From 47fb2ce556c27358f8f5d54beeb00d0c53eeb5ee Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Tue, 27 Feb 2018 14:46:04 -0800
Subject: [PATCH] fixed links

---
 ...nder-application-control-management-processes.md | 13 ++++++-------
 .../windows-defender-exploit-guard/TOC.md           |  4 ++--
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md b/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md
index c341fd400b..41f09c0b09 100644
--- a/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md
+++ b/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md
@@ -23,7 +23,7 @@ This planning topic describes the Windows Defender Application Control (WDAC) po
 To complete this planning document, you should first complete the following steps:
 
 3.  [Select the types of rules to create](select-types-of-rules-to-create.md)
-5.  [Plan for AppLocker policy management](plan-windows-defender-application-control-management.md)
+5.  [Plan for WDAC policy management](plan-windows-defender-application-control-management.md)
 
 The three key areas to determine for WDAC policy management are:
 
@@ -75,7 +75,7 @@ The following table contains the added sample data that was collected when deter
 <td align="left"><p>C:\Program Files\Woodgrove\Teller.exe</p></td>
 <td align="left"><p>File is signed; create a publisher condition</p></td>
 <td align="left"><p>Allow</p></td>
-<td align="left"><p>Tellers-AppLockerTellerRules</p></td>
+<td align="left"><p>Tellers-WDACTellerRules</p></td>
 <td align="left"><p>Web help</p></td>
 </tr>
 <tr class="even">
@@ -142,7 +142,7 @@ The following two tables illustrate examples of documenting considerations to ma
 
 **Event processing policy**
 
-One discovery method for app usage is to set the AppLocker enforcement mode to **Audit only**. This will write events to the AppLocker logs, which can be managed and analyzed like other Windows logs. After apps have been identified, you can begin to develop policies regarding the processing and access to AppLocker events.
+One discovery method for app usage is to use Audit mode. This will write events to the CodeIntegrity log, which can be managed and analyzed like other Windows logs. 
 
 The following table is an example of what to consider and record.
 
@@ -157,7 +157,7 @@ The following table is an example of what to consider and record.
 <thead>
 <tr class="header">
 <th align="left">Business group</th>
-<th align="left">AppLocker event collection location</th>
+<th align="left">WDAC event collection location</th>
 <th align="left">Archival policy</th>
 <th align="left">Analyzed?</th>
 <th align="left">Security policy</th>
@@ -166,7 +166,7 @@ The following table is an example of what to consider and record.
 <tbody>
 <tr class="odd">
 <td align="left"><p>Bank Tellers</p></td>
-<td align="left"><p>Forwarded to: AppLocker Event Repository on srvBT093</p></td>
+<td align="left"><p>Forwarded to: CodeIntegrity Event Repository on srvBT093</p></td>
 <td align="left"><p>Standard</p></td>
 <td align="left"><p>None</p></td>
 <td align="left"><p>Standard</p></td>
@@ -229,5 +229,4 @@ The following table is an example of what to consider and record.
  
 ## Next steps
 
-After you have determined your application control management strategy for each of the business group's applications, the following task remains:
--   [Create your AppLocker planning document](create-your-applocker-planning-document.md)
+After you determine your application control management strategy for each business group, [create your WDAC planning document](create-your-windows-defender-application-control-planning-document.md).
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md b/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md
index 444d5f66b5..bb988c8373 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/TOC.md
@@ -11,8 +11,8 @@
 ### [Customize Exploit protection](customize-exploit-protection.md)
 #### [Import, export, and deploy Exploit protection configurations](import-export-exploit-protection-emet-xml.md)
 ### [Memory integrity](memory-integrity.md)
-#### [Requirements and deployment planning guidelines for virtualization-based protection of code integrity](device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md)
-#### [Enable virtualization-based protection of code integrity](device-guard/deploy-device-guard-enable-virtualization-based-security.md)
+#### [Requirements and deployment planning guidelines for virtualization-based protection of code integrity](./device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md)
+#### [Enable virtualization-based protection of code integrity](./device-guard/deploy-device-guard-enable-virtualization-based-security.md)
 ## [Attack surface reduction](attack-surface-reduction-exploit-guard.md)
 ### [Evaluate Attack surface reduction](evaluate-attack-surface-reduction.md)
 ### [Enable Attack surface reduction](enable-attack-surface-reduction.md)