen
Application Guard
Exploit Guard
User Account Control
Microsoft Bitlocker
Credential Guard
Microsoft Defender ATP for Enterprise

1] Windows Security

It’s a built-in Antivirus and Security solution from Microsoft which comes pre-installed in Windows 10. You can call it the first line of defense that makes sure you don’t need a third-party anti-virus, a firewall configurator and anything else. You can read more about some of the important features offered by the Windows Security App.

Tamper Protection
Ransomware Protection
Controlled Folder Access

2] SmartScreen

When using a browser or an app when you download a file, the SmartScreen feature can block it instantly. It happens when an earlier reported file has been marked as malware or coming from the phishing website. SmartScreen is enabled for Microsoft Edge, Microsoft Store

3] Windows Defender Application Guard

Application Guard makes sure anyone using Microsoft Edge stays protected. Any thread devices for Edge are mitigated using Microsoft’s Hyper-V virtualization technology. Access to actual memory, local storage, other installed applications, are hidden from the attacker. It is part of the Windows Defender Device Guard.

4] Windows Defender Exploit Guard

Exploit Guard is a pre-boot security feature that protects devices and systems from boot-level malware. If the attacker tries to attach a driver which doesn’t carry a digital certificate, then it will not load Windows or the driver. It only allows authorized files, drivers, and apps.

5] User Account Control

UAC has been there for some time, and we all have been annoyed by it now and then. Ever seen the screen which pops up whenever you plan to install software? Its because the software ran using non-admin privilege access but needs admin privileges to complete the process. That’s why you get the prompt to allow permission for those steps to complete. So any software running in the background will not be able to install anything without permission.

6] Microsoft Bitlocker

BitLocker is a drive encryption solution from Microsoft which makes sure any unauthorized data access is inaccessible by third party software without a key. It is available for Windows 10 Professional and Enterprise.

Read: How to reset the Windows Security app in Windows 10.

7] Windows Defender Credential Guard

Available in Windows 10 Enterprise and Server 2016, Credential Guard uses virtualization security to make sure credentials are not accessible by everyone, especially software and browsers. It safeguards Kerberos Ticket Granting Tickets, NTLM password hashes, and domain credentials.

8] Microsoft Defender ATP for Enterprise

The solution is an umbrella service that an Enterprise can use. It includes the following features

Threat & Vulnerability Management
Attack surface reduction
Next-generation protection
Endpoint detection and response
Automated investigation and remediation
Microsoft Threat Experts

Windows 10 is now safer with security features like UEFI (Unified Extensible Firmware Interface) and Secure Boot which protects your system from malicious files and codes.

Unified Extensible Firmware Interface

Unified Extensible Firmware Interface is a feature that defines software interface with the firmware and the existing operating system. It controls your system’s boot process and requires a new disk format and device firmware changes. UEFI initializes the PC hardware faster and helps the operating system to boot normally. It can work in two different modes, UEFI mode, and BIOS-compatibility mode. While in BIOS-compatibility mode UEFI boots your PC the same as in BIOS system, it is different and safer in UEFI mode.

When you boot your Windows 10 PC in UEFI mode, it checks and ensures that the drivers are digitally signed and verified. This feature checks if any low-grade software is signed by Microsoft and blocks the malware like rootkits from interfering with your system’s boot process.

The new computer systems shipped with Windows 10/8.1/8 have the Unified Extensible Firmware Interface in UEFI mode, but the systems shipped with Windows 7 have UEFI configured in BIOS-compatibility mode.

Windows 10 Features that require UEFI

Secure Boot – Secure Boot is a security feature that makes sure that your PC uses only trusted software to boot. The UEFI checks the digital signature of each software which includes the operating system boot loader and the drivers. The PC will not boot if the boot loader or the drivers are not digitally signed by the manufacturer.
Early Launch Anti-Malware – This feature controls the loading of boot drivers and ensures that no that there is no infected or unknown boot driver loading. It makes sure that no third-party boot drivers load before the anti-malware software of your PC starts.
Measured Boot – This feature gives a log of all boot components loaded before the anti-malware software on your PC. The log is sent to a remote server for evaluation and to check if the components were trustworthy or not.

Virtual Secure Mode of Windows 10

Device Guard – This feature works on signature-based detection and locks the device if any suspicious application is detected. It uses the digital signatures to verify if the application is trustworthy or not. Device Guard is a combination of both hardware and software security features. Even if the machine is hacked and the hackers get access to the Windows Kernel, they cannot run the malicious executable code.
Credential Guard – This feature uses virtualization-based security and offers platform security, Hardware security, Better protection against advanced persistent threats, and Manageability. This feature blocks the credential theft attack techniques thereby protecting your credentials. The secrets are protected by virtualization-based security and even the malware running with administrative privileges cannot extract them.

