diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md
index c32223b772..e22acdf422 100644
--- a/education/windows/windows-11-se-overview.md
+++ b/education/windows/windows-11-se-overview.md
@@ -74,7 +74,7 @@ Windows 11 SE comes with some preinstalled apps. The following apps can also run
 |NextUp Talker	                        |1.0.49	    |Win32    |NextUp Technologies|
 |NonVisual Desktop Access	            |2021.3.1	|Win32    |NV Access|
 |NWEA Secure Testing Browser	        |5.4.300.0	 |Win32   |NWEA|
-|Pearson TestNav	                    |1.10.2.0	|Win32    |Pearson|
+|Pearson TestNav	                    |1.10.2.0	|Store    |Pearson|
 |Questar Secure Browser	                |4.8.3.376	|Win32    |Questar|
 |ReadAndWriteForWindows	                |12.0.60.0	 |Win32   |Texthelp Ltd.|
 |Remote Help	                        |3.8.0.12	 |Win32   |Microsoft|
diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md
index 40ca8b574f..3a3752cebe 100644
--- a/windows/client-management/mdm/dmclient-csp.md
+++ b/windows/client-management/mdm/dmclient-csp.md
@@ -51,6 +51,8 @@ DMClient
 ------------Unenroll
 ------------AADResourceID
 ------------AADDeviceID
+------------AADSendDeviceToken
+------------ForceAadToken
 ------------EnrollmentType
 ------------EnableOmaDmKeepAliveMessage
 ------------HWDevID
@@ -73,6 +75,21 @@ DMClient
 ----------------NumberOfRemainingScheduledRetries
 ----------------PollOnLogin
 ----------------AllUsersPollOnFirstLogin
+------------LinkedEnrollment
+----------------Priority
+----------------Enroll
+----------------Unenroll
+----------------EnrollStatus
+----------------LastError
+------------Recovery
+----------------AllowRecovery
+----------------RecoveryStatus
+----------------InitiateRecovery
+------------MultipleSession
+----------------NumAllowedConcurrentUserSessionForBackgroundSync
+----------------NumAllowedConcurrentUserSessionAtUserLogonSync
+----------------IntervalForScheduledRetriesForUserSession
+----------------NumberOfScheduledRetriesForUserSession
 ----Unenroll
 ----UpdateManagementServiceAddress
 ```
@@ -326,6 +343,11 @@ Supported operations are Add, Delete, Get, and Replace.
 
 Value type is bool.
 
+<a href="" id="provider-providerid-forceaadtoken"></a>**Provider/*ProviderID*/ForceAadToken**
+The value type is integer/enum.
+
+The value is "1" and it means client should always send AAD device token during check-in/sync.
+
 <a href="" id="provider-providerid-poll"></a>**Provider/*ProviderID*/Poll**  
 Optional. Polling schedules must use the DMClient CSP. The Registry paths previously associated with polling using the Registry CSP are now deprecated.
 
@@ -444,6 +466,113 @@ Optional. Boolean value that allows the IT admin to require the device to start
 
 Supported operations are Add, Get, and Replace.
 
+<a href="" id="provider-providerid-linkedenrollment-priority"></a>**Provider/*ProviderID*/LinkedEnrollment/Priority**
+This node is an integer, value is "0" or "1".
+
+Default is 1, meaning the MDM enrollment is the “winning” authority for conflicting policies/resources. Value 1 means MMP-C enrollment is the “winning” one.
+Support operations are Get and Set.
+
+<a href="" id="provider-providerid-linkedenrollment-enroll"></a>**Provider/*ProviderID*/LinkedEnrollment/Enroll**
+This is an execution node and will trigger a silent MMP-C enrollment, using the AAD device token pulled from the AADJ’ed device. There is no user interaction needed.
+
+Support operation is Exec.
+
+<a href="" id="provider-providerid-linkedenrollment-unenroll"></a>**Provider/*ProviderID*/LinkedEnrollment/Unenroll**
+This is an execution node and will trigger a silent MMP-C unenroll, there is no user interaction needed. On un-enrollment, all the settings/resources set by MMPC will be rolled back(rollback details will be covered later).
+
+Support operation is Exec.
+
+<a href="" id="provider-providerid-linkedenrollment-enrollstatus"></a>**Provider/*ProviderID*/LinkedEnrollment/EnrollStatus**
+
+This node can be used to check both enroll and unenroll statuses.
+This will return the enroll action status and is defined as a enum class LinkedEnrollmentStatus. The values are aas follows:
+
+- Undefined = 0
+- EnrollmentNotStarted = 1
+- InProgress = 2
+- Failed = 3
+- Succeeded = 4
+- UnEnrollmentQueued = 5
+- UnEnrollmentSucceeded = 8
+
+Support operation is Get only.
+
+<a href="" id="provider-providerid-linkedenrollment-lasterror"></a>**Provider/*ProviderID*/LinkedEnrollment/LastError**
+
+This specifies the Hresult to report the enrollment/unenroll results.
+
+<a href="" id="provider-providerid-recovery-allowrecovery"></a>**Provider/*ProviderID*/Recovery/AllowRecovery**
+
+This node determines whether or not the client will automatically initiate a MDM Recovery operation when it detects issues with the MDM certificate.
+
+Supported operations are Get, Add, Replace and Delete.
+
+The supported values for this node are 1-true (allow) and 0-false(not allow). Default value is 0.
+
+<a href="" id="provider-providerid-recovery-recoverystatus"></a>**Provider/*ProviderID*/Recovery/RecoveryStatus**
+
+This node tracks the status of a Recovery request from the InitiateRecovery node. The values are as follows:
+
+0 - No Recovery request has been processed.  
+1 - Recovery is in Process.  
+2 - Recovery has finished successfully.  
+3 - Recovery has failed to start because TPM is not available.  
+4 - Recovery has failed to start because AAD keys are not protected by the TPM.  
+5 - Recovery has failed to start because the MDM keys are already protected by the TPM.  
+6 - Recovery has failed to start because the TPM is not ready for attestation.  
+7 - Recovery has failed because the client cannot authenticate to the server.  
+8 - Recovery has failed because the server has rejected the client's request.
+
+Supported operation is Get only.
+
+<a href="" id="provider-providerid-recovery-initiaterecovery"></a>**Provider/*ProviderID*/Recovery/InitiateRecovery**
+
+This node initiates an MDM Recovery operation on the client.  
+
+If initiated with argument 0, it triggers MDM Recovery, no matter the state of the device.
+
+If initiated with argument 1, it triggers only if the MDM certificate’s private key isn’t already protected by the TPM, if there is a TPM to put the private key into, and if the TPM is ready for attestation. 
+
+Supported operation is Exec only.
+
+<a href="" id="provider-providerid-multiplesession-numallowedconcurrentusersessionforbackgroundsync"></a>**Provider/*ProviderID*/MultipleSession/NumAllowedConcurrentUserSessionForBackgroundSync**
+
+Optional. This node specifies maximum number of concurrent user sync sessions in background. Default value is 25.
+
+The values are : 0= none, 1= sequential, anything else=  parallel.
+
+Supported operations are Get, Add, Replace and Delete.
+
+Value type is integer. Only applicable for Windows 10 multi-session.
+
+
+<a href="" id="provider-providerid-multiplesession-numallowedconcurrentusersessionatuserlogonsync"></a>**Provider/*ProviderID*/MultipleSession/NumAllowedConcurrentUserSessionAtUserLogonSync**
+Optional. This node specifies maximum number of concurrent user sync sessions at User Login. Default value is 25.
+
+The values are : 0= none, 1= sequential, anything else= parallel.
+
+Supported operations are Get, Add, Replace and Delete. 
+
+Value type is integer. Only applicable for Windows 10 multi-session. 
+
+<a href="" id="provider-providerid-multiplesession-intervalforscheduledretriesforusersession"></a>**Provider/*ProviderID*/MultipleSession/IntervalForScheduledRetriesForUserSession**
+Optional. This node specifies the waiting time (in minutes) for the initial set of retries as specified by the number of retries in `/<ProviderID>/Poll/NumberOfScheduledRetriesForUserSession`. 
+
+If IntervalForScheduledRetriesForUserSession is not set, then the default value is used. The default value is 1440. If the value is set to 0, this schedule is disabled.
+
+This configuration is only applicable for Windows Multi-session Editions.
+
+Supported operations are Get and Replace.
+
+<a href="" id="provider-providerid-multiplesession-numberofscheduledretriesforusersession"></a>**Provider/*ProviderID*/MultipleSession/NumberOfScheduledRetriesForUserSession**
+Optional. This node specifies the number of times the DM client should retry to connect to the server when the client is initially configured or enrolled to communicate with the server. 
