From e50af964ee9e213780dd45077c28207851567df6 Mon Sep 17 00:00:00 2001
From: illfated <illfated@users.noreply.github.com>
Date: Sat, 11 Apr 2020 22:47:14 +0200
Subject: [PATCH 01/25] Applies to: Windows 10, Windows Server 2019

As per issue ticket #6441 (Supported windows versions are not valid),
this article incorrectly lists both deprecated and outdated OS
versions, both for Server and Client computers. The article itself
states that this policy was introduced in Windows 10, version 1703.

Thanks to yogeshasalkar for reporting this issue.

Changes proposed:
- Change the "Applies to" section to only Windows 10 and Server 2019
- Remove redundant end-of-line whitespace from 3 lines.

Ticket closure or reference:

Closes #6441
---
 .../interactive-logon-dont-display-username-at-sign-in.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
index e1d64c8cfd..84ae5e963d 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
@@ -2,7 +2,7 @@
 title: Interactive logon Don't display username at sign-in (Windows 10)
 description: Describes the best practices, location, values, and security considerations for the Interactive logon Don't display username at sign-in security policy setting.
 ms.assetid: 98b24b03-95fe-4edc-8e97-cbdaa8e314fd
-ms.reviewer: 
+ms.reviewer:
 ms.author: dansimp
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -20,9 +20,9 @@ ms.date: 04/19/2017
 # Interactive logon: Don't display username at sign-in
 
 **Applies to**
--   Windows Server 2003, Windows Vista, Windows XP, Windows Server 2008, Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012, Windows 8, Windows 10
+- Windows 10, Windows Server 2019
 
-Describes the best practices, location, values, and security considerations for the **Interactive logon: Don't display username at sign-in** security policy setting. 
+Describes the best practices, location, values, and security considerations for the **Interactive logon: Don't display username at sign-in** security policy setting.
 
 ## Reference
 
@@ -56,7 +56,7 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec
 | Domain controller effective default settings | Not defined|
 | Member server effective default settings | Not defined|
 | Effective GPO default settings on client computers | Not defined|
- 
+
 ## Policy management
 
 This section describes features and tools that are available to help you manage this policy.

From f5034fb18403432c8045d522913f386827bfa5f7 Mon Sep 17 00:00:00 2001
From: Rick Munck <33725928+jmunck@users.noreply.github.com>
Date: Mon, 13 Apr 2020 09:01:39 -0500
Subject: [PATCH 02/25] Update windows-security-baselines.md

Updated links to the Blog and Community
---
 .../security/threat-protection/windows-security-baselines.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 48bfb00d06..060257832a 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -64,7 +64,7 @@ The security baselines are included in the [Security Compliance Toolkit (SCT)](s
 
 ## Community
 
-[![Microsoft Security Guidance Blog](images/community.png)](https://blogs.technet.microsoft.com/secguide/) 
+[![Microsoft Security Guidance Blog](images/community.png)](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bd-p/Security-Baselines) 
 
 ## Related Videos
 
@@ -76,6 +76,6 @@ You may also be interested in this msdn channel 9 video:
 -   [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 -   [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
 -   [Configuration Management for Nano Server](https://blogs.technet.microsoft.com/grouppolicy/2016/05/09/configuration-management-on-servers/)
--   [Microsoft Security Guidance Blog](https://blogs.technet.microsoft.com/secguide/)
+-   [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
 -   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
 -   [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319) 

From ad8008fa5eb3188c0cbc1a6d0773fef405958a8a Mon Sep 17 00:00:00 2001
From: Rick Munck <33725928+jmunck@users.noreply.github.com>
Date: Mon, 13 Apr 2020 12:55:21 -0500
Subject: [PATCH 03/25] Update
 windows/security/threat-protection/windows-security-baselines.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../security/threat-protection/windows-security-baselines.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 060257832a..9520338818 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -75,7 +75,7 @@ You may also be interested in this msdn channel 9 video:
 
 -   [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 -   [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
--   [Configuration Management for Nano Server](https://blogs.technet.microsoft.com/grouppolicy/2016/05/09/configuration-management-on-servers/)
+- [Configuration Management for Nano Server](https://docs.microsoft.com/archive/blogs/grouppolicy/configuration-management-on-servers/)
 -   [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
 -   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
 -   [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319) 

From 5af95cd6dae7c94e435f9de936eced6ec6b54e28 Mon Sep 17 00:00:00 2001
From: Rick Munck <33725928+jmunck@users.noreply.github.com>
Date: Mon, 13 Apr 2020 13:16:39 -0500
Subject: [PATCH 04/25] Update
 windows/security/threat-protection/windows-security-baselines.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../security/threat-protection/windows-security-baselines.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 9520338818..4ed9d4f9e8 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -73,8 +73,8 @@ You may also be interested in this msdn channel 9 video:
 
 ## See Also
 
--   [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
--   [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
+- [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
+- [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
 - [Configuration Management for Nano Server](https://docs.microsoft.com/archive/blogs/grouppolicy/configuration-management-on-servers/)
 -   [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
 -   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)

From 9696af861e0037f7125a4e61c2ba775130a2df88 Mon Sep 17 00:00:00 2001
From: Rona Song <38082753+qrscharmed@users.noreply.github.com>
Date: Mon, 13 Apr 2020 15:54:09 -0700
Subject: [PATCH 05/25] Update reqs-wd-app-guard.md

Removing:

|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit protection** > **Exploit protection settings** > **System Settings**.<br><br>**Control flow guard (CFG)** must be set to **Use default (On)** or **Off by default**. If set to **On by default**, [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard) will not launch.<br><br>**Randomize memory allocations (Bottom-up ASLR)** must be set to **Use default (On)** or **Off by default**. If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.|
---
 .../windows-defender-application-guard/reqs-wd-app-guard.md      | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
index 5c81b7eb36..ca449ea92c 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
@@ -42,4 +42,3 @@ Your environment needs the following software to run Windows Defender Applicatio
 |Operating system|Windows 10 Enterprise edition, version 1709 or higher<br>Windows 10 Professional edition, version 1803 or higher<br>Windows 10 Professional for Workstations edition, version 1803 or higher<br>Windows 10 Professional Education edition version 1803 or higher<br>Windows 10 Education edition, version 1903 or higher<br>Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. |
 |Browser|Microsoft Edge and Internet Explorer|
 |Management system<br> (only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)<br><br>**-OR-**<br><br>[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)<br><br>**-OR-**<br><br>[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)<br><br>**-OR-**<br><br>Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.|
-|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit protection** > **Exploit protection settings** > **System Settings**.<br><br>**Control flow guard (CFG)** must be set to **Use default (On)** or **Off by default**. If set to **On by default**, [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard) will not launch.<br><br>**Randomize memory allocations (Bottom-up ASLR)** must be set to **Use default (On)** or **Off by default**. If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.|

From ba64f0e083002d642abfa126d0c9ae5e05dc8631 Mon Sep 17 00:00:00 2001
From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com>
Date: Tue, 14 Apr 2020 06:59:51 -0700
Subject: [PATCH 06/25] Fixed Warning line 43 > string

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 03b72907ac..eadc81def6 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -40,7 +40,7 @@ Microsoft provides a [Windows Restricted Traffic Limited Functionality Baseline]
 >Regarding the Windows Restricted Traffic Limited Functionality Baseline, the 1903 settings (folder) are applicable to 1909 Windows >Enterprise devices. There were no additional settings required for the 1909 release.
 
