Update debugging-operational-guide-appid-tagging-policies.md

2025-06-16 02:43:43 +00:00 · 2022-04-29 09:41:26 -07:00
parent 541c39c9d2
commit 08cc728cdb
1 changed files with 11 additions and 11 deletions
--- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
@ -1,6 +1,6 @@
 ---
-title: Use multiple Windows Defender Application Control Policies  (Windows)
+title: Testing and Debugging AppId Tagging Policies
-description: Windows Defender Application Control supports multiple code integrity policies for one device.
+description: Testing and Debugging AppId Tagging Policies to ensure your policies are deployed successfully.
 keywords: security, malware
 ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
 ms.prod: m365-security
@ -14,7 +14,7 @@ author: jgeurten
 ms.reviewer: jsuther1974
 ms.author: dansimp
 manager: dansimp
-ms.date: 04/28/2022
+ms.date: 04/29/2022
 ms.technology: windows-sec
 ---
@ -33,7 +33,7 @@ After deployment of the WDAC AppId Tagging policy, WDAC will fire a 3099 policy
 ## Verifying Tags on Running Processes
-After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Please note that processes running at the time of policy deployment will need to be restarted since WDAC can only tag processes created after the policy has been deployed. 
+After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Note that processes running at the time of policy deployment will need to be restarted since WDAC can only tag processes created after the policy has been deployed. 
 1. Download and Install the Windows Debugger 
@ -41,7 +41,7 @@ After verifying the policy has been deployed, the next step is to verify that th
 2. Get the Process ID (PID) of the process under validation
-	Using Task Manager, or an equivalent process monitoring tool, locate the PID of the process you wish to inspect. In the example below, I have located the PID for the running process for Microsoft Edge to be 2260. The PID will be used in the next step. 
+	Using Task Manager, or an equivalent process monitoring tool, locate the PID of the process you wish to inspect. In the example below, we've located the PID for the running process for Microsoft Edge to be 2260. The PID will be used in the next step. 
 	![Using Task Manager to locate the process ID - PID.](../images/appid-pid-task-mgr.png)
@ -51,6 +51,6 @@ After verifying the policy has been deployed, the next step is to verify that th
 	![Attach to the process using WinDbg.](../images/appid-pid-windbg.png)
-	Lastly, in the textbox, type _!token_ and hit enter to dump the security attributes on the process, including the _POLICYAPPID://_ followed by the key you set in the policy, and its corresponding value in the Value[0] field.
+	Lastly, in the textbox, type `!token` and then press the Enter key to dump the security attributes on the process, including the _POLICYAPPID://_ followed by the key you set in the policy, and its corresponding value in the Value[0] field.
 	![Dump the security attributes on the process using WinDbg.](../images/appid-pid-windbg-token.png)