+
+If the value is set to 0 and the IntervalForScheduledRetriesForUserSession value is not 0, then the schedule will be set to repeat an infinite number of times. 
+
+The default value is 0. This configuration is only applicable for Windows Multi-session Editions.
+
+Supported operations are Get and Replace.
+
 <a href="" id="provider-providerid-configlock"></a>**Provider/*ProviderID*/ConfigLock**
 
 Optional. This node enables [Config Lock](config-lock.md) feature. If enabled, policies defined in the Config Lock document will be monitored and quickly remediated when a configuration drift is detected.
diff --git a/windows/client-management/quick-assist.md b/windows/client-management/quick-assist.md
index 9591465cfc..22ed2a7af6 100644
--- a/windows/client-management/quick-assist.md
+++ b/windows/client-management/quick-assist.md
@@ -14,7 +14,7 @@ ms.collection: highpri
 
 # Use Quick Assist to help users
 
-Quick Assist is a Windows application that enables a person to share their device with another person over a remote connection. Your support staff can use it to remotely connect to a user's device and then view its display, make annotations, or take full control. In this way, they can troubleshoot, diagnose technological issues, and provide instructions to users directly on their devices.
+Quick Assist is a Microsoft Store application that enables a person to share their device with another person over a remote connection. Your support staff can use it to remotely connect to a user's device and then view its display, make annotations, or take full control. In this way, they can troubleshoot, diagnose technological issues, and provide instructions to users directly on their devices.
 
 ## Before you begin
 
@@ -42,7 +42,6 @@ Both the helper and sharer must be able to reach these endpoints over port 443:
 | `*.api.support.microsoft.com` | API access for Quick Assist |
 | `*.vortex.data.microsoft.com` | Used for diagnostic data |
 | `*.channelservices.microsoft.com` | Required for chat services within Quick Assist |
-| `*.skype.com` | Skype requests may vary based on geography. If connection issues persist, test this endpoint. |
 | `*.remoteassistanceprodacs.communication.azure.com` | Azure Communication Services (ACS) technology the Quick Assist app uses. |
 | `*.turn.azure.com` | Protocol used to help endpoint. |
 | `browser.pipe.aria.microsoft.com` | Required diagnostic data for client and services used by Quick Assist. |
@@ -105,23 +104,7 @@ Either the support staff or a user can start a Quick Assist session.
 
 ## If Quick Assist is missing
 
-If for some reason a user doesn't have Quick Assist on their system or it's not working properly, try to uninstall and reinstall it.
-
-### Uninstall Quick Assist
-
-1. Start the Settings app, and then select **Apps**.
-2. Select **Optional features**.
-3. In the **Installed features** search bar, type *Quick Assist*.
-4. Select **Microsoft Quick Assist**, and then select **Uninstall**.
-
-### Reinstall Quick Assist
-
-1. Start the Settings app, and then select **Apps**.
-2. Select **Optional features**.
-3. Select **Add a feature**.
-4. In the new dialog that opens, in the **Add an optional feature** search bar, type *Quick Assist*.
-5. Select the check box for **Microsoft Quick Assist**, and then select **Install**.
-6. Restart the device.
+If for some reason a user doesn't have Quick Assist on their system or it's not working properly, try to uninstall and reinstall it. For more information, see [Install Quick Assist](https://support.microsoft.com/windows/install-quick-assist-c17479b7-a49d-4d12-938c-dbfb97c88bca).
 
 ## Next steps
 
diff --git a/windows/deployment/update/deployment-service-overview.md b/windows/deployment/update/deployment-service-overview.md
index 7459c71de0..6aae1788d5 100644
--- a/windows/deployment/update/deployment-service-overview.md
+++ b/windows/deployment/update/deployment-service-overview.md
@@ -134,14 +134,14 @@ Deployment scheduling controls are always available, but to take advantage of th
 
 To enroll devices in Windows Update for Business cloud processing, set the **AllowWUfBCloudProcessing** policy using mobile device management (MDM) policy or Group Policy.
 
-| Policy                                                                                                       | Sets registry key under **HKLM\\Software**                                |
-|--------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------|
-| GPO for Windows 10, version 1809 or later: Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds > **Allow WUfB Cloud Processing** | \\Policies\\Microsoft\\Windows\\DataCollection\\AllowWUfBCloudProcessing |
-| MDM for Windows 10, version 1809 or later: ../Vendor/MSFT/ Policy/Config/System/**AllowWUfBCloudProcessing** | \\Microsoft\\PolicyManager\\default\\System\\AllowWUfBCloudProcessing |
+| Policy| Sets registry key under `HKLM\Software`|
+|--|--|
+| GPO for Windows 10, version 1809 or later: Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds > **Allow WUfB Cloud Processing** | `\Policies\Microsoft\Windows\DataCollection\AllowWUfBCloudProcessing` |
+| MDM for Windows 10, version 1809 or later: ../Vendor/MSFT/ Policy/Config/System/**AllowWUfBCloudProcessing** | `\Microsoft\PolicyManager\current\device\System\AllowWUfBCloudProcessing` |
 
 Following is an example of setting the policy using Microsoft Endpoint Manager:
 
-1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com/).
 
 2. Select **Devices** > **Configuration profiles** > **Create profile**.
 
@@ -162,7 +162,7 @@ Following is an example of setting the policy using Microsoft Endpoint Manager:
 
 8. (Optional) To verify that the policy reached the client, check the value of the following registry entry: 
 
-   **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\PolicyManager \\default\\System\\AllowWUfBCloudProcessing**
+   `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\System\AllowWUfBCloudProcessing`
 
 ## Best practices
 Follow these suggestions for the best results with the service.
diff --git a/windows/deployment/update/wufb-wsus.md b/windows/deployment/update/wufb-wsus.md
index e90960de49..a93c10f142 100644
--- a/windows/deployment/update/wufb-wsus.md
+++ b/windows/deployment/update/wufb-wsus.md
@@ -57,6 +57,9 @@ To help you better understand the scan source policy, see the default scan behav
 > [!TIP]
 > The only two relevant policies for where your updates come from are the specify scan source policy and whether or not you have configured a WSUS server. This should simplify the configuration options.
 
+> [!NOTE]
+> If you have devices configured for WSUS and do not configure the scan source policy for feature updates to come from Windows update or set any Windows Update for Business offering policies, then users who select "Check online for updates" on the Settings page may see the optional upgrade to Windows 11. We recommend configuring the scan source policy or a Windows Update for Business offering policy to prevent such.
+
 ## Configure the scan sources
 
 The policy can be configured using the following two methods:
diff --git a/windows/deployment/windows-autopatch/TOC.yml b/windows/deployment/windows-autopatch/TOC.yml
index c6fe58c845..97e466d258 100644
--- a/windows/deployment/windows-autopatch/TOC.yml
+++ b/windows/deployment/windows-autopatch/TOC.yml
@@ -7,7 +7,7 @@
         - name: What is Windows Autopatch?
           href: overview/windows-autopatch-overview.md
         - name: FAQ
-          href: overview/windows-autopatch-faq.md
+          href: overview/windows-autopatch-faq.yml
     - name: Prepare
       href: prepare/index.md
       items: 
@@ -49,7 +49,7 @@
               href: operate/windows-autopatch-edge.md
             - name: Microsoft Teams
               href: operate/windows-autopatch-teams.md
-        - name: Deregister a devices
+        - name: Deregister a device
           href: operate/windows-autopatch-deregister-devices.md
         - name: Submit a support request
           href: operate/windows-autopatch-support-request.md
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
index 31f250df19..bc01a30400 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-register-devices.md
@@ -36,9 +36,10 @@ You must choose what devices to manage with Windows Autopatch by either adding t
 
 Windows Autopatch also supports the following Azure AD nested group scenarios:
 
-- Azure AD groups synced up from:
-	- On-premises Active Directory groups (Windows server type).
-	- [Configuration Manager collections](/mem/configmgr/core/clients/manage/collections/create-collections#bkmk_aadcollsync).
+Azure AD groups synced up from:
+
+- On-premises Active Directory groups (Windows server type).
+- [Configuration Manager collections](/mem/configmgr/core/clients/manage/collections/create-collections#bkmk_aadcollsync).
 
 > [!IMPORTANT]
 > The **Windows Autopatch Device Registration** Azure AD group only supports one level of Azure AD nested groups.
@@ -52,17 +53,17 @@ To be eligible for Windows Autopatch management, devices must meet a minimum set
 
 - Windows 10/11 64-bit Enterprise edition 1809+.
 - Either hybrid or Azure AD joined (personal devices aren't supported).
