From 3eaad007745bfacf3776c2cb18ddb9fdddbeca23 Mon Sep 17 00:00:00 2001
From: Gitprakhar13 <45089022+Gitprakhar13@users.noreply.github.com>
Date: Tue, 25 Oct 2022 14:07:09 -0700
Subject: [PATCH] updated page to fix broken link and missing info

updated page to fix broken link and missing info
---
 .../client-management/mdm/healthattestation-csp.md   | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/healthattestation-csp.md b/windows/client-management/mdm/healthattestation-csp.md
index f4b7d29d2e..c65ce6cf0a 100644
--- a/windows/client-management/mdm/healthattestation-csp.md
+++ b/windows/client-management/mdm/healthattestation-csp.md
@@ -265,7 +265,7 @@ calls between client and MAA and for each call the GUID is separated by semicolo
 
 ### MAA CSP Integration Steps
 
-1. Set up a MAA provider instance: MAA instance can be created following the steps at [Quickstart: Set up Azure Attestation by using the Azure portal](/azure/attestation/quickstart-portal].
+1. Set up a MAA provider instance: MAA instance can be created following the steps at [Quickstart: Set up Azure Attestation by using the Azure portal](/azure/attestation/quickstart-portal).
 
 2. Update the provider with an appropriate policy: The MAA instance should be updated with an appropriate policy. For more information, see [How to author an Azure Attestation policy](/azure/attestation/claim-rule-grammar).
 
@@ -933,6 +933,16 @@ If DEPPolicy = 0 (Off), then take one of the following actions that align with y
 - Allow conditional access based on other data points that are present at evaluation time. For example, other attributes on the health certificate, or a device's past activities and trust history.
 - Take one of the previous actions and additionally place the device in a watch list to monitor the device more closely for potential risks.
 
+DEP policy evaluation is a non binary status when queried. It is then mapped to an On/Off state.
+
+|DEP Policy level |Description | Attestation Reported Level | Property Value |
+|--------------|-----------|------------|-------------|
+|OptIn(Default Configuration) |Only Windows system components and services have DEP applied | 0 | 2 |
+|OptOut |DEP is enabled for all processes.Administrators can manually create a list of specific applications that do not have DEP applied. | 1 | 3 |
+|AlwaysOn |DEP is enabled for all processess. | 3 | 1 |
+|AlwaysOff |DEP is not enabled for any process. | 2 | 0 |
+
+
 <a href="" id="bitlockerstatus"></a>**BitLockerStatus** (at boot time)
 
 When BitLocker is reported "on" at boot time, the device is able to protect data that is stored on the drive from unauthorized access, when the system is turned off or goes to hibernation.