deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 13:47:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md

Browse Source 
Co-authored-by: Jordan Geurten <jjgeurte@edu.uwaterloo.ca>
This commit is contained in:
Joe Henry 2021-12-02 11:35:06 -05:00 committed by GitHub
parent e20056f3df
commit 057917ed85
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
View File

@ -114,7 +114,7 @@ Policy 1 is an allow list of Windows and Microsoft-signed applications. Policy 2
## Tutorial
### Creating a Deny Policy
Deny rules and policies can be created using the PowerShell cmdlets or the WDAC Wizard [Microsoft WDAC Wizard (webapp-wdac-wizard.azurewebsites.net](https://webapp-wdac-wizard.azurewebsites.net/) We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash.
Deny rules and policies can be created using the PowerShell cmdlets or the [WDAC Wizard] (https://webapp-wdac-wizard.azurewebsites.net/) We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash.
### Software Publisher Based Deny Rule
```Powershell