Using AppLocker with Windows PowerShell
Windows PowerShell 2.0 includes the following cmdlets to enable you to create scripts that examine, create, and manage AppLocker:
- Get-AppLockerFileInformation Examines an executable or script and returns the information AppLocker might use to determine whether the application can run, including the file hash, file path, and publisher (for signed files).
- Get-AppLockerPolicy Examines either the effective AppLocker policy or the AppLocker policy from a GPO.
- New-AppLockerPolicy Creates a new AppLocker policy.
- Set-AppLockerPolicy After you create an AppLocker policy, use this cmdlet to define it for a GPO.
- Test-AppLockerPolicy Determines whether specified files will be allowed to run for a specific user and AppLocker policy.
In this tutorial:
- Windows 7 Client Protection
- Understanding the Risk of Malware
- User Account Control in Windows 7
- UAC for Standard Users
- UAC for Administrators
- UAC User Interface
- Secure Desktop
- How Windows Determines Whether an Application Needs Administrative Privileges
- How to Control UAC Using Application Properties
- How UAC Examines the Application Manifest
- UAC Heuristics
- UAC Virtualization
- UAC and Startup Programs
- Compatibility Problems with UAC
- How to Configure UAC
- Group Policy Settings
- Control Panel
- Msconfig.exe
- How to Configure Auditing for Privilege Elevation
- Other UAC Event Logs
- Best Practices for Using UAC
- AppLocker
- AppLocker Rule Types
- Auditing AppLocker Rules
- DLL Rules
- Custom Error Messages
- Using AppLocker with Windows PowerShell
- Using Windows 7 Defender
- Understanding Windows Defender
- Automatic Scanning
- Real-Time Protection
- Windows Defender Alert Levels
- Understanding Microsoft SpyNet
- Configuring Windows Defender Group Policy
- Configuring Windows Defender on a Single Computer
- How to Determine Whether a Computer Is Infected with Spyware
- Best Practices for Using Windows Defender
- How to Troubleshoot Problems with Unwanted Software
- Network Access Protection
- Forefront