Merge branch 'master' into Tp-updateTinaMcNaboe

windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md

@@ -153,16 +153,18 @@ Requirements:
 - Enterprise AD must be integrated with Azure AD.
 - Ensure that PCs belong to same computer group.
 
->[!IMPORTANT]
->If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1803 or version 1809. To fix the issue, follow these steps:        
+> [!IMPORTANT]
+> If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1803 or version 1809. To fix the issue, follow these steps:        
 >   1. Download:  
 >   1803 -->[Administrative Templates (.admx) for Windows 10 April 2018 Update (1803)](https://www.microsoft.com/download/details.aspx?id=56880) or  
->   1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576).
+>   1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576) or
+>   1903 --> [Administrative Templates for Windows 10 May 2019 Update (1903)](https://www.microsoft.com/download/details.aspx?id=58495)
 >   2. Install the package on the Primary Domain Controller (PDC).
 >   3. Navigate, depending on the version to the folder:
->   1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or  
->   1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2**
->   4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies**.
+>   1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or
+>   1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2** or
+>   1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3**
+>   4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies** .
 >   5. Restart the Primary Domain Controller for the policy to be available.
 >   This procedure will work for any future version as well.
 
@@ -172,10 +174,8 @@ Requirements:
 4. Filter using Security Groups.
 5. Enforce a GPO link.
 
-> [!NOTE]
-> Version 1903 (March 2019) is actually on the Insider program and doesn't yet contain a downloadable version of Templates (version 1903).
-
 ## Troubleshoot auto-enrollment of devices
+
 Investigate the log file if you have issues even after performing all the mandatory verification steps. The first log file to investigate is the event log on the target Windows 10 device. 
 
 To collect Event Viewer logs:
@@ -232,5 +232,6 @@ To collect Event Viewer logs:
 
 ### Useful Links
 
+- [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495)
 - [Windows 10 Administrative Templates for Windows 10 October 2018 Update 1809](https://www.microsoft.com/download/details.aspx?id=57576)
 - [Windows 10 Administrative Templates for Windows 10 April 2018 Update 1803](https://www.microsoft.com/download/details.aspx?id=56880)

windows/client-management/mdm/networkqospolicy-csp.md

@@ -106,3 +106,10 @@ The following diagram shows the NetworkQoSPolicy configuration service provider
 
 <p style="margin-left: 20px">The supported operations are Add, Get, Delete, and Replace.
 
+
+## Related topics
+
+Read more about the XML DDF structure to create this policy by following the links below:
+
+- [More Information about DDF and structure](networkqospolicy-ddf.md)
+- [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)

windows/security/threat-protection/microsoft-defender-atp/alerts.md

@@ -52,8 +52,8 @@ threatFamilyName | string | Threat family.
 title | string | Alert title.
 description | String | Description of the threat, identified by the alert.
 alertCreationTime | DateTimeOffset | The date and time (in UTC) the alert was created.
-lastEventTime | DateTimeOffset | The last occurance of the event that triggered the alert on the same machine.
-firstEventTime | DateTimeOffset | The first occurance of the event that triggered the alert on that machine.
+lastEventTime | DateTimeOffset | The last occurrence of the event that triggered the alert on the same machine.
+firstEventTime | DateTimeOffset | The first occurrence of the event that triggered the alert on that machine.
 resolvedTime | DateTimeOffset | The date and time in which the status of the alert was changed to 'Resolved'.
 machineId | String | ID of a [machine](machine.md) entity that is associated with the alert.
 

windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md

@@ -75,7 +75,7 @@ The **Graph** tells the story of the cybersecurity attack. For example, it shows
 
 You can click the circles on the incident graph to view the details of the malicious files, associated file detections, how many instances has there been worldwide, whether it’s been observed in your organization, if so, how many instances.
 