-- Managed by Microsoft Endpoint Manager
-	- Microsoft Endpoint Manager-Intune or Microsoft Endpoint Manager-Configuration Manager Co-management.
-		- Microsoft Endpoint Manager-Configuration Manager Co-management workloads swung over to Microsoft Endpoint Manager-Intune (either set to Pilot Intune or Intune).
-			- Windows Updates policies
-			- Device configuration
-			- Office Click-to-run
+- Managed by Microsoft Endpoint Manager.
+    - Microsoft Endpoint Manager-Intune or Microsoft Endpoint Manager-Configuration Manager Co-management.
+        - Microsoft Endpoint Manager-Configuration Manager Co-management workloads swung over to Microsoft Endpoint Manager-Intune (either set to Pilot Intune or Intune).
+            - Windows updates policies
+            - Device configuration
+            - Office Click-to-run
 - Last Intune device check-in completed within the last 28 days.  
 
 For more details on each prerequisite check, see the [Prerequisites](../prepare/windows-autopatch-prerequisites.md) article.
 
-## About Devices Ready and Not ready tabs
+## About the Ready and Not ready tabs
 
 Windows Autopatch introduces a new user interface to help IT admins manage devices and troubleshoot device readiness statuses seamlessly with actionable in-UI device readiness reports for unregistered devices or unhealthy devices.
 
diff --git a/windows/deployment/windows-autopatch/index.yml b/windows/deployment/windows-autopatch/index.yml
index 888ce01b0c..b99aeb0317 100644
--- a/windows/deployment/windows-autopatch/index.yml
+++ b/windows/deployment/windows-autopatch/index.yml
@@ -27,7 +27,7 @@ landingContent:
           - text: What is Windows Autopatch?
             url: ./overview/windows-autopatch-overview.md
           - text: Windows Autopatch FAQ
-            url: ./overview/windows-autopatch-faq.md
+            url: ./overview/windows-autopatch-faq.yml
   
   # Card (optional)
   - title: Articles and blog posts
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-microsoft-365-apps-enterprise.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-microsoft-365-apps-enterprise.md
index b9661b4170..658420e146 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-microsoft-365-apps-enterprise.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-microsoft-365-apps-enterprise.md
@@ -77,7 +77,7 @@ Windows Autopatch will either:
 > [!NOTE]
 > Windows Autopatch doesn't currently allow customers to force their devices to stay on a previous version or rollback to a previous version.
 
-Since Windows quality updates are bundled together into a single release in the [Monthly Enterprise Channel](/deployoffice/overview-update-channels#monthly-enterprise-channel-overview), we can't roll back only a portion of the update for Microsoft 365 Apps for enterprise.  
+Since quality updates are bundled together into a single release in the [Monthly Enterprise Channel](/deployoffice/overview-update-channels#monthly-enterprise-channel-overview), we can't roll back only a portion of the update for Microsoft 365 Apps for enterprise.  
 
 ## Conflicting and unsupported policies
 
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
index f6e0614363..06eeae4e4d 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-support-request.md
@@ -64,7 +64,7 @@ Once a support request is mitigated, it can no longer be edited. If a request ha
 
 ## Microsoft FastTrack
 
-[Microsoft FastTrack](https://www.microsoft.com/en-us/fasttrack) offers Microsoft 365 deployment guidance for customers with 150 or more licenses of an eligible subscription at no additional cost. FastTrack Specialists can help customers work through the Windows Autopatch technical prerequisites described in the [FAQ](../overview/windows-autopatch-faq.md). For more information, visit the [FastTrack website](https://www.microsoft.com/en-ca/fasttrack?rtc=1).
+[Microsoft FastTrack](https://www.microsoft.com/en-us/fasttrack) offers Microsoft 365 deployment guidance for customers with 150 or more licenses of an eligible subscription at no additional cost. FastTrack Specialists can help customers work through the Windows Autopatch technical prerequisites described in the [FAQ](../overview/windows-autopatch-faq.yml). For more information, visit the [FastTrack website](https://www.microsoft.com/en-ca/fasttrack?rtc=1).
 
 Customers who need help with Microsoft 365 workloads can sign in to https://fasttrack.microsoft.com/ with a valid Azure ID and submit a Request for Assistance.
 
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.md
deleted file mode 100644
index 3fad61cc1f..0000000000
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: FAQ
-description:  This article answers frequently asked questions about Windows Autopatch
-ms.date: 05/30/2022
-ms.prod: w11
-ms.technology: windows
-ms.topic: troubleshooting
-ms.localizationpriority: medium
-author: tiaraquan
-ms.author: tiaraquan
-manager: dougeby
-msreviewer: hathind
----
-
-# FAQ
-
-## General
-
-| Question | Answer |
-| ----- | ----- |
-| What Windows versions are supported? | Windows Autopatch works with all [supported versions of Windows 10 and Windows 11 Enterprise edition](/windows/release-health/supported-versions-windows-client). |
-| What is the difference between Windows Updates for Business and Windows Autopatch? | Windows Autopatch is a service that removes the need for organizations to plan and operate the update process.<p> Windows Autopatch moves the burden from your IT to Microsoft. Windows Autopatch uses [Windows Update for Business](/windows/deployment/update/deployment-service-overview) and other service components to update devices. Both are part of Windows Enterprise E3. |
-| Is Windows 365 for Enterprise supported with Windows Autopatch? | Windows Autopatch supports Windows 365 for Enterprise. Windows 365 for Business isn't supported.|
-| Does Windows Autopatch support Windows Education (A3) or Windows Front Line Worker (F3) licensing? | Autopatch isn't available for 'A' or 'F' series licensing. |
-| Will Windows Autopatch support local domain join Windows 10? | Windows Autopatch doesn't support local (on-premise) domain join. Windows Autopatch supports [Hybrid AD join](/azure/active-directory/devices/concept-azure-ad-join-hybrid) or pure [Azure AD join](/azure/active-directory/devices/concept-azure-ad-join-hybrid). |
-| Will Windows Autopatch be available for state and local government customers? | Windows Autopatch is available for all Windows E3 customers using Azure commercial cloud. However, Autopatch isn't currently supported for government cloud (GCC) customers. |
-
-## Requirements
-
-| Question | Answer |
-| ----- | ----- |
-| What are the prerequisites for Windows Autopatch? | <ul><li>[Supported Windows 10/11 Enterprise edition versions](/windows/release-health/supported-versions-windows-client)</li><li>[Azure Active Directory (Azure AD) Premium](/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses)</li><li>[Hybrid Azure AD-Joined](/azure/active-directory/devices/concept-azure-ad-join-hybrid) or [Azure AD-joined only](/azure/active-directory/devices/concept-azure-ad-join-hybrid)</li><li>[Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune)</li><li>[Co-management](/prepare/windows-autopatch-prerequisites.md#co-management-requirements)</li><li>[Configuration Manager version 2010 or later](/mem/configmgr/core/plan-design/changes/whats-new-in-version-2010)</li><li>[Switch workloads for device configuration, Windows Update and Microsoft 365 Apps from Configuration Manager to Intune](/mem/configmgr/comanage/how-to-switch-workloads) (minimum Pilot Intune)</li></ul> |
-| What are the licensing requirements for Windows Autopatch? |<ul><li>Windows Autopatch is included with Window 10/11 Enterprise E3 or higher. For more information, see More about licenses.</li><li>[Azure AD Premium](/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses) (for Co-management)</li><li>[Microsoft Intune](/mem/intune/fundamentals/licenses) (includes Configuration Manager 2010 or greater via co-management)</li></ul> |
-| Are there hardware requirements for Windows Autopatch? | No, Windows Autopatch doesn't require any specific hardware. However, general hardware requirements for updates are still applicable. For example, to deliver Windows 11 to your Autopatch devices they must meet [specific hardware requirements](/windows/windows-11-specifications?r=1). Windows devices must be supported by your hardware OEM. |
-
-## Device registration
-
-| Question | Answer |
-| ----- | ----- |
-| Can Autopatch customers individually approve or deny devices? | No you can't individually approve or deny devices. Once a device is registered with Windows Autopatch, updates are rolled out to the devices according to its ring assignment. Individual device level control isn't supported. |
-
-## Update management
-
-| Question | Answer |
-| ----- | ----- |
-| What systems does Windows Autopatch update? |<ul><li>Windows 10/11 quality updates: Windows Autopatch manages all aspects of update rings.</li><li>Microsoft 365 Apps for enterprise updates: All devices registered for Windows Autopatch will receive updates from the Monthly Enterprise Channel.</li><li>Microsoft Edge: Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel and will provide support for issues with Microsoft Edge updates.</li><li>Microsoft Teams: Windows Autopatch allows eligible devices to benefit from the standard automatic update channels and will provide support for issues with Teams updates.</li> |
-| What does Windows Autopatch do to ensure updates are done successfully? | For Windows quality updates, updates are applied to device in the Test ring first. The devices are evaluated, and then rolled out to the First, Fast then Broad rings. There's an evaluation period at each progression.<p><p>This process is dependent on customer testing and verification of all updates during these rollout stages. The outcome is to ensure that registered devices are always up to date and disruption to business operations is minimized to free up your IT department from that ongoing task. |