This table lays down the details about whether a feature requires UEFI and TPM

Windows 10 - Security implications

Windows 10 has come a long way and is secure than ever. Consumers can use Windows Security app while Enterprise can use Defender ATP to safeguard. I hope the post was able to highlight the most prominent Windows 10 Security Features.

Kyler Adams

About the author

Waxaan ahay mid aad loogu taliyay Windows 10 khabiir, waxaanan ku takhasusay inaan dadka ka caawiyo inay shakhsiyeeyaan muuqaalkooda kumbuyuutarka oo ay ka dhigaan qalabkooda Xafiis kuwo saaxiibtinimo leh. Waxaan u isticmaalaa xirfadahayga si aan uga caawiyo dadka kale siyaabaha ugu waxtarka badan ee lagula shaqeeyo Microsoft Office, oo ay ku jiraan sida loo qaabeeyo qoraalka iyo sawirada daabacaadda internetka, sida loo abuuro mawduucyo gaar ah oo loogu talagalay Outlook, iyo xitaa sida loo habeeyo muuqaalka shaqada ee miiska kombuyuutar.

Liiska Windows 10 Astaamaha Amniga ee kaa caawinaya inaad bedqabto

Windows 10 Astaamaha Amniga

1] Windows Security

2] SmartScreen

3] Windows Defender Application Guard

4] Difaaca Daaqadaha Windows

5] Xakamaynta Koontada Isticmaalaha

6] Microsoft Bitlocker

7] Ilaalada Aqoonsiga Difaaca Windows(Windows Defender Credential Guard)

8] Difaaca Microsoft ATP(Microsoft Defender ATP) ee Ganacsiga(Enterprise)

Interface Firmware(Firmware Interface) Midaysan

Windows 10 Astaamaha u baahan UEFI

Qaabka Sugan ee Virtual ee Windows 10

List of Windows 10 Security features that help you stay safe

Windows 10 Security Features

1] Windows Security

2] SmartScreen

3] Windows Defender Application Guard

4] Windows Defender Exploit Guard

5] User Account Control

6] Microsoft Bitlocker

7] Windows Defender Credential Guard

8] Microsoft Defender ATP for Enterprise

Unified Extensible Firmware Interface

Windows 10 Features that require UEFI

Virtual Secure Mode of Windows 10

Kyler Adams

About the author

Related posts

Sida loo joojiyo fasalada kaydinta la saari karo iyo gelida gudaha Windows 10

Ka xaddid gelitaanka USB-ga Windows 10 kumbiyuutarka Ratool

Sida loo qariyo ama loo tuso astaanta Amniga Windows ee Taskbar ee Windows 10

Sida dib loogu dejiyo ogolaanshaha faylka NTFS gudaha Windows 10

Dejinta Ammaanka Windows ee Windows 10

6 siyaabood oo loogu daro isticmaale maxalli ah (aan ahayn Microsoft) Windows 10

Sida loo habeeyo goobaha server-ka ee Windows 10 -

Arag Su'aalaha Amniga iyo Jawaabaha Koontada Maxaliga ah ee gudaha Windows 10

3 siyaabood oo loo abuuro barta soo celinta gudaha Windows 10

2 siyaabood oo awood loo siiyo System Restore in Windows 10

Sida loo hakiyo Windows 10 cusboonaysiinta sida May 2021 Update

Sida loo habeeyo System Restore gudaha Windows 10

Sida loogu beddelo koontada maxaliga ah ee Windows 10 mid ka mid ah Microsoft

Sida loo xafido qaybta nidaamka BitLocker gudaha Windows 10

Ka saar waxyaabaha muhiimka ah ee Amniga Microsoft Windows 10

Ka hel aqoonsiga amniga (SID) ee isticmaalaha gudaha Windows 10

Kaabta MBR: Kaabta, Soo Celinta Diiwaanka Boot Masterka gudaha Windows 10

Sida telefoonkaaga looga saaro Windows 10

Software-ka ugu wanaagsan ee Sugnaanta Delete-ka ee bilaashka ah ee Windows 10

Sida loo isticmaalo Check Disk (chkdsk) si loo tijaabiyo loona hagaajiyo khaladaadka darawalada adag ee Windows 10 -

7] Ilaalada Aqoonsiga Difaaca Windows^{(Windows Defender Credential Guard)}

8] Difaaca Microsoft ATP^{(Microsoft Defender ATP)} ee Ganacsiga^(Enterprise)

Interface Firmware^{(Firmware Interface)} Midaysan