 >[!Warning] 
->If a user executes the "Reset this PC" command (Settings -> Update & Security -> Recovery) with the "Keep my files" option (or the >"Remove Everything" option) the Windows Restricted Traffic Limited Functionality Baseline settings will need to be re-applied in order >re-restrict the device. Egress traffic may occur prior to the re-application of the Restricted Traffic Limited Functionality Baseline >settings.
+>If a user executes the **Reset this PC** command (Settings -> Update & Security -> Recovery) with the **Keep my files option** (or the **Remove Everything** option) the Windows Restricted Traffic Limited Functionality Baseline settings will need to be re-applied in order to re-restrict the device. Egress traffic may occur prior to the re-application of the Restricted Traffic Limited Functionality Baseline settings.
 
 To use Microsoft Intune cloud based device management for restricting traffic please refer to the [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)
 

From fc97842bd9dd03f94e829c1536fb3ab2cc1a001e Mon Sep 17 00:00:00 2001
From: Jordan Geurten <jogeurte@microsoft.com>
Date: Tue, 14 Apr 2020 10:29:11 -0700
Subject: [PATCH 07/25] Fixed the error in filename rules. Also added example.

---
 .../select-types-of-rules-to-create.md                        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index c8e505e884..ab45f10ade 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -129,9 +129,9 @@ Wildcards can be used at the beginning or end of a path rule; only one wildcard
 
 ## Windows Defender Application Control filename rules
 
-File name rule levels provide administrators to specify the file attributes off which to base a file name rule. File name rules do not provide the same security guarantees that explicit signer rules do, as they are based on mutable access permissions. Specification of the file name level occurs when creating new policy rules. In addition, to combine file name levels found in multiple policies, you can merge multiple policies. 
+File name rule levels provide administrators to specify the file attributes off which to base a file name rule. File name rules provide the same security guarantees that explicit signer rules do, as they are based on non-mutable file attributes. Specification of the file name level occurs when creating new policy rules. In addition, to combine file name levels found in multiple policies, you can merge multiple policies. 
 
-Use Table 3 to select the appropriate file name level for your available administrative resources and Windows Defender Application Control deployment scenario.
+Use Table 3 to select the appropriate file name level for your available administrative resources and Windows Defender Application Control deployment scenario. For instance, an LOB or production application and its binaries (eg. DLLs) may all share the same product name. This allows users to easily create targeted policies based on the Product Name filename rule level.  
 
 **Table 3. Windows Defender Application Control policy - filename levels**
 

From 04cfd5f60fb1a0bbb40260e69d3b2e6ee6702c17 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Wed, 15 Apr 2020 11:41:51 -0700
Subject: [PATCH 08/25] Update surface-pro-arm-app-management.md

---
 devices/surface/surface-pro-arm-app-management.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/devices/surface/surface-pro-arm-app-management.md b/devices/surface/surface-pro-arm-app-management.md
index fd98f72368..2ba2628778 100644
--- a/devices/surface/surface-pro-arm-app-management.md
+++ b/devices/surface/surface-pro-arm-app-management.md
@@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 1/22/2020
+ms.date: 4/15/2020
 ms.reviewer: jessko
 manager: dansimp
 ms.audience: itpro
@@ -44,7 +44,7 @@ Microsoft Deployment Toolkit (MDT) and Microsoft Endpoint Configuration Manager
 
 A component of Microsoft Enterprise Mobility + Security, Intune integrates with Azure Active Directory for identity and access control and provides granular management of enrolled Surface Pro X devices. Intune mobile device management (MDM) policies have a number of advantages over older on-premises tools such as Windows Group Policy. This includes faster device login times and a more streamlined catalog of policies enabling full device management from the cloud. For example, you can manage LTE using eSIM profiles to configure data plans and deploy activation codes to multiple devices.<br> 
 
-For more information about setting up Intune, refer to the [Intune documentation](https://docs.microsoft.com/intune/).
+For more information about using Intune, refer to the [Intune documentation](https://docs.microsoft.com/intune/).
 
 ### Co-management
 
@@ -109,9 +109,9 @@ Popular browsers run on Surface Pro X:
 ## Installing and using Microsoft Office
 
 - Use Office 365 for the best experience on a Windows 10 PC on an ARM-based processor.
-- Office 365 “click-to-run” installs Outlook, Word, Excel, and PowerPoint, optimized to run on a Windows 10 PC on an ARM-based processor.
+- Office 365 "click-to-run" installs Outlook, Word, Excel, and PowerPoint, optimized to run on a Windows 10 PC on an ARM-based processor.
 - Microsoft Teams runs great on Surface Pro X.
-- For “perpetual versions” of Office such as Office 2019, install the 32-bit version.
+- For "perpetual versions" of Office such as Office 2019, install the 32-bit version.
 
 ## VPN
 

From a1a1fc928482ad5108a899b484afbc06aa554ab4 Mon Sep 17 00:00:00 2001
From: amirsc3 <42802974+amirsc3@users.noreply.github.com>
Date: Thu, 16 Apr 2020 21:25:15 +0300
Subject: [PATCH 09/25] Update configure-endpoints-vdi.md

Proposing minor adjustments
---
 .../microsoft-defender-atp/configure-endpoints-vdi.md      | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 121fd50e7c..e4551828c9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -111,11 +111,14 @@ For more information on DISM commands and offline servicing, please refer to the
 - [DISM Image Management Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14)
 - [Reduce the Size of the Component Store in an Offline Windows Image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/reduce-the-size-of-the-component-store-in-an-offline-windows-image)
 
-- If offline servicing is not a viable option for your non-persistent VDI environment, then the following steps should be taken to ensure consistency and sensor health:
+If offline servicing is not a viable option for your non-persistent VDI environment, then the following steps should be taken to ensure consistency and sensor health:
 
 1. After booting the master image for online servicing or patching, run an offboarding script to turn off the Microsoft Defender ATP sensor. For more information, see [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script).
 
-2. Ensure the sensor is off by running 'sc query sense'.
+2. Ensure the sensor is 'STOPPED' by running the command below in CMD window:
+```
+sc query sense
+```
 
 3. Service the image as needed.
 

From bb15f02474593626e8eddea1cbc58ce4f8d52544 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Thu, 16 Apr 2020 11:44:54 -0700
Subject: [PATCH 10/25] Update configure-endpoints-vdi.md

---
 .../microsoft-defender-atp/configure-endpoints-vdi.md         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index e4551828c9..455785a8c3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -15,7 +15,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 04/24/2018
+ms.date: 04/16/2020
 ---
 
 # Onboard non-persistent virtual desktop infrastructure (VDI) machines
@@ -115,7 +115,7 @@ If offline servicing is not a viable option for your non-persistent VDI environm
 
 1. After booting the master image for online servicing or patching, run an offboarding script to turn off the Microsoft Defender ATP sensor. For more information, see [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script).
 
-2. Ensure the sensor is 'STOPPED' by running the command below in CMD window:
+2. Ensure the sensor is stopped by running the command below in CMD window:
 ```
 sc query sense
 ```

From 112625a19ac56f854e6448cee060427747b1c019 Mon Sep 17 00:00:00 2001
From: Jreeds001 <v-jefree@microsoft.com>
Date: Thu, 16 Apr 2020 11:45:29 -0700
Subject: [PATCH 11/25] Update windows-defender-smartscreen-overview.md

---
 .../windows-defender-smartscreen-overview.md  | 56 +++++++++----------
 1 file changed, 28 insertions(+), 28 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
index 061727134b..d6fb411a83 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
@@ -1,7 +1,7 @@
 ---
-title: Windows Defender SmartScreen overview (Windows 10)
-description: Conceptual info about Windows Defender SmartScreen.
-keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
+title: Microsoft Defender SmartScreen overview (Windows 10)
+description: Conceptual info about Microsoft Defender SmartScreen.
+keywords: SmartScreen Filter, Windows SmartScreen, Microsoft Defender SmartScreen
 ms.prod: w10
 ms.mktglfcycl: explore
 ms.sitesec: library
@@ -15,7 +15,7 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Windows Defender SmartScreen
+# Microsoft Defender SmartScreen
 
 **Applies to:**
 
@@ -23,53 +23,53 @@ manager: dansimp
 - Windows 10 Mobile
 - Microsoft Edge
 
-Windows Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
+Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
 
-**Windows Defender SmartScreen determines whether a site is potentially malicious by:**
+**Microsoft Defender SmartScreen determines whether a site is potentially malicious by:**
 
-- Analyzing visited webpages looking for indications of suspicious behavior. If Windows Defender SmartScreen determines that a page is suspicious, it will show a warning page to advise caution.
+- Analyzing visited webpages looking for indications of suspicious behavior. If Microsoft Defender SmartScreen determines that a page is suspicious, it will show a warning page to advise caution.
 
