diff --git a/windows/security/threat-protection/windows-defender-application-control/citool-commands.md b/windows/security/threat-protection/windows-defender-application-control/citool-commands.md index 94c0be2807..846e91f229 100644 --- a/windows/security/threat-protection/windows-defender-application-control/citool-commands.md +++ b/windows/security/threat-protection/windows-defender-application-control/citool-commands.md @@ -19,20 +19,20 @@ This article will describe how to use CI Tool to update and manage policies. CI | Command | Description | Alias | |--------|---------|---------| -| --update-policy /Path/To/Policy/File | Add or update a policy on the current system | -up | -| --remove-policy PolicyGUID | Remove a policy indicated by PolicyGUID from the system | -rp | +| --update-policy | Add or update a policy on the current system | -up | +| --remove-policy | Remove a policy indicated by PolicyGUID from the system | -rp | | --list-policies | Dump information about all policies on the system, whether they are active or not | -lp | ## Token Commands | Command | Description | Alias | |--------|---------|---------| -| --add-token Path/To/Token/File [--token-id ID] | Deploy a token onto the current system, with an optional specific ID. | -at | -| --remove-token ID | Remove a Token indicated by ID from the system. | -rt | +| --add-token <--token-id ID> | Deploy a token onto the current system, with an optional specific ID. | -at | +| --remove-token | Remove a Token indicated by ID from the system. | -rt | | --list-tokens | Dump information about all tokens on the system | -lt | >[!NOTE] ->Regarding --add-token, if [ID] is specified, a pre-existing token with [ID] should not exist. +>Regarding --add-token, if is specified, a pre-existing token with should not exist. ## Miscellaneous Commands @@ -46,58 +46,58 @@ This article will describe how to use CI Tool to update and manage policies. CI 1. Deploy a WDAC policy onto the system -```powershell -PS C:\Users\[USER] CITool --update-policy "\Windows\Temp\{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}.cip" -Operation Successful -Press Enter to Continue -``` + ```powershell + PS C:\Users\ CITool --update-policy "\Windows\Temp\{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}.cip" + Operation Successful + Press Enter to Continue + ``` 2. Refresh the WDAC policies -```powershell -PS C:\Users\[USER] CITool --refresh -Operation Successful -``` + ```powershell + PS C:\Users\ CITool --refresh + Operation Successful + ``` 3. Remove a specific WDAC policy by its policy ID -```powershell -PS C:\Users\[USER] CiTool --remove-policy "{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}" -Operation Successful -Press Enter to Continue -``` + ```powershell + PS C:\Users\ CiTool --remove-policy "{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}" + Operation Successful + Press Enter to Continue + ``` 4. Display the help menu -```powershell -PS C:\Users\[USER] CITool -h - ------------------------------ Policy Commands --------------------------------- - --update-policy /Path/To/Policy/File - Add or update a policy on the current system - aliases: -up - --remove-policy PolicyGUID - Remove a policy indicated by PolicyGUID from the system - aliases: -rp - --list-policies - Dump information about all policies on the system, whether they be active or not - aliases: -lp ------------------------------ Token Commands --------------------------------- - --add-token Path/To/Token/File [--token-id ID] - Deploy a token onto the current system, with an optional specific ID - If [ID] is specified, a pre-existing token with [ID] should not exist. - aliases:-at - --remove-token ID - Remove a Token indicated by ID from the system. - aliases: -rt - --list-tokens - Dump information about all tokens on the system - aliases: -lt ------------------------------ Misc Commands --------------------------------- - --device-id - Dump the Code Integrity Device Id - aliases: -id - --refresh - Attempt to Refresh CI Policies - aliases: -r - --help - Display this message - aliases: -h -``` \ No newline at end of file + ```powershell + PS C:\Users\ CITool -h + + ----------------------------- Policy Commands --------------------------------- + --update-policy /Path/To/Policy/File + Add or update a policy on the current system + aliases: -up + --remove-policy PolicyGUID + Remove a policy indicated by PolicyGUID from the system + aliases: -rp + --list-policies + Dump information about all policies on the system, whether they be active or not + aliases: -lp + ----------------------------- Token Commands --------------------------------- + --add-token Path/To/Token/File <--token-id ID> + Deploy a token onto the current system, with an optional specific ID + If is specified, a pre-existing token with should not exist. + aliases:-at + --remove-token ID + Remove a Token indicated by ID from the system. + aliases: -rt + --list-tokens + Dump information about all tokens on the system + aliases: -lt + ----------------------------- Misc Commands --------------------------------- + --device-id + Dump the Code Integrity Device Id + aliases: -id + --refresh + Attempt to Refresh CI Policies + aliases: -r + --help + Display this message + aliases: -h + ``` \ No newline at end of file