diff --git a/windows/keep-secure/basic-audit-logon-events.md b/windows/keep-secure/basic-audit-logon-events.md index 143c150317..dd0764f2b5 100644 --- a/windows/keep-secure/basic-audit-logon-events.md +++ b/windows/keep-secure/basic-audit-logon-events.md @@ -22,6 +22,8 @@ If you define this policy setting, you can specify whether to audit successes, a To set this value to **No auditing**, in the **Properties** dialog box for this policy setting, select the **Define these policy settings** check box and clear the **Success** and **Failure** check boxes. +For information about advanced security policy settings for logon events, see the [Logon/logoff](advanced-security-audit-policy-settings.md#logonlogoff) section in [Advanced security audit policy settings](advanced-security-audit-policy-settings.md). + ## Configure this audit setting You can configure this security setting by opening the appropriate policy under Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Audit Policy. diff --git a/windows/keep-secure/export-an-applocker-policy-from-a-gpo.md b/windows/keep-secure/export-an-applocker-policy-from-a-gpo.md index 6476c88d16..8f914cd9f0 100644 --- a/windows/keep-secure/export-an-applocker-policy-from-a-gpo.md +++ b/windows/keep-secure/export-an-applocker-policy-from-a-gpo.md @@ -16,7 +16,7 @@ author: brianlic-msft This topic for IT professionals describes the steps to export an AppLocker policy from a Group Policy Object (GPO) so that it can be modified. -Updating an AppLocker policy that is currently enforced in your production environment can have unintended results. Therefore, export the policy from the GPO and update the rule or rules by using AppLocker on your AppLocker reference device +Updating an AppLocker policy that is currently enforced in your production environment can have unintended results. Therefore, export the policy from the GPO and update the rule or rules by using AppLocker on your AppLocker reference device. To complete this procedure, you must have the **Edit Setting** permission to edit a GPO. By default, members of the **Domain Admins** group, the **Enterprise Admins** group, and the **Group Policy Creator Owners** group have this permission. diff --git a/windows/keep-secure/maintain-applocker-policies.md b/windows/keep-secure/maintain-applocker-policies.md index 43bd39884e..69cf6d1483 100644 --- a/windows/keep-secure/maintain-applocker-policies.md +++ b/windows/keep-secure/maintain-applocker-policies.md @@ -47,7 +47,7 @@ Before modifying a policy, evaluate how the policy is currently implemented. For ### Step 2: Export the AppLocker policy from the GPO -Updating an AppLocker policy that is currently enforced in your production environment can have unintended results. Therefore, export the policy from the GPO and update the rule or rules by using AppLocker on your AppLocker reference or test computer. To prepare an AppLocker policy for modification, see [Export an AppLocker policy from a GPO](export-an-applocker-policy-from-a-gpo.md) +Updating an AppLocker policy that is currently enforced in your production environment can have unintended results. Therefore, export the policy from the GPO and update the rule or rules by using AppLocker on your AppLocker reference or test computer. To prepare an AppLocker policy for modification, see [Export an AppLocker policy from a GPO](export-an-applocker-policy-from-a-gpo.md). ### Step 3: Update the AppLocker policy by editing the appropriate AppLocker rule