-| What happens if there's an issue with an update? | Autopatch relies on the following capabilities to help resolve update issues. <ol><li>Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).</li><li>Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).</li></ol>|
-| Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?  | For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring. |
-| Can customers configure when to move to the next ring or is it controlled by Windows Autopatch? | The decision of when to move to the next ring is handled by Windows Autopatch; it isn't customer configurable. |
-| Can you customize the scheduling of an update rollout to only install on certain days and times? | No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-wqu-end-user-exp.md#servicing-window) to prevent users from updating during business hours. |
-| Does Autopatch support include and exclude groups, or dynamic groups to define ring membership? | Windows autopatch doesn't support managing update ring membership using your Azure AD groups. For more information, see [Move devices between rings](../operate/windows-autopatch-update-management.md#moving-devices-between-rings). |
-| Does Autopatch have two release cadences per update or are there two release cadences per-ring? | The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-wqu-overview.md#expedited-releases) would roll out more rapidly. |
-
-## Support
-
-| Question | Answer |
-| ----- | ----- |
-| What support is available for customers who need help with onboarding to Windows Autopatch? | The FastTrack Center is the primary mode of support for customers who need assistance from Microsoft to meet the pre-requisites (such as Intune and Azure or Hybrid AD) for onboarding to Windows Autopatch. For more information, see [Microsoft FastTrack for Windows Autopatch](../operate/windows-autopatch-support-request.md#microsoft-fasttrack).<p><p>When you've onboarded with Windows Autopatch, you can [submit a support request](../operate/windows-autopatch-support-request.md) with the Windows Autopatch Service Engineering Team. |
-
-## Other
-
-| Question | Answer |
-| ----- | ----- |
-| Are there Autopatch specific APIs or PowerShell scripts available? | Programmatic access to Autopatch isn't currently available. |
diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
new file mode 100644
index 0000000000..31785f6f55
--- /dev/null
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -0,0 +1,106 @@
+### YamlMime:FAQ
+metadata:
+  title: Windows Autopatch - Frequently Asked Questions (FAQ)
+  description: Answers to frequently asked questions about Windows Autopatch.
+  ms.prod: w11
+  ms.topic: faq
+  ms.date: 06/02/2022
+  audience: itpro
+  ms.localizationpriority: medium
+  manager: dougeby
+  author: tiaraquan
+  ms.author: tiaraquan
+  ms.reviwer: hathind
+title: Frequently Asked Questions about Windows Autopatch
+summary: This article answers frequently asked questions about Windows Autopatch.
+sections:
+  - name: General
+    questions:
+      - question: What Windows versions are supported?
+        answer: |
+          Windows Autopatch works with all [supported versions of Windows 10 and Windows 11 Enterprise edition](/windows/release-health/supported-versions-windows-client).
+      - question: What is the difference between Windows Update for Business and Windows Autopatch?
+        answer: |
+          Windows Autopatch is a service that removes the need for organizations to plan and operate the update process. Windows Autopatch moves the burden from your IT to Microsoft. Windows Autopatch uses [Windows Update for Business](/windows/deployment/update/deployment-service-overview) and other service components to update devices. Both are part of Windows Enterprise E3.
+      - question: Is Windows 365 for Enterprise supported with Windows Autopatch?
+        answer: |
+          Windows Autopatch supports Windows 365 for Enterprise. Windows 365 for Business isn't supported.
+      - question: Does Windows Autopatch support Windows Education (A3) or Windows Front Line Worker (F3) licensing?
+        answer: |
+          Autopatch isn't available for 'A' or 'F' series licensing.
+      - question: Will Windows Autopatch support local domain join Windows 10?
+        answer: | 
+          Windows Autopatch doesn't support local (on-premise) domain join. Windows Autopatch supports [Hybrid AD join](/azure/active-directory/devices/concept-azure-ad-join-hybrid) or pure [Azure AD join](/azure/active-directory/devices/concept-azure-ad-join-hybrid).
+      - question: Will Windows Autopatch be available for state and local government customers?
+        answer: |
+          Windows Autopatch is available for all Windows E3 customers using Azure commercial cloud. However, Autopatch isn't currently supported for government cloud (GCC) customers.
+  - name: Requirements
+    questions:
+      - question: What are the prerequisites for Windows Autopatch?
+        answer: |
+          - [Supported Windows 10/11 Enterprise edition versions](/windows/release-health/supported-versions-windows-client)
+          - [Azure Active Directory (Azure AD) Premium](/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses)
+          - [Hybrid Azure AD-Joined](/azure/active-directory/devices/concept-azure-ad-join-hybrid) or [Azure AD-joined only](/azure/active-directory/devices/concept-azure-ad-join-hybrid)
+          - [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune)
+          - [Co-management](/prepare/windows-autopatch-prerequisites.md#co-management-requirements)
+          - [Configuration Manager version 2010 or later](/mem/configmgr/core/plan-design/changes/whats-new-in-version-2010)
+          - [Switch workloads for device configuration, Windows Update and Microsoft 365 Apps from Configuration Manager to Intune](/mem/configmgr/comanage/how-to-switch-workloads) (minimum Pilot Intune)
+      - question: What are the licensing requirements for Windows Autopatch?
+        answer: |
+          - Windows Autopatch is included with Window 10/11 Enterprise E3 or higher. For more information, see [More about licenses](../prepare/windows-autopatch-prerequisites.md#more-about-licenses).
+          - [Azure AD Premium](/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses) (for Co-management)
+          - [Microsoft Intune](/mem/intune/fundamentals/licenses) (includes Configuration Manager 2010 or greater via co-management)
+      - question: Are there hardware requirements for Windows Autopatch?
+        answer: |
+          No, Windows Autopatch doesn't require any specific hardware. However, general hardware requirements for updates are still applicable. For example, to deliver Windows 11 to your Autopatch devices they must meet [specific hardware requirements](/windows/whats-new/windows-11-requirements). Windows devices must be supported by your hardware OEM.
+  - name: Device registration
+    questions:
+      - question: Can Autopatch customers individually approve or deny devices?
+        answer: |
+          No you can't individually approve or deny devices. Once a device is registered with Windows Autopatch, updates are rolled out to the devices according to its ring assignment. Individual device level control isn't supported.
+  - name: Update Management
+    questions: 
+      - question: What systems does Windows Autopatch update?
+        answer: |
+          - Windows 10/11 quality updates: Windows Autopatch manages all aspects of update rings.
+          - Microsoft 365 Apps for enterprise updates: All devices registered for Windows Autopatch will receive updates from the Monthly Enterprise Channel.
+          - Microsoft Edge: Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel and will provide support for issues with Microsoft Edge updates.
+          - Microsoft Teams: Windows Autopatch allows eligible devices to benefit from the standard automatic update channels and will provide support for issues with Teams updates.
+      - question: What does Windows Autopatch do to ensure updates are done successfully?
+        answer: For information about the Microsoft Admin Center, see [Manage third-party app subscriptions for your organization](/microsoft-365/commerce/manage-saas-apps).
+      - question: What does Windows Autopatch do to ensure updates are done successfully?
+        answer: |
+          For Windows quality updates, updates are applied to device in the Test ring first. The devices are evaluated, and then rolled out to the First, Fast then Broad rings. There's an evaluation period at each progression. This process is dependent on customer testing and verification of all updates during these rollout stages. The outcome is to ensure that registered devices are always up to date and disruption to business operations is minimized to free up your IT department from that ongoing task.
+      - question: What happens if there's an issue with an update?
+        answer: |
+          Autopatch relies on the following capabilities to help resolve update issues:
+          - Pausing and resuming: If Windows Autopatch detects an issue with a Windows quality release, we may decide that it's necessary to pause that release. Once the issue is resolved, the release will be resumed. For more information, see [Pausing and resuming a Windows quality release](../operate/windows-autopatch-wqu-overview.md#pausing-and-resuming-a-release).
+          - Rollback: If Windows Autopatch detects issues between versions of Microsoft 365 Apps for enterprise, we might force all devices to roll back to the previous version. For more information, see [Update controls for Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#update-controls).
