deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 13:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/brbrahm/windows-docs-pr

Browse Source
This commit is contained in:
Bella Brahm 2019-10-24 17:02:37 -07:00
commit 40b1776322
3 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
View File

@ -1,6 +1,9 @@
---
title: Microsoft recommended block rules (Windows 10)
<<<<<<< HEAD
description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Control, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies.
=======
description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Comntrol, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies.
keywords: whitelisting, security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: w10

3
windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md
View File

@ -104,9 +104,6 @@ Modern apps are not supported with the ISG heuristic and will need to be separat
The ISG heuristic does not authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run.
In some cases, the code integrity logs where WDAC errors and warnings are written will contain error events for native images generated for .NET assemblies. Typically, the error is functionally benign as a blocked native image will result in the corresponding assembly being re-interpreted. Review for functionality and performance for the related applications using the native images maybe necessary in some cases.
<<<<<<< HEAD
>[!NOTE]
> A rule that explicitly allows an application will take precedence over the ISG rule that does not allow it. In this scenario, this policy is not compatible with Intune, where there is no option to add rules to the template that enables ISG. In most circumstances you would need to build a custom WDAC policy, including ISG if desired.
=======
>>>>>>> Update WDAC metadata

5
windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md
View File

@ -37,8 +37,3 @@ This guide covers design and planning for Windows Defender Application Control (
| [Create your WDAC planning document](create-your-windows-defender-application-control-planning-document.md) | This planning topic summarizes the information you need to research and include in your planning document. |
After planning is complete, the next step is to deploy WDAC. The [Windows Defender Application Control Deployment Guide](windows-defender-application-control-deployment-guide.md) covers the creation and testing of policies, deploying the enforcement setting, and managing and maintaining the policies.
<<<<<<< HEAD
=======
 
>>>>>>> Update WDAC metadata