-- Checking the visited sites against a dynamic list of reported phishing sites and malicious software sites. If it finds a match, Windows Defender SmartScreen shows a warning to let the user know that the site might be malicious.
+- Checking the visited sites against a dynamic list of reported phishing sites and malicious software sites. If it finds a match, Microsoft Defender SmartScreen shows a warning to let the user know that the site might be malicious.
 
-**Windows Defender SmartScreen determines whether a downloaded app or app installer is potentially malicious by:**
+**Microsoft Defender SmartScreen determines whether a downloaded app or app installer is potentially malicious by:**
 
-- Checking downloaded files against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, Windows Defender SmartScreen shows a warning to let the user know that the site might be malicious.
+- Checking downloaded files against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, Microsoft Defender SmartScreen shows a warning to let the user know that the site might be malicious.
 
-- Checking downloaded files against a list of files that are well known and downloaded by many Windows users. If the file isn't on that list, Windows Defender SmartScreen shows a warning, advising caution.
+- Checking downloaded files against a list of files that are well known and downloaded by many Windows users. If the file isn't on that list, Microsoft Defender SmartScreen shows a warning, advising caution.
 
-## Benefits of Windows Defender SmartScreen
+## Benefits of Microsoft Defender SmartScreen
 
-Windows Defender SmartScreen provide an early warning system against websites that might engage in phishing attacks or attempt to distribute malware through a socially-engineered attack. The primary benefits are:
+Microsoft Defender SmartScreen provide an early warning system against websites that might engage in phishing attacks or attempt to distribute malware through a socially-engineered attack. The primary benefits are:
 
-- **Anti-phishing and anti-malware support.** Windows Defender SmartScreen helps to protect users from sites that are reported to host phishing attacks or attempt to distribute malicious software. It can also help protect against deceptive advertisements, scam sites, and drive-by attacks. Drive-by attacks are web-based attacks that tend to start on a trusted site, targeting security vulnerabilities in commonly used software. Because drive-by attacks can happen even if the user does not click or download anything on the page, the danger often goes unnoticed. For more info about drive-by attacks, see [Evolving Windows Defender SmartScreen to protect you from drive-by attacks](https://blogs.windows.com/msedgedev/2015/12/16/SmartScreen-drive-by-improvements/#3B7Bb8bzeAPq8hXE.97)
+- **Anti-phishing and anti-malware support.** Microsoft Defender SmartScreen helps to protect users from sites that are reported to host phishing attacks or attempt to distribute malicious software. It can also help protect against deceptive advertisements, scam sites, and drive-by attacks. Drive-by attacks are web-based attacks that tend to start on a trusted site, targeting security vulnerabilities in commonly used software. Because drive-by attacks can happen even if the user does not click or download anything on the page, the danger often goes unnoticed. For more info about drive-by attacks, see [Evolving Microsoft Defender SmartScreen to protect you from drive-by attacks](https://blogs.windows.com/msedgedev/2015/12/16/SmartScreen-drive-by-improvements/#3B7Bb8bzeAPq8hXE.97)
 
-- **Reputation-based URL and app protection.** Windows Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users won't see any warnings. If, however, there's no reputation, the item is marked as a higher risk and presents a warning to the user.
+- **Reputation-based URL and app protection.** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users won't see any warnings. If, however, there's no reputation, the item is marked as a higher risk and presents a warning to the user.
 
-- **Operating system integration.** Windows Defender SmartScreen is integrated into the Windows 10 operating system, meaning that it checks any files an app (including 3rd-party browsers and email clients) attempts to download and run.
+- **Operating system integration.** Microsoft Defender SmartScreen is integrated into the Windows 10 operating system, meaning that it checks any files an app (including 3rd-party browsers and email clients) attempts to download and run.
 
-- **Improved heuristics and diagnostic data.** Windows Defender SmartScreen is constantly learning and endeavoring to stay up-to-date, so it can help to protect you against potentially malicious sites and files.
+- **Improved heuristics and diagnostic data.** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up-to-date, so it can help to protect you against potentially malicious sites and files.
 
-- **Management through Group Policy and Microsoft Intune.** Windows Defender SmartScreen supports using both Group Policy and Microsoft Intune settings. For more info about all available settings, see [Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings](windows-defender-smartscreen-available-settings.md).
+- **Management through Group Policy and Microsoft Intune.** Microsoft Defender SmartScreen supports usfing both Group Policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings](windows-defender-smartscreen-available-settings.md).
 
 - **Blocking URLs associated with potentially unwanted applications.** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](../windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md).
 
 > [!IMPORTANT]
 > SmartScreen protects against malicious files from the internet. It does not protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares.
 
-## Submit files to Windows Defender SmartScreen for review
+## Submit files to Microsoft Defender SmartScreen for review
 
 If you believe a warning or block was incorrectly shown for a file or application, or if you believe an undetected file is malware, you can [submit a file](https://www.microsoft.com/wdsi/filesubmission/) to Microsoft for review. For more info, see [Submit files for analysis](https://docs.microsoft.com/windows/security/threat-protection/intelligence/submission-guide). 
 
 When submitting Microsoft Defender Smartscreen products, make sure to select **Microsoft Defender SmartScreen** from the product menu.
 
-![Windows Security, Windows Defender SmartScreen controls](images/Microsoft-defender-smartscreen-submission.png)
+![Windows Security, Microsoft Defender SmartScreen controls](images/Microsoft-defender-smartscreen-submission.png)
 
-## Viewing Windows Defender SmartScreen anti-phishing events
+## Viewing Microsoft Defender SmartScreen anti-phishing events
 
-When Windows Defender SmartScreen warns or blocks a user from a website, it's logged as [Event 1035 - Anti-Phishing](https://technet.microsoft.com/scriptcenter/dd565657(v=msdn.10).aspx).
+When Microsoft Defender SmartScreen warns or blocks a user from a website, it's logged as [Event 1035 - Anti-Phishing](https://technet.microsoft.com/scriptcenter/dd565657(v=msdn.10).aspx).
 
-## Viewing Windows event logs for Windows Defender SmartScreen
-Windows Defender SmartScreen events appear in the Microsoft-Windows-SmartScreen/Debug log in Event Viewer.
+## Viewing Windows event logs for Microsoft Defender SmartScreen
+Microsoft Defender SmartScreen events appear in the Microsoft-Windows-SmartScreen/Debug log in Event Viewer.
 
