I have been asked to investigate what capabilities exist within Windows 10 where the environment for this system is isolated. I believe it would not be able to benefit from an enterprise security management and cloud data management (supporting assets are not available), which appears to be the assumed context when I look for cybersecurity at the Microsoft website.
Instead, I have an isolated network which may include several computers of various types. For the moment, I would assume any of these is vulnerable to security circumvention by a bad actor who has physical access, and they might leverage that access for an intrusion on the Windows 10 computer. I will assume that the bad actor has limited or no privileges on the Windows 10 computer.
The questions that are being asked are what are the available detection methods, responses, and recovery methods that are available on the Windows 10 computer? (I always like to ask what is the terminology I should be using in my search for answers to these questions?) If I can get an outline of the answers that would be a very good start.