deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 11:23:45 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update known-issues.md

Browse Source
This commit is contained in:
jsuther1974
2023-04-06 11:24:42 -07:00
parent 48c09d847a
commit 5688070463
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
View File

@ -55,7 +55,7 @@ When the WDAC engine evaluates files against the active set of policies on the d
3. WDAC then checks for the [Managed Installer extended attribute (EA)](configure-authorized-apps-deployed-with-a-managed-installer.md) or the [Intelligent Security Graph (ISG) EA](use-windows-defender-application-control-with-intelligent-security-graph.md) on the file. If either EA exists and the policy enables the corresponding option, then the file is allowed. 3. WDAC then checks for the [Managed Installer extended attribute (EA)](configure-authorized-apps-deployed-with-a-managed-installer.md) or the [Intelligent Security Graph (ISG) EA](use-windows-defender-application-control-with-intelligent-security-graph.md) on the file. If either EA exists and the policy enables the corresponding option, then the file is allowed.
4. Lastly, WDAC makes a cloud call to the ISG to get reputation on file, if the policy enables the ISG option. 4. Lastly, WDAC makes a cloud call to the ISG to get reputation about the file, if the policy enables the ISG option.
5. If no rule exists for the file and it's not allowed based on ISG or MI, then the file is blocked implicitly. 5. If no rule exists for the file and it's not allowed based on ISG or MI, then the file is blocked implicitly.