From the course: Microsoft 365 Endpoint Administrator Associate (MD-102) Cert Prep by Microsoft Press

Unlock this course with a free trial

Join today to access over 25,200 courses taught by industry experts.

Implement Microsoft Defender Credential Guard

Implement Microsoft Defender Credential Guard - Microsoft 365 Tutorial

From the course: Microsoft 365 Endpoint Administrator Associate (MD-102) Cert Prep by Microsoft Press

Start my 1-month free trial Buy for my team

Implement Microsoft Defender Credential Guard

- [Instructor] How users sign into Windows. When a user signs in, the computer locates an Active Directory domain controller. The user enters credentials. These are passed to the local security authority on the local computer. The LSA uses passthrough authentication and connects with the domain controller. A Kerberos ticket is issued by the domain controller and stored in the local security authority. Now the process is broadly similar for connecting to cloud. So you sign into your computer using Windows Hello for Business using your cloud account. The process is the same. The local security authority there is used to connect to, pass through to a provider in the cloud, and the process completes in the usual way. Credential Guard recognizes that there is the possibility for malicious software to gain access to the stored tickets and password hashes in the local security authority. So Credential Guard helps protect Windows…

Contents