 Windows event log for SmartScreen is disabled by default, users can use Event Viewer UI to enable the log or use the command line to enable it:
 
@@ -83,10 +83,10 @@ wevtutil sl Microsoft-Windows-SmartScreen/Debug /e:true
 
 EventID | Description
 -|-
-1000 | Application Windows Defender SmartScreen Event
-1001 | Uri Windows Defender SmartScreen Event
-1002 | User Decision Windows Defender SmartScreen Event
+1000 | Application Microsoft Defender SmartScreen Event
+1001 | Uri Microsoft Defender SmartScreen Event
+1002 | User Decision Microsoft Defender SmartScreen Event
 
 ## Related topics
 - [Threat protection](../index.md)
-- [Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings)
+- [Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings)

From 87718feff4528a0a59982bdda483af19158829a5 Mon Sep 17 00:00:00 2001
From: Drew Baron <52174821+drewbaron-wifi@users.noreply.github.com>
Date: Thu, 16 Apr 2020 11:51:21 -0700
Subject: [PATCH 12/25] Update miracast-over-infrastructure.md

---
 devices/surface-hub/miracast-over-infrastructure.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/devices/surface-hub/miracast-over-infrastructure.md b/devices/surface-hub/miracast-over-infrastructure.md
index 0e871c1ca4..2bb6381924 100644
--- a/devices/surface-hub/miracast-over-infrastructure.md
+++ b/devices/surface-hub/miracast-over-infrastructure.md
@@ -41,7 +41,6 @@ If you have a Surface Hub or other Windows 10 device that has been updated to Wi
     - As a Miracast source, the Windows PC or phone must be connected to the same enterprise network via Ethernet or a secure Wi-Fi connection.
 - The DNS Hostname (device name) of the Surface Hub or device needs to be resolvable via your DNS servers. You can achieve this by either allowing your Surface Hub to register automatically via Dynamic DNS, or by manually creating an A or AAAA record for the Surface Hub's hostname. 
 - Windows 10 PCs must be connected to the same enterprise network via Ethernet or a secure Wi-Fi connection. 
-- On Windows 10 PCs, the **Projecting to this PC** feature must be enabled within System Settings, and the device must have a Wi-Fi interface enabled in order to respond to discovery requests. 
 
 
 It is important to note that Miracast over Infrastructure is not a replacement for standard Miracast. Instead, the functionality is complementary, and provides an advantage to users who are part of the enterprise network. Users who are guests to a particular location and don’t have access to the enterprise network will continue to connect using the Wi-Fi Direct connection method.

From 06891ea03d6148a9be281aec7161a1429e1ccbaf Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Thu, 16 Apr 2020 12:47:33 -0700
Subject: [PATCH 13/25] Update
 windows/security/threat-protection/windows-security-baselines.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../threat-protection/windows-security-baselines.md         | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md
index 4ed9d4f9e8..535af777d7 100644
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@@ -76,6 +76,6 @@ You may also be interested in this msdn channel 9 video:
 - [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
 - [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
 - [Configuration Management for Nano Server](https://docs.microsoft.com/archive/blogs/grouppolicy/configuration-management-on-servers/)
--   [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
--   [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
--   [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319) 
+- [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
+- [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
+- [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319) 

From a4de951e5d126aebec42e4267bbb18e2feca3ed0 Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Thu, 16 Apr 2020 12:48:56 -0700
Subject: [PATCH 14/25] Update
 windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/configure-endpoints-vdi.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 455785a8c3..776b06c87e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -111,7 +111,7 @@ For more information on DISM commands and offline servicing, please refer to the
 - [DISM Image Management Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/dism-image-management-command-line-options-s14)
 - [Reduce the Size of the Component Store in an Offline Windows Image](https://docs.microsoft.com/windows-hardware/manufacture/desktop/reduce-the-size-of-the-component-store-in-an-offline-windows-image)
 
-If offline servicing is not a viable option for your non-persistent VDI environment, then the following steps should be taken to ensure consistency and sensor health:
+If offline servicing is not a viable option for your non-persistent VDI environment, the following steps should be taken to ensure consistency and sensor health:
 
 1. After booting the master image for online servicing or patching, run an offboarding script to turn off the Microsoft Defender ATP sensor. For more information, see [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script).
 

From c7d6bda764f6b38fc0d1ff8284bd655a08d16f7e Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Thu, 16 Apr 2020 12:49:10 -0700
Subject: [PATCH 15/25] Update
 windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/configure-endpoints-vdi.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 776b06c87e..28deb56cbf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -115,7 +115,7 @@ If offline servicing is not a viable option for your non-persistent VDI environm
 
 1. After booting the master image for online servicing or patching, run an offboarding script to turn off the Microsoft Defender ATP sensor. For more information, see [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script).
 
-2. Ensure the sensor is stopped by running the command below in CMD window:
+2. Ensure the sensor is stopped by running the command below in a CMD window:
 ```
 sc query sense
 ```

From 47eb6206b1bce7f832940d2e81ebacbce9320948 Mon Sep 17 00:00:00 2001
From: Jreeds001 <v-jefree@microsoft.com>
Date: Thu, 16 Apr 2020 14:04:42 -0700
Subject: [PATCH 16/25] Update windows-defender-smartscreen-overview.md

---
 .../windows-defender-smartscreen-overview.md                | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
index d6fb411a83..2822f80344 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
@@ -83,9 +83,9 @@ wevtutil sl Microsoft-Windows-SmartScreen/Debug /e:true
 
 EventID | Description
 -|-
-1000 | Application Microsoft Defender SmartScreen Event
-1001 | Uri Microsoft Defender SmartScreen Event
-1002 | User Decision Microsoft Defender SmartScreen Event
+1000 | Application Windows Defender SmartScreen Event
+1001 | Uri Windows Defender SmartScreen Event
+1002 | User Decision Windows Defender SmartScreen Event
 
 ## Related topics
 - [Threat protection](../index.md)

From dfb6de199472ed3f37f317c45b943016d64ec973 Mon Sep 17 00:00:00 2001
From: Jreeds001 <v-jefree@microsoft.com>
Date: Thu, 16 Apr 2020 14:15:30 -0700
Subject: [PATCH 17/25] Update
 windows-defender-smartscreen-available-settings.md

---
 ...defender-smartscreen-available-settings.md | 58 +++++++++----------
 1 file changed, 29 insertions(+), 29 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
index 150df52cc5..8181c99856 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
@@ -1,7 +1,7 @@
 ---
-title: Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows 10)
-description: A list of all available settings for Windows Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
-keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
+title: Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows 10)
+description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
+keywords: SmartScreen Filter, Windows SmartScreen, Microsoft Defender SmartScreen
 ms.prod: w10
 ms.mktglfcycl: explore
 ms.sitesec: library
@@ -13,13 +13,13 @@ ms.reviewer:
 manager: dansimp
 ms.author: dansimp
 ---
-# Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings
+# Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
 **Applies to:**
 
 - Windows 10
 - Windows 10 Mobile
 
-Windows Defender SmartScreen works with Intune, Group Policy, and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Windows Defender SmartScreen, you can show employees a warning page and let them continue to the site, or you can block the site entirely.
+Microsoft Defender SmartScreen works with Intune, Group Policy, and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Microsoft Defender SmartScreen, you can show employees a warning page and let them continue to the site, or you can block the site entirely.
 
 See [Windows 10 (and later) settings to protect devices using Intune](https://docs.microsoft.com/intune/endpoint-protection-windows-10#windows-defender-smartscreen-settings) for the controls you can use in Intune.
 