-![Image of indcident details](images/atp-incident-graph-details.png)
+![Image of incident details](images/atp-incident-graph-details.png)
 
 ## Related topics
 - [Incidents queue](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue)

windows/security/threat-protection/microsoft-defender-atp/machineactionsnote.md

@@ -4,6 +4,8 @@ ms.reviewer:
 manager: dansimp
 ms.author: macapara
 author: mjcaparas
+ms.prod: w10
+title: Note
 ---
 >[!Note]
 > This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts.md) for more information about response actions functionality via Microsoft Defender ATP.

windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md

@@ -1,6 +1,6 @@
 ---
 title: Manage automation file uploads
-description: Enable content analysis and configure the file extension and email attachment extensions that will be sumitted for analysis
+description: Enable content analysis and configure the file extension and email attachment extensions that will be submitted for analysis
 keywords: automation, file, uploads, content, analysis, file, extension, email, attachment
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -45,5 +45,4 @@ For example, if you add *exe* and *bat* as file or attachment extension names, t
   
 
 ## Related topics
-- [Manage automation allowed/blocked lists](manage-automation-allowed-blocked-list.md)
-- [Manage automation folder exclusions](manage-automation-folder-exclusions.md)
+- [Manage automation folder exclusions](manage-automation-folder-exclusions.md)

windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md

@@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 author: mjcaparas
-ms.author: macaparas
+ms.author: macapara
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
@@ -172,7 +172,7 @@ After completing the steps in the Before you begin section, you can proceed with
 
 
 ## Mashup Microsoft Defender ATP data with other data sources
-You can use Power BI Desktop to analyse data from Microsoft Defender ATP and mash that data up with other data sources to gain better security perspective in your organization.
+You can use Power BI Desktop to analyze data from Microsoft Defender ATP and mash that data up with other data sources to gain better security perspective in your organization.
 
 1. In Power BI Desktop, in the Home ribbon, click **Get data** and search for **Microsoft Defender Advanced Threat Protection**.
 

windows/security/threat-protection/microsoft-defender-atp/prerelease.md

@@ -4,6 +4,8 @@ ms.reviewer:
 manager: dansimp
 ms.author: macapara
 author: mjcaparas
+ms.prod: w10
+title: "Prerelease"
 ---
 
 >[!IMPORTANT]

windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md

@@ -20,6 +20,11 @@ ms.topic: conceptual
 
 # What's new in Microsoft Defender Advanced Threat Protection for Mac
 
+## 100.68.99
+
+- Added the ability to configure the antivirus functionality to run in [passive mode](microsoft-defender-atp-mac-preferences.md#enable--disable-passive-mode)
+- Performance improvements & bug fixes
+
 ## 100.65.28
 
 - Added support for macOS Catalina
@@ -32,4 +37,4 @@ ms.topic: conceptual
 > - For manual deployments, see the updated instructions in the [Manual deployment](microsoft-defender-atp-mac-install-manually.md#how-to-allow-full-disk-access) topic.
 > - For managed deployments, see the updated instructions in the [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md#create-system-configuration-profiles) topics.
 
-- Performance improvements
+- Performance improvements & bug fixes

windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md

@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
-ms.date: 09/21/2017
 ---
 
 # Maintain AppLocker policies
@@ -41,7 +40,9 @@ There are three methods you can use to maintain AppLocker policies:
 -   [Maintaining AppLocker policies on the local computer](#bkmk-applkr-use-locsnapin)
 
 ## <a href="" id="bkmk-applkr-use-mdm"></a>Maintaining AppLocker policies by using Mobile Device Management (MDM)
+Using the AppLocker configuration service provider, you can select which apps are allowed or blocked from running. Using the CSP, you can configure app restrictions based on grouping (such as EXE, MSI, DLL, Store apps and more) and then chose how to enforce different policies for different apps.
 
+For more information, see the [AppLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/applocker-csp).
 
 
 ## <a href="" id="bkmk-applkr-use-gp"></a>Maintaining AppLocker policies by using Group Policy