diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index 1091223def..a2392e3e3c 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -49,19 +49,21 @@ You can use Group Policy to enable Windows Defender Credential Guard. This will
 
 To enforce processing of the group policy, you can run `gpupdate /force`.
 
-### Enable Windows Defender Credential Guard by using Intune
+### Enable Windows Defender Credential Guard by using Microsoft Endpoint Manager
 
-1. From **Home**, select **Microsoft Intune**.
+1. From **Microsoft Endpoint Manager admin center**, select **Devices**.
 
-1. Select **Device configuration**.
+1. Select **Configuration Profiles**.
 
-1. Select **Profiles** > **Create Profile** > **Endpoint protection** > **Windows Defender Credential Guard**.
+1. Select  **Create Profile** > **Windows 10 and later** > **Settings catalog** > **Create**.
 
-   > [!NOTE]
-   > It will enable VBS and Secure Boot and you can do it with or without UEFI Lock. If you will need to disable Credential Guard remotely, enable it without UEFI lock.
+   1. Configuration settings: In the settings picker select **Device Guard** as category and add the needed settings.
+
+> [!NOTE]
+> Enable VBS and Secure Boot and you can do it with or without UEFI Lock. If you will need to disable Credential Guard remotely, enable it without UEFI lock.
 
 > [!TIP]
-> You can also configure Credential Guard by using an account protection profile in endpoint security. For more information, see [Account protection policy settings for endpoint security in Intune](/mem/intune/protect/endpoint-security-account-protection-profile-settings).
+> You can also configure Credential Guard by using an account protection profile in endpoint security. For more information, see [Account protection policy settings for endpoint security in Microsoft Endpoint Manager](/mem/intune/protect/endpoint-security-account-protection-profile-settings).
 
 ### Enable Windows Defender Credential Guard by using the registry
 
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
index a0a8270da7..7cbaa1f1fc 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
@@ -23,6 +23,7 @@ ms.technology: windows-sec
 **Applies to**
 
 - Windows 10
+- Windows 11
 
 This reference topic describes the common scenarios, architecture, and processes for security settings.
 
@@ -44,7 +45,7 @@ For more info about managing security configurations, see [Administer security p
 
 The Security Settings extension of the Local Group Policy Editor includes the following types of security policies:
 
-- **Account Policies.** These polices are defined on devices; they affect how user accounts can interact with the computer or domain. Account policies include the following types of policies:
+- **Account Policies.** These policies are defined on devices; they affect how user accounts can interact with the computer or domain. Account policies include the following types of policies:
 
   - **Password Policy.** These policies determine settings for passwords, such as enforcement and lifetimes. Password policies are used for domain accounts.
   - **Account Lockout Policy.** These policies determine the conditions and length of time that an account will be locked out of the system. Account lockout policies are used for domain or local user accounts.
@@ -119,7 +120,7 @@ For devices that are members of a Windows Server 2008 or later domain, securit
 
 - **Local Security Authority (LSA)**
 
-  A protected subsystem that authenticates and logs users onto the local system. LSA also maintains information about all aspects of local security on a system, collectively known as the Local Security Policy of the system.
+  A protected subsystem that authenticates and logs on users to the local system. LSA also maintains information about all aspects of local security on a system, collectively known as the Local Security Policy of the system.
 
 - **Windows Management Instrumentation (WMI)**
 
@@ -296,7 +297,7 @@ Group Policy settings are processed in the following order:
 
 1. **Domain.**
 
-   Processing of multiple domain-linked Group Policy Objects is synchronous and in an order you speciy.
+   Processing of multiple domain-linked Group Policy Objects is synchronous and in an order you specify.
 
 1. **Organizational units.**
 
@@ -404,4 +405,4 @@ To ensure that data is copied correctly, you can use Group Policy Management Con
 | - | - |
 | [Administer security policy settings](administer-security-policy-settings.md) | This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization.|
 | [Configure security policy settings](how-to-configure-security-policy-settings.md) | Describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a domain controller.|
-| [Security policy settings reference](security-policy-settings-reference.md) | This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations.|
\ No newline at end of file
+| [Security policy settings reference](security-policy-settings-reference.md) | This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations.|
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
index 5c09c86d2e..6921eeb8f7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
@@ -40,12 +40,9 @@ The following table lists the default rules that are available for the DLL rule
 
 | Purpose | Name | User | Rule condition type |
 | - | - | - | - |
-| Allows members of the local Administrators group to run all DLLs | (Default Rule) All DLLs| 
-| BUILTIN\Administrators | Path: *| 
-| Allow all users to run DLLs in the Windows folder| (Default Rule) Microsoft Windows DLLs | 
-| Everyone | Path: %windir%\*| 
-| Allow all users to run DLLs in the Program Files folder | (Default Rule) All DLLs located in the Program Files folder| 
-| Everyone | Path: %programfiles%\*| 
+| Allows members of the local Administrators group to run all DLLs | (Default Rule) All DLLs| BUILTIN\Administrators | Path: *| 
+| Allow all users to run DLLs in the Windows folder| (Default Rule) Microsoft Windows DLLs | Everyone | Path: %windir%\*| 
+| Allow all users to run DLLs in the Program Files folder | (Default Rule) All DLLs located in the Program Files folder| Everyone | Path: %programfiles%\*| 
  
 > [!IMPORTANT]
 > If you use DLL rules, a DLL allow rule has to be created for each DLL that is used by all of the allowed apps