@@ -35,7 +35,7 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor
 <tr>
 <td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<p><strong>Windows 10, Version 1607 and earlier:</strong><br>Administrative Templates\Windows Components\File Explorer\Configure Windows SmartScreen</td>
 <td>At least Windows Server 2012, Windows 8 or Windows RT</td>
-<td>This policy setting turns on Windows Defender SmartScreen.<p>If you enable this setting, it turns on Windows Defender SmartScreen and your employees are unable to turn it off. Additionally, when enabling this feature, you must also pick whether Windows Defender SmartScreen should Warn your employees or Warn and prevent bypassing the message (effectively blocking the employee from the site).<p>If you disable this setting, it turns off Windows Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Windows Defender SmartScreen.</td>
+<td>This policy setting turns on Microsoft Defender SmartScreen.<p>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off. Additionally, when enabling this feature, you must also pick whether Microsoft Defender SmartScreen should Warn your employees or Warn and prevent bypassing the message (effectively blocking the employee from the site).<p>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control</td>
@@ -45,38 +45,38 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor
 <tr>
 <td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen<p><strong>Windows 10, Version 1607 and earlier:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows SmartScreen</td>
 <td>Microsoft Edge on Windows 10 or later</td>
-<td>This policy setting turns on Windows Defender SmartScreen.<p>If you enable this setting, it turns on Windows Defender SmartScreen and your employees are unable to turn it off.<p>If you disable this setting, it turns off Windows Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Windows Defender SmartScreen.</td>
+<td>This policy setting turns on Microsoft Defender SmartScreen.<p>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off.<p>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files<p><strong>Windows 10, Version 1511 and 1607:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for files</td>
 <td>Microsoft Edge on Windows 10, version 1511 or later</td>
-<td>This policy setting stops employees from bypassing the Windows Defender SmartScreen warnings about potentially malicious files.<p>If you enable this setting, it stops employees from bypassing the warning, stopping the file download.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to download potentially malicious files.</td>
+<td>This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious files.<p>If you enable this setting, it stops employees from bypassing the warning, stopping the file download.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to download potentially malicious files.</td>
 </tr>
 <tr>
 <td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites<p><strong>Windows 10, Version 1511 and 1607:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for sites</td>
 <td>Microsoft Edge on Windows 10, version 1511 or later</td>
-<td>This policy setting stops employees from bypassing the Windows Defender SmartScreen warnings about potentially malicious sites.<p>If you enable this setting, it stops employees from bypassing the warning, stopping them from going to the site.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to visit a potentially malicious site.</td>
+<td>This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious sites.<p>If you enable this setting, it stops employees from bypassing the warning, stopping them from going to the site.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to visit a potentially malicious site.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Internet Explorer\Prevent managing SmartScreen Filter</td>
 <td>Internet Explorer 9 or later</td>
-<td>This policy setting prevents the employee from managing Windows Defender SmartScreen.<p>If you enable this policy setting, the employee isn't prompted to turn on Windows Defender SmartScreen. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the employee.<p>If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on Windows Defender SmartScreen during the first-run experience.</td>
+<td>This policy setting prevents the employee from managing Microsoft Defender SmartScreen.<p>If you enable this policy setting, the employee isn't prompted to turn on Microsoft Defender SmartScreen. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the employee.<p>If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on Microsoft Defender SmartScreen during the first-run experience.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings</td>
 <td>Internet Explorer 8 or later</td>
-<td>This policy setting determines whether an employee can bypass warnings from Windows Defender SmartScreen.<p>If you enable this policy setting, Windows Defender SmartScreen warnings block the employee.<p>If you disable or don't configure this policy setting, the employee can bypass Windows Defender SmartScreen warnings.</td>
+<td>This policy setting determines whether an employee can bypass warnings from Microsoft Defender SmartScreen.<p>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<p>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet</td>
 <td>Internet Explorer 9 or later</td>
-<td>This policy setting determines whether the employee can bypass warnings from Windows Defender SmartScreen. Windows Defender SmartScreen warns the employee about executable files that Internet Explorer users do not commonly download from the Internet.<p>If you enable this policy setting, Windows Defender SmartScreen warnings block the employee.<p>If you disable or don't configure this policy setting, the employee can bypass Windows Defender SmartScreen warnings.</td>
+<td>This policy setting determines whether the employee can bypass warnings from Microsoft Defender SmartScreen. Microsoft Defender SmartScreen warns the employee about executable files that Internet Explorer users do not commonly download from the Internet.<p>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<p>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.</td>
 </tr>
 </table>
 
 ## MDM settings
 If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support both desktop computers (running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune) and Windows 10 Mobile devices.  <br><br> 
-For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP - InternetExplorer](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer).
+For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP - InternetExplorer](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer).
 <table>
 <tr>
 <th align="left">Setting</th>
@@ -91,8 +91,8 @@ For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP
 <li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen</li>
 <li><strong>Data type.</strong> Integer</li>
 <li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Turns off Windows Defender SmartScreen in Edge.</li>
-<li><strong>1.</strong> Turns on Windows Defender SmartScreen in Edge.</li></ul></li></ul>
+<li><strong>0 .</strong> Turns off Microsoft Defender SmartScreen in Edge.</li>
+<li><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Edge.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -115,8 +115,8 @@ For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP
 <li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell</li>
 <li><strong>Data type.</strong> Integer</li>
 <li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Turns off Windows Defender SmartScreen in Windows for app and file execution.</li>
-<li><strong>1.</strong> Turns on Windows Defender SmartScreen in Windows for app and file execution.</li></ul></li></ul>
+<li><strong>0 .</strong> Turns off Microsoft Defender SmartScreen in Windows for app and file execution.</li>
+<li><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Windows for app and file execution.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -127,8 +127,8 @@ For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP
 <li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell</li>
 <li><strong>Data type.</strong> Integer</li>
 <li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Windows Defender SmartScreen warnings and run malicious files.</li>
-<li><strong>1.</strong> Employees can't ignore Windows Defender SmartScreen warnings and run malicious files.</li></ul></li></ul>
+<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.</li>
+<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -139,8 +139,8 @@ For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP
 <li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride</li>
 <li><strong>Data type.</strong> Integer</li>
 <li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Windows Defender SmartScreen warnings.</li>
-<li><strong>1.</strong> Employees can't ignore Windows Defender SmartScreen warnings.</li></ul></li></ul>
+<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings.</li>
+<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -151,16 +151,16 @@ For Windows Defender SmartScreen Internet Explorer MDM policies, see [Policy CSP
 <li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles</li>
 <li><strong>Data type.</strong> Integer</li>
 <li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Windows Defender SmartScreen warnings for files.</li>
-<li><strong>1.</strong> Employees can't ignore Windows Defender SmartScreen warnings for files.</li></ul></li></ul>
+<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings for files.</li>
+<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings for files.</li></ul></li></ul>
 </td>
 </tr>
 </table>
 
 ## Recommended Group Policy and MDM settings for your organization
-By default, Windows Defender SmartScreen lets employees bypass warnings. Unfortunately, this can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Windows Defender SmartScreen to block high-risk interactions instead of providing just a warning.
+By default, Microsoft Defender SmartScreen lets employees bypass warnings. Unfortunately, this can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Microsoft Defender SmartScreen to block high-risk interactions instead of providing just a warning.
 