+      - question: Will Windows quality updates be released more quickly after vulnerabilities are identified, or what is the regular cadence of updates?
+        answer: |
+          For zero-day threats, Autopatch will have an [expedited release cadence](../operate/windows-autopatch-wqu-overview.md#expedited-releases). For normal updates Autopatch uses a [regular release cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) starting with devices in the Test ring and completing with general rollout to the Broad ring.
+      - question: Can customers configure when to move to the next ring or is it controlled by Windows Autopatch?
+        answer: |
+          The decision of when to move to the next ring is handled by Windows Autopatch; it isn't customer configurable.
+      - question: Can you customize the scheduling of an update rollout to only install on certain days and times?
+        answer: |
+          No, you can't customize update scheduling. However, you can specify [active hours](../operate/windows-autopatch-wqu-end-user-exp.md#servicing-window) to prevent users from updating during business hours.
+      - question: Does Autopatch support include and exclude groups, or dynamic groups to define ring membership?
+        answer: |
+          Windows autopatch doesn't support managing update ring membership using your Azure AD groups. For more information, see [Move devices between rings](../operate/windows-autopatch-update-management.md#moving-devices-between-rings).
+      - question: Does Autopatch have two release cadences per update or are there two release cadences per-ring?
+        answer: |
+          The release cadences are defined based on the update type. For example, a [regular cadence](../operate/windows-autopatch-wqu-overview.md#windows-quality-update-releases) (for a Windows quality update would be a gradual rollout from the Test ring to the Broad ring over 14 days whereas an [expedited release](../operate/windows-autopatch-wqu-overview.md#expedited-releases) would roll out more rapidly.
+  - name: Support
+    questions:
+      - question: What support is available for customers who need help with onboarding to Windows Autopatch?
+        answer: |
+          The FastTrack Center is the primary mode of support for customers who need assistance from Microsoft to meet the pre-requisites (such as Intune and Azure or Hybrid AD) for onboarding to Windows Autopatch. For more information, see [Microsoft FastTrack for Windows Autopatch](../operate/windows-autopatch-support-request.md#microsoft-fasttrack). When you've onboarded with Windows Autopatch, you can [submit a support request](../operate/windows-autopatch-support-request.md) with the Windows Autopatch Service Engineering Team.
+  - name: Other
+    questions:
+      - question: Are there Autopatch specific APIs or PowerShell scripts available?
+        answer: |
+          Programmatic access to Autopatch isn't currently available.
+additionalContent: |
+  ## Additional Content
+  [Provide feedback](https://go.microsoft.com/fwlink/?linkid=2195593) or start a discussion in our [Windows Autopatch Tech Community](https://aka.ms/Community/WindowsAutopatch
\ No newline at end of file
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
index 8dff734be5..56770f8dd7 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-fix-issues.md
@@ -45,7 +45,7 @@ Your "Windows 10 update ring" policy in Intune must not target any Windows Autop
 | Result | Meaning |
 | ----- | ----- |
 | Not ready | You have an "update ring" policy that targets all devices, all users, or both. Change the policy to use an assignment that targets a specific Azure Active Directory (AD) group that doesn't include any Windows Autopatch devices.<p><p>After enrolling into Autopatch, make sure that any update ring policies you have exclude the **Modern Workplace Devices - All** Azure Active Directory (AD) group.</p><p>For more information, see [Manage Windows 10 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure).</p>|
-| Advisory | Both the **Modern Workplace Devices - All** and **Modern Workplace - All** Azure AD groups are groups that we create after you enroll in Windows Autopatch.<p>This advisory appears after enrolling into Autopatch. Check the following:<ol><li>Make sure that any update ring policies you have exclude the **Modern Workplace Devices - All** Azure Active Directory (AD) group.</li><li>If you have assigned Azure AD user groups to these policies, make sure that any update ring policies you have also exclude the **Modern Workplace - All** Azure AD group that you add your Windows Autopatch users to (or an equivalent group).</li></ol>For more information, see [Manage Windows 10 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure). |
+| Advisory | Both the **Modern Workplace Devices - All** and **Modern Workplace - All** Azure AD groups are groups that we create after you enroll in Windows Autopatch. This advisory is flagging an action you should take after enrolling into the service:<ol><li>Make sure that any update ring policies you have exclude the **Modern Workplace Devices - All** Azure Active Directory (AD) group.</li><li>If you have assigned Azure AD user groups to these policies, make sure that any update ring policies you have also exclude the **Modern Workplace - All** Azure AD group that you add your Windows Autopatch users to (or an equivalent group).</li></ol><br>For more information, see [Manage Windows 10 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure). |
 
 ## Azure Active Directory settings
 
@@ -53,7 +53,7 @@ You can access Azure Active Directory (AD) settings in the [Azure portal](https:
 
 ### Conditional access policies
 
-Conditional access policies must not prevent Windows Autopatch from connecting to your Intune tenant.
+Conditional access policies must not prevent Windows Autopatch from connecting to your tenant.
 
 | Result | Meaning |
 | ----- | ----- |
@@ -66,7 +66,7 @@ Windows Autopatch requires the following licenses:
 
 | Result | Meaning |
 | ----- | ----- |
-| Not ready | Windows Autopatch requires Windows 10/11 Enterprise E3 (or higher) to be assigned to your users. Additionally, Azure Active Directory Premium, Microsoft Intune and Windows 10/11 Enterprise are required. For more information, see [more about licenses](../prepare/windows-autopatch-prerequisites.md#more-about-licenses). |
+| Not ready | Windows Autopatch requires Windows 10/11 Enterprise E3 (or higher) to be assigned to your users. Additionally, Azure Active Directory Premium, and Microsoft Intune are required. For more information, see [more about licenses](../prepare/windows-autopatch-prerequisites.md#more-about-licenses). |
 
 ### Windows Autopatch service accounts
 
diff --git a/windows/security/apps.md b/windows/security/apps.md
index e376d06d98..a2cd365e1b 100644
--- a/windows/security/apps.md
+++ b/windows/security/apps.md
@@ -4,9 +4,6 @@ description: Get an overview of application security in Windows 10 and Windows 1
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/cloud.md b/windows/security/cloud.md
index 7bccc2aa84..980e361561 100644
--- a/windows/security/cloud.md
+++ b/windows/security/cloud.md
@@ -5,15 +5,10 @@ ms.reviewer:
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/20/2021
 ms.localizationpriority: medium
 ms.custom: 
-f1.keywords: NOCSH 
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 search.appverid: MET150 
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/cryptography-certificate-mgmt.md b/windows/security/cryptography-certificate-mgmt.md
index 7c781c1bdf..c4062d7e7c 100644
--- a/windows/security/cryptography-certificate-mgmt.md
+++ b/windows/security/cryptography-certificate-mgmt.md
@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.prod: m365-security
@@ -14,7 +13,6 @@ ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
 ms.reviewer: skhadeer, raverma
-f1.keywords: NOCSH 
 ---
 
 # Cryptography and Certificate Management
diff --git a/windows/security/encryption-data-protection.md b/windows/security/encryption-data-protection.md
index 359afde71f..782617bafe 100644
--- a/windows/security/encryption-data-protection.md
+++ b/windows/security/encryption-data-protection.md
@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/08/2021
 ms.prod: m365-security
@@ -13,8 +12,7 @@ ms.technology: windows-sec
 ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
-ms.reviewer: deepakm, rafals
-f1.keywords: NOCSH  
+ms.reviewer: deepakm, rafals  
 ---
 
 # Encryption and data protection in Windows client
diff --git a/windows/security/hardware.md b/windows/security/hardware.md
index 435dd886c2..ffeb576881 100644
--- a/windows/security/hardware.md
+++ b/windows/security/hardware.md
@@ -4,9 +4,6 @@ description: Get an overview of hardware security in Windows 11 and Windows 10
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/identity.md b/windows/security/identity.md
index bf6a97473a..797f089f86 100644
--- a/windows/security/identity.md
+++ b/windows/security/identity.md
@@ -4,9 +4,6 @@ description: Get an overview of identity security in Windows 11 and Windows 10
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
index 2b8382dfa8..df962a8ff5 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
@@ -23,6 +23,7 @@ title: BitLocker Overview and Requirements FAQ
 summary: |
   **Applies to**
   -   Windows 10
+  -   Windows 11
   
 
 sections:
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md
index a5d4bf4e49..41c1be27f1 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md
@@ -1,5 +1,5 @@
 ---
-title: BitLocker (Windows 10)
+title: BitLocker
 description: This topic provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features.
