deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 00:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md

Browse Source 
Co-authored-by: Jordan Geurten <jjgeurte@edu.uwaterloo.ca>
This commit is contained in:
Joe Henry 2021-12-02 11:36:38 -05:00 committed by GitHub
parent cf073cb6eb
commit 0c1cd4d0ce
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
View File

@ -42,7 +42,7 @@ To create effective WDAC deny policies, it is crucial to understand how WDAC par
4. Lastly, WDAC will call the Intelligent Security Graph (ISG) to get reputation on file, if the policy has support for the ISG.
Explicit allow and deny rules encompass rules at any level (e.g. has rules, signer rules path rules, attritbute rules or package family name rules). If there is an explicit deny rule, WDAC does not process any other rules, meaning a deny rule always takes precedence in the case where a deny and allow rule would be at odds.
Explicit allow and deny rules encompass rules at any level (e.g. hash rules, signer rules path rules, attribute rules or package family name rules). If there is an explicit deny rule, WDAC does not process any other rules, meaning a deny rule always takes precedence in the case where a deny and allow rule would be at odds.
## Interaction with Existing Policies
### Adding Allow Rules