-To better help you protect your organization, we recommend turning on and using these specific Windows Defender SmartScreen Group Policy and MDM settings.
+To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen Group Policy and MDM settings.
 <table>
 <tr>
 <th align="left">Group Policy setting</th>
@@ -168,7 +168,7 @@ To better help you protect your organization, we recommend turning on and using
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows Defender SmartScreen</td>
-<td><strong>Enable.</strong> Turns on Windows Defender SmartScreen.</td>
+<td><strong>Enable.</strong> Turns on Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites</td>
@@ -191,7 +191,7 @@ To better help you protect your organization, we recommend turning on and using
 </tr>
 <tr>
 <td>Browser/AllowSmartScreen</td>
-<td><strong>1.</strong> Turns on Windows Defender SmartScreen.</td>
+<td><strong>1.</strong> Turns on Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td>Browser/PreventSmartScreenPromptOverride</td>
@@ -203,7 +203,7 @@ To better help you protect your organization, we recommend turning on and using
 </tr>
 <tr>
 <td>SmartScreen/EnableSmartScreenInShell</td>
-<td><strong>1.</strong> Turns on Windows Defender SmartScreen in Windows.<p>Requires at least Windows 10, version 1703.</td>
+<td><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Windows.<p>Requires at least Windows 10, version 1703.</td>
 </tr>
 <tr>
 <td>SmartScreen/PreventOverrideForFilesInShell</td>
@@ -214,7 +214,7 @@ To better help you protect your organization, we recommend turning on and using
 ## Related topics
 - [Threat protection](../index.md)
 
-- [Windows Defender SmartScreen overview](windows-defender-smartscreen-overview.md)
+- [Microsoft Defender SmartScreen overview](windows-defender-smartscreen-overview.md)
 
 - [Available Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](/microsoft-edge/deploy/available-policies)
 

From 4559ab1e0a3389cc01a447b3d8f79a5974b1918f Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 16 Apr 2020 14:19:47 -0700
Subject: [PATCH 18/25] Indented code blocks, trying to get hanging indent in
 other list items

---
 .../configure-endpoints-vdi.md                | 29 ++++++++++---------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 28deb56cbf..2c8c2b2f66 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -81,15 +81,15 @@ The following steps will guide you through onboarding VDI machines and will high
 
 6. Test your solution:
 
-      a. Create a pool with one machine.
+    a. Create a pool with one machine.
       
-      b. Logon to machine.
+    b. Logon to machine.
       
-      c. Logoff from machine.
+    c. Logoff from machine.
 
-      d. Logon to machine with another user.
+    d. Logon to machine with another user.
       
-      e. **For single entry for each machine**: Check only one entry in Microsoft Defender Security Center.<br>
+    e. **For single entry for each machine**: Check only one entry in Microsoft Defender Security Center.<br>
     **For multiple entries for each machine**: Check multiple entries in Microsoft Defender Security Center.
 
 7. Click **Machines list** on the Navigation pane.
@@ -116,20 +116,21 @@ If offline servicing is not a viable option for your non-persistent VDI environm
 1. After booting the master image for online servicing or patching, run an offboarding script to turn off the Microsoft Defender ATP sensor. For more information, see [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script).
 
 2. Ensure the sensor is stopped by running the command below in a CMD window:
-```
-sc query sense
-```
+
+    ```
+    sc query sense
+    ```
 
 3. Service the image as needed.
 
 4. Run the below commands using PsExec.exe (which can be downloaded from https://download.sysinternals.com/files/PSTools.zip) to cleanup the cyber folder contents that the sensor may have accumulated since boot:
 
-```
-PsExec.exe -s cmd.exe
-cd "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber"
-del *.* /f /s /q
-exit
-```
+    ```
+    PsExec.exe -s cmd.exe
+    cd "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber"
+    del *.* /f /s /q
+    exit
+    ```
 
 5. Re-seal the golden/master image as you normally would.
 

From 44207cfc97ffb1267a86bbd0ee08b367b545e242 Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Thu, 16 Apr 2020 14:53:38 -0700
Subject: [PATCH 19/25] Acrolinx: corrected "usfing"

---
 .../windows-defender-smartscreen-overview.md                    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
index 2822f80344..56b4084b8b 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
@@ -49,7 +49,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
 
 - **Improved heuristics and diagnostic data.** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up-to-date, so it can help to protect you against potentially malicious sites and files.
 
-- **Management through Group Policy and Microsoft Intune.** Microsoft Defender SmartScreen supports usfing both Group Policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings](windows-defender-smartscreen-available-settings.md).
+- **Management through Group Policy and Microsoft Intune.** Microsoft Defender SmartScreen supports using both Group Policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings](windows-defender-smartscreen-available-settings.md).
 
 - **Blocking URLs associated with potentially unwanted applications.** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](../windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md).
 

From 9087c2b6a904f95fe5395d3ab842afc4cfc24662 Mon Sep 17 00:00:00 2001
From: Jreeds001 <v-jefree@microsoft.com>
Date: Thu, 16 Apr 2020 16:51:10 -0700
Subject: [PATCH 20/25] Update
 windows-defender-smartscreen-set-individual-device.md

---
 ...ender-smartscreen-set-individual-device.md | 38 +++++++++----------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
index 1bdb879cd4..b0e7163ee4 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
@@ -1,7 +1,7 @@
 ---
-title: Set up and use Windows Defender SmartScreen on individual devices (Windows 10)
-description: Learn how employees can use Windows Security to set up Windows Defender SmartScreen. Windows Defender SmartScreen protects users from running malicious apps.
-keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
+title: Set up and use Microsoft Defender SmartScreen on individual devices (Windows 10)
+description: Learn how employees can use Windows Security to set up Microsoft Defender SmartScreen. Microsoft Defender SmartScreen protects users from running malicious apps.
+keywords: SmartScreen Filter, Windows SmartScreen, Microsoft Defender SmartScreen
 ms.prod: w10
 ms.mktglfcycl: explore
 ms.sitesec: library
@@ -14,22 +14,22 @@ manager: dansimp
 ms.author: macapara
 ---
 
-# Set up and use Windows Defender SmartScreen on individual devices
+# Set up and use Microsoft Defender SmartScreen on individual devices
 
 **Applies to:**
 - Windows 10, version 1703
 - Windows 10 Mobile
 - Microsoft Edge
 
-Windows Defender SmartScreen helps to protect users if they try to visit sites previously reported as phishing or malware websites, or if a user tries to download potentially malicious files.
+Microsoft Defender SmartScreen helps to protect users if they try to visit sites previously reported as phishing or malware websites, or if a user tries to download potentially malicious files.
 
-## How users can use Windows Security to set up Windows Defender SmartScreen
-Starting with Windows 10, version 1703, users can use Windows Security to set up Windows Defender SmartScreen for an individual device; unless and administrator has used Group Policy or Microsoft Intune to prevent it.
+## How users can use Windows Security to set up Microsoft Defender SmartScreen
+Starting with Windows 10, version 1703, users can use Windows Security to set up Microsoft Defender SmartScreen for an individual device; unless and administrator has used Group Policy or Microsoft Intune to prevent it.
 
 >[!NOTE]
 >If any of the following settings are managed through Group Policy or mobile device management (MDM) settings, it appears as unavailable to the employee.
 
-**To use Windows Security to set up Windows Defender SmartScreen on a device**
+**To use Windows Security to set up Microsoft Defender SmartScreen on a device**
 1. Open the Windows Security app, and then select **App & browser control** > **Reputation-based protection settings**.
 
 2. In the **Reputation-based protection** screen, choose from the following options:
@@ -38,13 +38,13 @@ Starting with Windows 10, version 1703, users can use Windows Security to set up
 
        - **On.** Warns users that the apps and files being downloaded from the web are potentially dangerous but allows the action to continue.
 
-       - **Off.** Turns off Windows Defender SmartScreen, so a user isn't alerted or stopped from downloading potentially malicious apps and files.
+       - **Off.** Turns off Microsoft Defender SmartScreen, so a user isn't alerted or stopped from downloading potentially malicious apps and files.
 
-   - In the **Windows Defender SmartScreen for Microsoft Edge** area:
+   - In the **Microsoft Defender SmartScreen for Microsoft Edge** area:
         
        - **On.** Warns users that sites and downloads are potentially dangerous but allows the action to continue while running in Microsoft Edge.
         