 ms.assetid: 40526fcc-3e0d-4d75-90e0-c7d0615f33b2
 ms.author: dansimp
@@ -102,4 +102,4 @@ When installing the BitLocker optional component on a server you will also need
 | [Protect BitLocker from pre-boot attacks](./bitlocker-countermeasures.md)| This detailed guide will help you understand the circumstances under which the use of pre-boot authentication is recommended for devices running Windows 11, Windows 10, Windows 8.1, Windows 8, or Windows 7; and when it can be safely omitted from a device’s configuration. |
 | [Troubleshoot BitLocker](troubleshoot-bitlocker.md) | This guide describes the resources that can help you troubleshoot BitLocker issues, and provides solutions for several common BitLocker issues. |
 | [Protecting cluster shared volumes and storage area networks with BitLocker](protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md)| This topic for IT pros describes how to protect CSVs and SANs with BitLocker.| 
-| [Enabling Secure Boot and BitLocker Device Encryption on Windows IoT Core](/windows/iot-core/secure-your-device/SecureBootAndBitLocker) | This topic covers how to use BitLocker with Windows IoT Core |
\ No newline at end of file
+| [Enabling Secure Boot and BitLocker Device Encryption on Windows IoT Core](/windows/iot-core/secure-your-device/SecureBootAndBitLocker) | This topic covers how to use BitLocker with Windows IoT Core |
diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 310538cbee..305b40e22f 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: deniseb
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: denisebmsft
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/security-foundations.md b/windows/security/security-foundations.md
index 0d118520fc..1dc5324f16 100644
--- a/windows/security/security-foundations.md
+++ b/windows/security/security-foundations.md
@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: deniseb
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: denisebmsft
 ms.collection: M365-security-compliance
 ms.prod: m365-security
diff --git a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
index 7057f8c90f..564c7cdfe4 100644
--- a/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
+++ b/windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md
@@ -1,14 +1,9 @@
 ---
 title: Block untrusted fonts in an enterprise (Windows 10)
 description: To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we've created the Blocking Untrusted Fonts feature.
-ms.assetid: a3354c8e-4208-4be6-bc19-56a572c361b4
 ms.reviewer: 
 manager: dansimp
-keywords: font blocking, untrusted font blocking, block fonts, untrusted fonts
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.pagetype: security
-ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.date: 08/14/2017
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
index 778a829c8b..68328931ed 100644
--- a/windows/security/threat-protection/fips-140-validation.md
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -2,7 +2,6 @@
 title: Federal Information Processing Standard (FIPS) 140 Validation
 description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/get-support-for-security-baselines.md b/windows/security/threat-protection/get-support-for-security-baselines.md
index 5d606c7889..2159488c70 100644
--- a/windows/security/threat-protection/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/get-support-for-security-baselines.md
@@ -1,14 +1,11 @@
 ---
 title: Get support
 description: Frequently asked question about how to get support for Windows baselines, the Security Compliance Toolkit (SCT), and related topics in your organization.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dulcemontemayor
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 06/25/2018
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index c76ead4afc..02f00be3f6 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -1,17 +1,12 @@
 ---
 title: Windows threat protection
 description: Describes the security capabilities in Windows client focused on threat protection
-keywords: threat protection, Microsoft Defender Antivirus, attack surface reduction, next-generation protection, endpoint detection and response, automated investigation and response, microsoft threat experts, Microsoft Secure Score for Devices, advanced hunting, cyber threat hunting, web threat protection
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.author: dansimp
 author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.technology: windows-sec
diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md
index 406ee97c59..c8fafe64a7 100644
--- a/windows/security/threat-protection/mbsa-removal-and-guidance.md
+++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md
@@ -1,9 +1,7 @@
 ---
 title: Guide to removing Microsoft Baseline Security Analyzer (MBSA)
 description: This article documents the removal of Microsoft Baseline Security Analyzer (MBSA) and provides alternative solutions.
-keywords: MBSA, security, removal
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
diff --git a/windows/security/threat-protection/msft-security-dev-lifecycle.md b/windows/security/threat-protection/msft-security-dev-lifecycle.md
index df8eacefc1..9be071fa44 100644
--- a/windows/security/threat-protection/msft-security-dev-lifecycle.md
+++ b/windows/security/threat-protection/msft-security-dev-lifecycle.md
@@ -2,7 +2,6 @@
 title: Microsoft Security Development Lifecycle
 description: Download the Microsoft Security Development Lifecycle white paper which covers a security assurance process focused on software development.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
index 33712bcefa..681a9ae413 100644
--- a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
+++ b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md
@@ -3,11 +3,7 @@ manager: dansimp
 ms.author: dansimp
 title: Override Process Mitigation Options (Windows 10)
 description: How to use Group Policy to override individual Process Mitigation Options settings and to help enforce specific app-related security policies.
-keywords: Process Mitigation Options, Mitigation Options, Group Policy Mitigation Options
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.pagetype: security
-ms.sitesec: library
 author: dulcemontemayor
 ms.localizationpriority: medium
 ms.technology: windows-sec
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 9d7d8ad4bc..436d94ab00 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -2,9 +2,6 @@
 title: Mitigate threats by using Windows 10 security features (Windows 10)
 description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.reviewer: 
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index 087bf0dbc9..ed70e30816 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -1,15 +1,10 @@
 ---
 title: Control the health of Windows 10-based devices (Windows 10)
 description: This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
-ms.assetid: 45DB1C41-C35D-43C9-A274-3AD5F31FE873
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-keywords: security, BYOD, malware, device health attestation, mobile
 ms.prod: m365-security
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security, devices
 author: dulcemontemayor
 ms.date: 10/13/2017
 ms.localizationpriority: medium
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
index ccaba0be7d..0c1396e74f 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
-ms.date: 04/19/2017
 ms.technology: windows-sec
 ---
 
@@ -86,7 +85,7 @@ None. Changes to this policy become effective without a restart when saved local
 
 ### Group Policy
 
-Setting and deploying this policy using Group Policy takes precedence over the setting on the local device. If the Group Policy is set to **Not Configured**, local settings will apply.
+Setting and deploying this policy using Group Policy takes precedence over the setting on the local device. If the Group Policy is set to **Not Configured**, local settings will apply. The policy is applicable to domain controllers only.
 
 ### Auditing
 
diff --git a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
index 9376277ddf..411b14fcba 100644
--- a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
+++ b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md
@@ -1,14 +1,10 @@
 ---
 title: Use Windows Event Forwarding to help with intrusion detection (Windows 10)
 description: Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected.
-ms.assetid: 733263E5-7FD1-45D2-914A-184B9E3E6A3F
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dulcemontemayor
 ms.date: 02/28/2019
 ms.localizationpriority: medium
diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md
index 15141a8aff..ec94f13e2b 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md
+++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md
@@ -1,17 +1,12 @@
 ---
 title: Create an Outbound Program or Service Rule (Windows)
 description: Use the Windows Defender Firewall with Advanced Security node in the Group Policy Management console to create firewall rules.
-ms.assetid: f71db4fb-0228-4df2-a95d-b9c056aa9311
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md
index 9539084377..6e4429688b 100644
--- a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md
+++ b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md
@@ -1,17 +1,12 @@
 ---
 title: Create Inbound Rules to Support RPC (Windows)
 description: Learn how to allow RPC network traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
-ms.assetid: 0b001c2c-12c1-4a30-bb99-0c034d7e6150
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
index 33d369d823..502b0b5b91 100644
--- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
+++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
@@ -1,17 +1,12 @@
 ---
 title: Create Windows Firewall rules in Intune (Windows)
 description: Learn how to use Intune to create rules in Windows Defender Firewall with Advanced Security. Start by creating a profile in Device Configuration in Intune.
-ms.assetid: 47057d90-b053-48a3-b881-4f2458d3e431
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.technology: windows-sec
diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
index 6d9896ef84..1b2931e18d 100644
--- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
+++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
@@ -1,17 +1,12 @@
 ---
 title: Create WMI Filters for the GPO (Windows)
 description: Learn how to use WMI filters on a GPO to make sure that each GPO for a group can only be applied to devices running the correct version of Windows.
-ms.assetid: b1a6d93d-a3c8-4e61-a388-4a3323f0e74e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
index bb72548e1a..7e365c2fbf 100644
--- a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
+++ b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md
@@ -1,17 +1,12 @@
 ---
 title: Designing a Windows Defender Firewall Strategy (Windows)
 description: Answer the question in this article to design an effective Windows Defender Firewall with Advanced Security Strategy.
-ms.assetid: 6d98b184-33d6-43a5-9418-4f24905cfd71
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md
index be0ce97138..cdbb54af14 100644
--- a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md
+++ b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md
@@ -1,17 +1,12 @@
 ---
 title: Determining the Trusted State of Your Devices (Windows)
 description: Learn how to define the trusted state of devices in your enterprise to help design your strategy for using Windows Defender Firewall with Advanced Security.
