Added PowerShell cmdlet.

windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md

@@ -102,14 +102,19 @@ For information about enabling ASR rules and setting exclusions in SCCM, see [Cr
     Set-MpPreference -AttackSurfaceReductionRules_Ids <rule ID> -AttackSurfaceReductionRules_Actions Enabled
     ```
 
-You can enable the feature in audit mode using the following cmdlet:
+To enable ASR rules in audit mode, use the following cmdlet:
 
 ```PowerShell
 Add-MpPreference -AttackSurfaceReductionRules_Ids <rule ID> -AttackSurfaceReductionRules_Actions AuditMode
 ```
-Use `Disabled` insead of `AuditMode` or `Enabled` to turn the feature off.
 
->[!IMPORTANT>
+To turn off ASR rules, use the following cmdlet:
+
+```PowerShell
+Add-MpPreference -AttackSurfaceReductionRules_Ids <rule ID> -AttackSurfaceReductionRules_Actions Disabled
+```
+
+>[!IMPORTANT]
 >You must specify the state individually for each rule, but you can combine rules and states in a comma-separated list. 
 >
 >In the following example, the first two rules will be enabled, the third rule will be disabled, and the fourth rule will be enabled in audit mode:
@@ -124,7 +129,7 @@ You can also the `Add-MpPreference` PowerShell verb to add new rules to the exis
 >`Set-MpPreference` will always overwrite the existing set of rules. If you want to add to the existing set, you should use `Add-MpPreference` instead.
 >You can obtain a list of rules and their current state by using `Get-MpPreference`
 
-3. To exclude files and folders from ASR rules, enter the following cmdlet:
+3. To exclude files and folders from ASR rules, use the following cmdlet:
 
     ```PowerShell
     Add-MpPreference -AttackSurfaceReductionOnlyExclusions "<fully qualified path or resource>"