From 8d3e5fbe8cbb51a56891bd0e0ada71ba329be5ab Mon Sep 17 00:00:00 2001
From: Lindsay <45809756+lindspea@users.noreply.github.com>
Date: Thu, 4 Jul 2019 11:47:01 +0200
Subject: [PATCH 1/3] Update
 understanding-applocker-allow-and-deny-actions-on-rules.md

Added wording for clarification.
---
 .../understanding-applocker-allow-and-deny-actions-on-rules.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
index 6f06fb76e5..3f02c4256b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
@@ -27,7 +27,7 @@ This topic explains the differences between allow and deny actions on AppLocker
 
 ## Allow action versus deny action on rules
 
-Unlike Software Restriction Policies (SRP), each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This configuration makes it easier to determine what will occur when an AppLocker rule is applied.
+Unlike Software Restriction Policies (SRP), in a block by default, allow by exception configuration, each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This configuration makes it easier to determine what will occur when an AppLocker rule is applied.
 
 You can also create rules that use the deny action. When applying rules, AppLocker first checks whether any explicit deny actions are specified in the rule list. If you have denied a file from running in a rule collection, the deny action will take precedence over any allow action, regardless of which Group Policy Object (GPO) the rule was originally applied in. Because AppLocker functions as an allowed list by default, if no rule explicitly allows or denies a file from running, AppLocker's default deny action will block the file.
 

From 08a42cb5e514d182f98b02dfc24341adb6c5b0cb Mon Sep 17 00:00:00 2001
From: Lindsay <45809756+lindspea@users.noreply.github.com>
Date: Sun, 7 Jul 2019 16:56:30 +0200
Subject: [PATCH 2/3] Update
 windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>
---
 .../understanding-applocker-allow-and-deny-actions-on-rules.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
index 3f02c4256b..a57aaae2f1 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
@@ -27,7 +27,7 @@ This topic explains the differences between allow and deny actions on AppLocker
 
 ## Allow action versus deny action on rules
 
-Unlike Software Restriction Policies (SRP), in a block by default, allow by exception configuration, each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This configuration makes it easier to determine what will occur when an AppLocker rule is applied.
+Unlike Software Restriction Policies (SRP) each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This **block by default, allow by exception** configuration makes it easier to determine what will occur when an AppLocker rule is applied.
 
 You can also create rules that use the deny action. When applying rules, AppLocker first checks whether any explicit deny actions are specified in the rule list. If you have denied a file from running in a rule collection, the deny action will take precedence over any allow action, regardless of which Group Policy Object (GPO) the rule was originally applied in. Because AppLocker functions as an allowed list by default, if no rule explicitly allows or denies a file from running, AppLocker's default deny action will block the file.
 

From 16df00c5ec722564d831bee3177d7347517e5a8d Mon Sep 17 00:00:00 2001
From: Lindsay <45809756+lindspea@users.noreply.github.com>
Date: Mon, 8 Jul 2019 06:05:48 +0200
Subject: [PATCH 3/3] Update
 windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>
---
 .../understanding-applocker-allow-and-deny-actions-on-rules.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
index a57aaae2f1..50811e33c0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
@@ -27,7 +27,7 @@ This topic explains the differences between allow and deny actions on AppLocker
 
 ## Allow action versus deny action on rules
 
-Unlike Software Restriction Policies (SRP) each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This **block by default, allow by exception** configuration makes it easier to determine what will occur when an AppLocker rule is applied.
+Unlike Software Restriction Policies (SRP), each AppLocker rule collection functions as an allowed list of files. Only the files that are listed within the rule collection are allowed to run. This **block by default, allow by exception** configuration makes it easier to determine what will occur when an AppLocker rule is applied.
 
 You can also create rules that use the deny action. When applying rules, AppLocker first checks whether any explicit deny actions are specified in the rule list. If you have denied a file from running in a rule collection, the deny action will take precedence over any allow action, regardless of which Group Policy Object (GPO) the rule was originally applied in. Because AppLocker functions as an allowed list by default, if no rule explicitly allows or denies a file from running, AppLocker's default deny action will block the file.