-       - **Off.** Turns off Windows Defender SmartScreen, so a user isn't alerted or stopped from downloading potentially malicious apps and files.
+       - **Off.** Turns off Microsoft Defender SmartScreen, so a user isn't alerted or stopped from downloading potentially malicious apps and files.
    - In the **Potentially unwanted app blocking** area:
 
       - **On.** Turns on both the 'Block apps' and 'Block downloads settings. To learn more, see [How Microsoft identifies malware and potentially unwanted applications](https://docs.microsoft.com/windows/security/threat-protection/intelligence/criteria#potentially-unwanted-application-pua).
@@ -54,21 +54,21 @@ Starting with Windows 10, version 1703, users can use Windows Security to set up
 
       - **Off.** Turns off Potentially unwanted app blocking, so a user isn't alerted or stopped from downloading or installing potentially unwanted apps.
 
-   - In the **Windows Defender SmartScreen from Microsoft Store apps** area:
+   - In the **Microsoft Defender SmartScreen from Microsoft Store apps** area:
         
      - **On.** Warns users that the sites and downloads used by Microsoft Store apps are potentially dangerous but allows the action to continue.
         
-     - **Off.** Turns off Windows Defender SmartScreen, so a user isn't alerted or stopped from visiting sites or from downloading potentially malicious apps and files.
+     - **Off.** Turns off Microsoft Defender SmartScreen, so a user isn't alerted or stopped from visiting sites or from downloading potentially malicious apps and files.
 
-       ![Windows Security, Windows Defender SmartScreen controls](images/windows-defender-smartscreen-control-2020.png)
+       ![Windows Security, Microsoft Defender SmartScreen controls](images/windows-defender-smartscreen-control-2020.png)
 
-## How Windows Defender SmartScreen works when a user tries to run an app
-Windows Defender SmartScreen checks the reputation of any web-based app the first time it's run from the Internet, checking digital signatures and other factors against a Microsoft-maintained service. If an app has no reputation or is known to be malicious, Windows Defender SmartScreen can warn the user or block the app from running entirely, depending on how you've configured the feature to run in your organization.
+## How Microsoft Defender SmartScreen works when a user tries to run an app
+Microsoft Defender SmartScreen checks the reputation of any web-based app the first time it's run from the Internet, checking digital signatures and other factors against a Microsoft-maintained service. If an app has no reputation or is known to be malicious, Microsoft Defender SmartScreen can warn the user or block the app from running entirely, depending on how you've configured the feature to run in your organization.
 
-By default, users can bypass Windows Defender SmartScreen protection, letting them run legitimate apps after accepting a warning message prompt. You can also use Group Policy or Microsoft Intune to block your employees from using unrecognized apps, or to entirely turn off Windows Defender SmartScreen (not recommended).
+By default, users can bypass Microsoft Defender SmartScreen protection, letting them run legitimate apps after accepting a warning message prompt. You can also use Group Policy or Microsoft Intune to block your employees from using unrecognized apps, or to entirely turn off Microsoft Defender SmartScreen (not recommended).
 
 ## How users can report websites as safe or unsafe
-Windows Defender SmartScreen can be configured to warn users from going to a potentially dangerous site. Users can then choose to report a website as safe from the warning message or as unsafe from within Microsoft Edge and Internet Explorer 11.
+Microsoft Defender SmartScreen can be configured to warn users from going to a potentially dangerous site. Users can then choose to report a website as safe from the warning message or as unsafe from within Microsoft Edge and Internet Explorer 11.
 
 **To report a website as safe from the warning message**
 - On the warning screen for the site, click **More Information**, and then click **Report that this site does not contain threats**. The site info is sent to the Microsoft feedback site, which provides further instructions.
@@ -82,7 +82,7 @@ Windows Defender SmartScreen can be configured to warn users from going to a pot
 ## Related topics
 - [Threat protection](../index.md)
 
-- [Windows Defender SmartScreen overview](windows-defender-smartscreen-overview.md)
+- [Microsoft Defender SmartScreen overview](windows-defender-smartscreen-overview.md)
 
 >[!NOTE]
 >Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).

From fc718902ee90ae5717c54db75de87de1d6960019 Mon Sep 17 00:00:00 2001
From: Jreeds001 <v-jefree@microsoft.com>
Date: Thu, 16 Apr 2020 17:03:45 -0700
Subject: [PATCH 21/25] Update
 windows-defender-smartscreen-set-individual-device.md

---
 .../windows-defender-smartscreen-set-individual-device.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
index b0e7163ee4..dd2eb47e6c 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
@@ -24,7 +24,7 @@ ms.author: macapara
 Microsoft Defender SmartScreen helps to protect users if they try to visit sites previously reported as phishing or malware websites, or if a user tries to download potentially malicious files.
 
 ## How users can use Windows Security to set up Microsoft Defender SmartScreen
-Starting with Windows 10, version 1703, users can use Windows Security to set up Microsoft Defender SmartScreen for an individual device; unless and administrator has used Group Policy or Microsoft Intune to prevent it.
+Starting with Windows 10, version 1703, users can use Windows Security to set up Microsoft Defender SmartScreen for an individual device; unless an administrator has used Group Policy or Microsoft Intune to prevent it.
 
 >[!NOTE]
 >If any of the following settings are managed through Group Policy or mobile device management (MDM) settings, it appears as unavailable to the employee.

From 53f3baeef6d285c955bb3f6938cae303af84a816 Mon Sep 17 00:00:00 2001
From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com>
Date: Fri, 17 Apr 2020 01:56:14 -0700
Subject: [PATCH 22/25] Update
 windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 ...indows-operating-system-components-to-microsoft-services.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index eadc81def6..171740e483 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -40,7 +40,7 @@ Microsoft provides a [Windows Restricted Traffic Limited Functionality Baseline]
 >Regarding the Windows Restricted Traffic Limited Functionality Baseline, the 1903 settings (folder) are applicable to 1909 Windows >Enterprise devices. There were no additional settings required for the 1909 release.
 
 >[!Warning] 
->If a user executes the **Reset this PC** command (Settings -> Update & Security -> Recovery) with the **Keep my files option** (or the **Remove Everything** option) the Windows Restricted Traffic Limited Functionality Baseline settings will need to be re-applied in order to re-restrict the device. Egress traffic may occur prior to the re-application of the Restricted Traffic Limited Functionality Baseline settings.
+> If a user executes the **Reset this PC** command (Settings -> Update & Security -> Recovery) with the **Keep my files option** (or the **Remove Everything** option) the Windows Restricted Traffic Limited Functionality Baseline settings will need to be re-applied in order to re-restrict the device. Egress traffic may occur prior to the re-application of the Restricted Traffic Limited Functionality Baseline settings.
 
 To use Microsoft Intune cloud based device management for restricting traffic please refer to the [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)
 
@@ -1898,4 +1898,3 @@ For China releases of Windows 10 there is one additional Regkey to be set to pre
 
 
 To learn more, see [Device update management](https://msdn.microsoft.com/library/windows/hardware/dn957432.aspx) and [Configure Automatic Updates by using Group Policy](https://technet.microsoft.com/library/cc720539.aspx).
-

From bc5214eb980784895b9c5ccb196b805ccd3067fd Mon Sep 17 00:00:00 2001
From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com>
Date: Fri, 17 Apr 2020 01:56:25 -0700
Subject: [PATCH 23/25] Update
 windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 171740e483..8bb8bf8e3c 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -39,7 +39,7 @@ Microsoft provides a [Windows Restricted Traffic Limited Functionality Baseline]
 >[!Note]
 >Regarding the Windows Restricted Traffic Limited Functionality Baseline, the 1903 settings (folder) are applicable to 1909 Windows >Enterprise devices. There were no additional settings required for the 1909 release.
 
