Page 705 - Windows 10 May 2019 Update The Missing Manual: The Book That Should Have Been in the Box
P. 705
Device Security
The controls here vary by machine, but here’s what you may see:
Core isolation. Here’s yet another defense against the dark arts
whose name means nothing to most people. These are
virtualization-based security (VBS) tools; they’re Microsoft’s
response to the methods used by the WannaCry and Petya
ransomware attacks, which managed to evade Windows’ existing
protections. Turning on core isolation prevents nastyware from
inserting its own sinister code into important pieces of Windows.
Security processor. Some PCs come with a special chip called a
TPM (trusted platform module), whose purpose is to store the
encryption “keys” for your particular machine. That way, even if
you use BitLocker (Figure 17-4) and some thug steals your hard
drive, he won’t be able to do anything with it.
Secure boot. This feature prevents a nasty type of malware called
a rootkit from sneaking onto your device. Don’t turn it off unless
it’s causing problems for one of your drivers.
Device Performance & Health
Hey, it’s a dashboard within a dashboard! This screen summarizes the
health of your storage, drivers, battery, and apps.
Family Options
“Family options” is Microsoftese for what you probably know as parental
controls. They’re described on “Family Features (Parental Controls)”.
Five Degrees of Web Protection
Since most of the dangerous things that happen to a computer or its owner
—viruses, ransomware, stolen data—stem from ill-advised adventures on
