deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

typo fixes

Browse Source
This commit is contained in:
Iaan D'Souza-Wiltshire 2017-11-01 14:14:19 -07:00
parent d635a49265
commit 46e6b279ae
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
View File

@ -28,7 +28,7 @@ ms.date: 08/25/2017
- Enterprise security administrators
You can enable each of the features of Windows Defender Explot Guard in audit mode. This lets you see a record of what *would* have happened if you had enabled the feature.
You can enable each of the features of Windows Defender Exploit Guard in audit mode. This lets you see a record of what *would* have happened if you had enabled the feature.
You might want to do this when testing how the feature will work in your organization, to ensure it doesn't affect your line-of-business apps, and to get an idea of how many suspicious file modification attempts generally occur over a certain period.
@ -58,7 +58,7 @@ You can also use the a custom PowerShell script that enables the features in aud
2. Right-click **Windows PowerShell**, click **Run as administrator** and click **Yes** or enter admin credentials at the prompt.
3. Enter the following in the PowerShell window to enable Controlled folder access and Attack surface reduction in audie mode:
3. Enter the following in the PowerShell window to enable Controlled folder access and Attack surface reduction in audit mode:
```PowerShell
Set-ExecutionPolicy Bypass -Force
<location>\Enable-ExploitGuardAuditMode.ps1

2
windows/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md
View File

@ -86,7 +86,7 @@ Audit mode allows the rule to report as if it actually blocked the file or proce
If you've tested the rule with the demo tool and with audit mode, and ASR is working on pre-configured scenarios, but the rule is not working as expected, proceed to either of the following sections based on your situation:
1. If the ASR rule is blocking something that it should not block (also known as a false positive), you can [first add an ASR exclusion](#add-exclusions-for-a-false-positive).
2. If the ASR rule is not blocking something that it should block (also known as a false negative), you can proceed immeidately to the last step, [collecting diagnostic data and submitting the issue to us](#collect-diagnostic-data).
2. If the ASR rule is not blocking something that it should block (also known as a false negative), you can proceed immediately to the last step, [collecting diagnostic data and submitting the issue to us](#collect-diagnostic-data).
## Add exclusions for a false positive