->[!Warning] 
+> [!Warning] 
 > If a user executes the **Reset this PC** command (Settings -> Update & Security -> Recovery) with the **Keep my files option** (or the **Remove Everything** option) the Windows Restricted Traffic Limited Functionality Baseline settings will need to be re-applied in order to re-restrict the device. Egress traffic may occur prior to the re-application of the Restricted Traffic Limited Functionality Baseline settings.
 
 To use Microsoft Intune cloud based device management for restricting traffic please refer to the [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)

From be13208188f92bef16c69a83f31be131e16ad8d6 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Fri, 17 Apr 2020 09:01:51 -0700
Subject: [PATCH 24/25] pencil edit

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 8bb8bf8e3c..6dd9518dcf 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -10,7 +10,7 @@ ms.sitesec: library
 ms.localizationpriority: high
 audience: ITPro
 author: medgarmedgar
-ms.author: v-medgar
+ms.author: robsize
 manager: robsize
 ms.collection: M365-security-compliance
 ms.topic: article

From fc8bda7dd4318f9ea4be91117ba188131b06c0eb Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Fri, 17 Apr 2020 13:14:25 -0700
Subject: [PATCH 25/25] remove wip

---
 .openpublishing.redirection.json              |   5 +
 .../how-wip-works-with-labels.md              | 122 ------------------
 2 files changed, 5 insertions(+), 122 deletions(-)
 delete mode 100644 windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 3b8c2ce3db..066d1d1e75 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -86,6 +86,11 @@
 "redirect_document_id": true
 },
 {
+"source_path": "windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure",
 "redirect_document_id": false
diff --git a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md b/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
deleted file mode 100644
index 684b78d8e2..0000000000
--- a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
+++ /dev/null
@@ -1,122 +0,0 @@
----
-title: How Windows Information Protection (WIP) protects files with a sensitivity label (Windows 10)
-description: Explains how Windows Information Protection works with other Microsoft information protection technologies to protect files that have a sensitivity label.
-keywords: sensitivity, labels, WIP, Windows Information Protection, EDP, Enterprise Data Protection
-ms.prod: w10
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: dulcemontemayor
-ms.author: dansimp
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 04/30/2019
-ms.reviewer: 
----
-
-# How Windows Information Protection (WIP) protects a file that has a sensitivity label 
-
-**Applies to:**
-
-- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- Windows 10, version 1903
-- Windows 10, version 1809
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-This topic explains how Windows Information Protection works with other Microsoft information protection technologies to protect files that have a sensitivity label. 
-Microsoft information protection technologies work together as an integrated solution to help enterprises:
-
-- Discover corporate data on endpoint devices
-- Classify and label information based on its content and context
-- Protect corporate data from unintentionally leaving to non-business environments
-- Enable audit reports of user interactions with corporate data on endpoint devices
-
-Microsoft information protection technologies include:
-
-- [Windows Information Protection (WIP)](protect-enterprise-data-using-wip.md) is built in to Windows 10 and protects local data at rest on endpoint devices, and manages apps to protect local data in use. Data that leaves the endpoint device, such as email attachment, is not protected by WIP. 
-
-- [Azure Information Protection](https://docs.microsoft.com/azure/information-protection/what-is-information-protection) is a cloud-based solution that can be purchased either standalone or as part of Microsoft 365 Enterprise. It helps an organization classify and protect its documents and emails by applying labels. Azure Information Protection is applied directly to content, and roams with the content as it's moved between locations and cloud services.
-
-- [Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security) is a cloud access security broker (CASB) solution that allows you to discover, classify, protect, and monitor user data in first-party and third-party Software-as-a-Service (SaaS) apps used by your organization.
-
-## How WIP protects sensitivity labels with endpoint data loss prevention
-
-You can create and manage [sensitivity labels](https://docs.microsoft.com/office365/securitycompliance/labels) in the Microsoft 365 compliance center. 
-When you [create a sensitivity label](https://docs.microsoft.com/microsoft-365/compliance/create-sensitivity-labels), you can specify that endpoint data loss prevention applies to content with that label. 
-
-![Endpoint data loss prevention](images/sensitivity-label-endpoint-dlp.png)
-
-Office app users can choose a sensitivity label from a menu and apply it to a file.
-
-![Sensitivity labels](images/sensitivity-labels.png)
-
-WIP enforces default endpoint protection as follows: 
-
-- If endpoint data loss prevention is enabled, the device enforces work protection for any file with the label
-- If endpoint data loss prevention is not enabled:
-  - The device enforces work protection to a file downloaded from a work site 
-  - The device does not enforce work protection to a file downloaded from a personal site
-
-Here's an example where a file remains protected without any work context beyond the sensitivity label: 
-
-1. Sara creates a PDF file on a Mac and labels it as **Confidential**.
-1. She emails the PDF from her Gmail account to Laura.
-1. Laura opens the PDF file on her Windows 10 device. 
-1. Windows Defender Advanced Threat Protection (Windows Defender ATP) scans Windows 10 for any file that gets modified or created, including files that were created on a personal site. 
-1. Windows Defender ATP triggers WIP policy.
-1. WIP policy protects the file even though it came from a personal site.
-
-## How WIP protects automatically classified files
-
-The next sections cover how Windows Defender ATP extends discovery and protection of sensitive information with improvements in Windows 10 version 1903. 
-
-### Discovery
-
-Windows Defender ATP can extract the content of the file itself and evaluate whether it contains sensitive information types such as credit card numbers or employee ID numbers. 
-When you create a sensitivity label, you can specify that the label be added to any file that contains a sensitive information type. 
-
-![Sensitivity labels](images/sensitivity-label-auto-label.png)
-
-A default set of [sensitive information types](https://docs.microsoft.com/office365/securitycompliance/what-the-sensitive-information-types-look-for) in Microsoft 365 compliance center includes credit card numbers, phone numbers, driver's license numbers, and so on.
-You can also [create a custom sensitive information type](https://docs.microsoft.com/office365/securitycompliance/create-a-custom-sensitive-information-type), which can include any keyword or expression that you want to evaluate. 
-
-### Protection
-
-When a file is created or edited on a Windows 10 endpoint, Windows Defender ATP extracts the content and evaluates if it contains any default or custom sensitive information types that have been defined. 
-If the file has a match, Windows Defender ATP applies endpoint data loss prevention even if the file had no label previously. 
-
-Windows Defender ATP is integrated with Azure Information Protection for data discovery and reports sensitive information types that were discovered. 
-Azure Information Protection aggregates the files with sensitivity labels and the sensitive information types they contain across the enterprise. 
-
-![Image of Azure Information Protection - Data discovery](images/azure-data-discovery.png)
-
-You can see sensitive information types in Microsoft 365 compliance under **Classifications**. Default sensitive information types have Microsoft as the publisher. The publisher for custom types is the tenant name.
-
-![Sensitive information types](images/sensitive-info-types.png)
-
->[!NOTE]
->Automatic classification does not change the file itself, but it applies protection based on the label. 
->WIP protects a file that contains a sensitive information type as a work file.
->Azure Information Protection works differently in that it extends a file with a new attribute so the protection persists if the file is copied. 
-
-## Prerequisites
-
-- Endpoint data loss prevention requires Windows 10, version 1809
-- Auto labelling requires Windows 10, version 1903
-- Devices need to be onboarded to [Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection), which scans content for a label and applies WIP policy
-- [Sensitivity labels](https://docs.microsoft.com/office365/securitycompliance/labels) need to be configured in Microsoft 365 compliance center
-- WIP policy needs to be applied to endpoint devices by using [Intune](create-wip-policy-using-intune-azure.md) or [Microsoft Endpoint Configuration Manager](overview-create-wip-policy-configmgr.md)
-
-
-
-
-
-
-
-
-