-ms.assetid: 3e77f0d0-43aa-47dd-8518-41ccdab2f2b2
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
@@ -25,7 +20,7 @@ ms.technology: windows-sec
 -   Windows 11
 -   Windows Server 2016 and above
 
-After obtaining information about the devices that are currently part of the IT infrastructure, you must determine at what point a device is considered trusted. The term *trusted* can mean different things to different people. Therefore, you must communicate a firm definition for it to all stakeholders in the project. Failure to do this can lead to problems with the security of the trusted environment, because the overall security cannot exceed the level of security set by the least secure client that achieves trusted status.
+After obtaining information about the devices that are currently part of the IT infrastructure, you must determine at what point a device is considered trusted. The term *trusted* can mean different things to different people. Therefore, you must communicate a firm definition for it to all stakeholders in the project. Failure to do this can lead to problems with the security of the trusted environment, because the overall security can't exceed the level of security set by the least secure client that achieves trusted status.
 
 >**Note:**  In this context, the term *trust* has nothing to do with an Active Directory trust relationship between domains. The trusted state of your devices just indicates the level of risk that you believe the device brings to the network. Trusted devices bring little risk whereas untrusted devices can potentially bring great risk.
 
@@ -46,9 +41,9 @@ The remainder of this section defines these states and how to determine which de
 
 ### Trusted state
 
-Classifying a device as trusted means that the device's security risks are managed, but it does not imply that it is perfectly secure or invulnerable. The responsibility for this managed state falls to the IT and security administrators, in addition to the users who are responsible for the configuration of the device. A trusted device that is poorly managed will likely become a point of weakness for the network.
+Classifying a device as trusted means that the device's security risks are managed, but it doesn't imply that it's perfectly secure or invulnerable. The responsibility for this managed state falls to the IT and security administrators, in addition to the users who are responsible for the configuration of the device. A trusted device that is poorly managed will likely become a point of weakness for the network.
 
-When a device is considered trusted, other trusted devices can reasonably assume that the device will not initiate a malicious act. For example, trusted devices can expect that other trusted devices will not run a virus that attacks them, because all trusted devices are required to use mechanisms (such as antivirus software) to mitigate the threat of viruses.
+When a device is considered trusted, other trusted devices can reasonably assume that the device won't initiate a malicious act. For example, trusted devices can expect that other trusted devices won't run a virus that attacks them, because all trusted devices are required to use mechanisms (such as antivirus software) to mitigate the threat of viruses.
 
 Spend some time defining the goals and technology requirements that your organization considers appropriate as the minimum configuration for a device to obtain trusted status.
 
@@ -68,49 +63,49 @@ A possible list of technology requirements might include the following:
 
 -   **Password requirements.** Trusted clients must use strong passwords.
 
-It is important to understand that the trusted state is not constant; it is a transient state that is subject to changing security standards and compliance with those standards. New threats and new defenses emerge constantly. For this reason, the organization's management systems must continually check the trusted devices to ensure ongoing compliance. Additionally, the management systems must be able to issue updates or configuration changes if they are required to help maintain the trusted status.
+It's important to understand that the trusted state isn't constant; it's a transient state that is subject to changing security standards and compliance with those standards. New threats and new defenses emerge constantly. For this reason, the organization's management systems must continually check the trusted devices to ensure ongoing compliance. Additionally, the management systems must be able to issue updates or configuration changes if they're required to help maintain the trusted status.
 
-A device that continues to meet all these security requirements can be considered trusted. However it is possible that most devices that were identified in the discovery process discussed earlier do not meet these requirements. Therefore, you must identify which devices can be trusted and which ones cannot. To help with this process, you use the intermediate *trustworthy* state. The remainder of this section discusses the different states and their implications.
+A device that continues to meet all these security requirements can be considered trusted. However it's possible that most devices that were identified in the discovery process discussed earlier don't meet these requirements. Therefore, you must identify which devices can be trusted and which ones can't. To help with this process, you use the intermediate *trustworthy* state. The remainder of this section discusses the different states and their implications.
 
 ### Trustworthy state
 
-It is useful to identify as soon as possible those devices in your current infrastructure that can achieve a trusted state. A *trustworthy state* can be assigned to indicate that the current device can physically achieve the trusted state with required software and configuration changes.
+It's useful to identify as soon as possible those devices in your current infrastructure that can achieve a trusted state. A *trustworthy state* can be assigned to indicate that the current device can physically achieve the trusted state with required software and configuration changes.
 
 For each device that is assigned a trustworthy status, make an accompanying configuration note that states what is required to enable the device to achieve trusted status. This information is especially important to both the project design team (to estimate the costs of adding the device to the solution) and the support staff (to enable them to apply the required configuration).
 
 Generally, trustworthy devices fall into one of the following two groups:
 
--   **Configuration required.** The current hardware, operating system, and software enable the device to achieve a trustworthy state. However, additional configuration changes are required. For example, if the organization requires a secure file system before a device can be considered trusted, a device that uses a FAT32-formatted hard disk does not meet this requirement.
+-   **Configuration required.** The current hardware, operating system, and software enable the device to achieve a trustworthy state. However, additional configuration changes are required. For example, if the organization requires a secure file system before a device can be considered trusted, a device that uses a FAT32-formatted hard disk doesn't meet this requirement.
 
 -   **Upgrade required.** These devices require upgrades before they can be considered trusted. The following list provides some examples of the type of upgrade these devices might require:
 
-    -   **Operating system upgrade required.** If the device's current operating system cannot support the security needs of the organization, an upgrade would be required before the device could achieve a trusted state.
+    -   **Operating system upgrade required.** If the device's current operating system can't support the security needs of the organization, an upgrade would be required before the device could achieve a trusted state.
 
-    -   **Software required.** A device that is missing a required security application, such as an antivirus scanner or a management client, cannot be considered trusted until these applications are installed and active.
+    -   **Software required.** A device that is missing a required security application, such as an antivirus scanner or a management client, can't be considered trusted until these applications are installed and active.
 
     -   **Hardware upgrade required.** In some cases, a device might require a specific hardware upgrade before it can achieve trusted status. This type of device usually needs an operating system upgrade or additional software that forces the required hardware upgrade. For example, security software might require additional hard disk space on the device.
 
-    -   **Device replacement required.** This category is reserved for devices that cannot support the security requirements of the solution because their hardware cannot support the minimum acceptable configuration. For example, a device that cannot run a secure operating system because it has an old processor (such as a 100-megahertz \[MHz\] x86-based device).
+    -   **Device replacement required.** This category is reserved for devices that can't support the security requirements of the solution because their hardware can't support the minimum acceptable configuration. For example, a device that can't run a secure operating system because it has an old processor (such as a 100-megahertz \[MHz\] x86-based device).
 
 Use these groups to assign costs for implementing the solution on the devices that require upgrades.
 
 ### Known, untrusted state
 
-During the process of categorizing an organization's devices, you will identify some devices that cannot achieve trusted status for specific well-understood and well-defined reasons. These reasons might include the following types:
+During the process of categorizing an organization's devices, you'll identify some devices that can't achieve trusted status for specific well-understood and well-defined reasons. These reasons might include the following types:
 
--   **Financial.** The funding is not available to upgrade the hardware or software for this device.
+-   **Financial.** The funding isn't available to upgrade the hardware or software for this device.
 
--   **Political.** The device must remain in an untrusted state because of a political or business situation that does not enable it to comply with the stated minimum security requirements of the organization. It is highly recommended that you contact the business owner or independent software vendor (ISV) for the device to discuss the added value of server and domain isolation.
+-   **Political.** The device must remain in an untrusted state because of a political or business situation that doesn't enable it to comply with the stated minimum security requirements of the organization. It's highly recommended that you contact the business owner or independent software vendor (ISV) for the device to discuss the added value of server and domain isolation.
 
 -   **Functional.** The device must run a nonsecure operating system or must operate in a nonsecure manner to perform its role. For example, the device might be required to run an older operating system because a specific line of business application will only work on that operating system.
 
 There can be multiple functional reasons for a device to remain in the known untrusted state. The following list includes several examples of functional reasons that can lead to a classification of this state:
 
--   **Devices that run unsupported versions of Windows.** This includes Windows XP, Windows Millennium Edition, Windows 98, Windows 95, or Windows NT. Devices that run these versions of the Windows operating system cannot be classified as trustworthy because these operating systems do not support the required security infrastructure. For example, although Windows NT does support a basic security infrastructure, it does not support “deny” ACLs on local resources, any way to ensure the confidentiality and integrity of network communications, smart cards for strong authentication, or centralized management of device configurations (although limited central management of user configurations is supported).
+-   **Devices that run unsupported versions of Windows.** This includes Windows XP, Windows Millennium Edition, Windows 98, Windows 95, or Windows NT. Devices that run these versions of the Windows operating system can't be classified as trustworthy because these operating systems don't support the required security infrastructure. For example, although Windows NT does support a basic security infrastructure, it doesn't support “deny” ACLs on local resources, any way to ensure the confidentiality and integrity of network communications, smart cards for strong authentication, or centralized management of device configurations (although limited central management of user configurations is supported).
 
--   **Stand-alone devices.** Devices running any version of Windows that are configured as stand-alone devices or as members of a workgroup usually cannot achieve a trustworthy state. Although these devices fully support the minimum required basic security infrastructure, the required security management capabilities are unlikely to be available when the device is not a part of a trusted domain.
+-   **Stand-alone devices.** Devices running any version of Windows that are configured as stand-alone devices or as members of a workgroup usually can't achieve a trustworthy state. Although these devices fully support the minimum required basic security infrastructure, the required security management capabilities are unlikely to be available when the device isn't a part of a trusted domain.
 
--   **Devices in an untrusted domain.** A device that is a member of a domain that is not trusted by an organization's IT department cannot be classified as trusted. An untrusted domain is a domain that cannot provide the required security capabilities to its members. Although the operating systems of devices that are members of this untrusted domain might fully support the minimum required basic security infrastructure, the required security management capabilities cannot be fully guaranteed when devices are not in a trusted domain.
+-   **Devices in an untrusted domain.** A device that is a member of a domain that isn't trusted by an organization's IT department can't be classified as trusted. An untrusted domain is a domain that can't provide the required security capabilities to its members. Although the operating systems of devices that are members of this untrusted domain might fully support the minimum required basic security infrastructure, the required security management capabilities can't be fully guaranteed when devices aren't in a trusted domain.
 
 ### Unknown, untrusted state
 
@@ -129,20 +124,20 @@ The final step in this part of the process is to record the approximate cost of
 
 -   What is the projected cost or impact of making the proposed changes to enable the device to achieve a trusted state?
 
-By answering these questions, you can quickly determine the level of effort and approximate cost of bringing a particular device or group of devices into the scope of the project. It is important to remember that the state of a device is transitive, and that by performing the listed remedial actions you can change the state of a device from untrusted to trusted. After you decide whether to place a device in a trusted state, you are ready to begin planning and designing the isolation groups, which the next section [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) discusses.
+By answering these questions, you can quickly determine the level of effort and approximate cost of bringing a particular device or group of devices into the scope of the project. It's important to remember that the state of a device is transitive, and that by performing the listed remedial actions you can change the state of a device from untrusted to trusted. After you decide whether to place a device in a trusted state, you're ready to begin planning and designing the isolation groups, which the next section [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) discusses.
 
 The following table is an example of a data sheet that you could use to help capture the current state of a device and what would be required for the device to achieve a trusted state.
 
 | Device name | Hardware reqs met | Software reqs met | Configuration required | Details | Projected cost |
 | - | - | - | - | - | - |
-| CLIENT001 | No| No| Upgrade hardware and software.| Current operating system is Windows XP. Old hardware is not compatible with newer versions of Windows.| $??| 
+| CLIENT001 | No| No| Upgrade hardware and software.| Current operating system is Windows XP. Old hardware isn't compatible with newer versions of Windows.| $??| 
 | SERVER001 | Yes| No| Join trusted domain and upgrade from Windows Server 2003 to Windows Server 2012.| No antivirus software present.| $??| 
 
 In the previous table, the device CLIENT001 is currently "known, untrusted" because its hardware must be upgraded. However, it could be considered trustworthy if the required upgrades are possible. However, if many devices require the same upgrades, the overall cost of the solution would be much higher.
 
 The device SERVER001 is "trustworthy" because it meets the hardware requirements but its operating system must be upgraded. It also requires antivirus software. The projected cost is the amount of effort that is required to upgrade the operating system and install antivirus software, along with their purchase costs.
 
-With the other information that you have gathered in this section, this information will be the foundation of the efforts performed later in the [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) section.
+With the other information that you've gathered in this section, this information will be the foundation of the efforts performed later in the [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) section.
 
 The costs identified in this section only capture the projected cost of the device upgrades. Many additional design, support, test, and training costs should be accounted for in the overall project plan.
 
diff --git a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md
index 6b8adafa56..4b52443989 100644
--- a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md
+++ b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md
@@ -1,17 +1,12 @@
 ---
 title: Documenting the Zones (Windows)
 description: Learn how to document the zone placement of devices in your design for Windows Defender Firewall with Advanced Security.
-ms.assetid: ebd7a650-4d36-42d4-aac0-428617f5a32d
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md
index ec6e6a670b..d3e12bfc41 100644
--- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md
+++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md
@@ -1,17 +1,12 @@
 ---
 title: Domain Isolation Policy Design Example (Windows)
 description: This example uses a fictitious company to illustrate domain isolation policy design in Windows Defender Firewall with Advanced Security.
-ms.assetid: 704dcf58-286f-41aa-80af-c81720aa7fc5
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md
index 0f112cdfa7..ac3e4beadc 100644
--- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md
+++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md
@@ -1,17 +1,12 @@
 ---
 title: Domain Isolation Policy Design (Windows)
 description: Learn how to design a domain isolation policy, based on which devices accept only connections from authenticated members of the same isolated domain.
-ms.assetid: 7475084e-f231-473a-9357-5e1d39861d66
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md
index cd420e5088..c17b29ef65 100644
--- a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md
+++ b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md
@@ -1,17 +1,12 @@
 ---
 title: Enable Predefined Inbound Rules (Windows)
 description: Learn the rules for Windows Defender Firewall with Advanced Security for common networking roles and functions.
-ms.assetid: a4fff086-ae81-4c09-b828-18c6c9a937a7
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md
index 0102f9ee3a..782c3d49fc 100644
--- a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md
+++ b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md
@@ -1,17 +1,12 @@
 ---
 title: Enable Predefined Outbound Rules (Windows)
 description: Learn to deploy predefined firewall rules that block outbound network traffic for common network functions in Windows Defender Firewall with Advanced Security.
-ms.assetid: 71cc4157-a1ed-41d9-91e4-b3140c67c1be
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md
index 6d909df105..f246825b19 100644
--- a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md
+++ b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md
@@ -1,17 +1,12 @@
 ---
 title: Encryption Zone GPOs (Windows)
 description: Learn how to add a device to an encryption zone by adding the device account to the encryption zone group in Windows Defender Firewall with Advanced Security.
-ms.assetid: eeb973dd-83a5-4381-9af9-65c43c98c29b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
@@ -27,6 +22,6 @@ ms.technology: windows-sec
 
 Handle encryption zones in a similar manner to the boundary zones. A device is added to an encryption zone by adding the device account to the encryption zone group. Woodgrove Bank has a single service that must be protected, and the devices that are running that service are added to the group CG\_DOMISO\_Encryption. This group is granted Read and Apply Group Policy permissions in on the GPO described in this section.
 
-The GPO is only for server versions of Windows. Client devices are not expected to participate in the encryption zone. If the need for one occurs, either create a new GPO for that version of Windows, or expand the WMI filter attached to one of the existing encryption zone GPOs to make it apply to the client version of Windows.
+The GPO is only for server versions of Windows. Client devices aren't expected to participate in the encryption zone. If the need for one occurs, either create a new GPO for that version of Windows, or expand the WMI filter attached to one of the existing encryption zone GPOs to make it apply to the client version of Windows.
 
 -   [GPO\_DOMISO\_Encryption](gpo-domiso-encryption.md)
diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone.md b/windows/security/threat-protection/windows-firewall/encryption-zone.md
index fe2e9815a6..8a6dd9db87 100644
--- a/windows/security/threat-protection/windows-firewall/encryption-zone.md
+++ b/windows/security/threat-protection/windows-firewall/encryption-zone.md
@@ -1,17 +1,12 @@
 ---
 title: Encryption Zone (Windows)
 description: Learn how to create an encryption zone to contain devices that host very sensitive data and require that the sensitive network traffic be encrypted.
-ms.assetid: 55a025ce-357f-4d1b-b2ae-6ee32c9abe13
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md
index 0a1c8c3094..9cd638e39c 100644
--- a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md
+++ b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md
@@ -1,17 +1,12 @@
 ---
 title: Evaluating Windows Defender Firewall with Advanced Security Design Examples (Windows)
 description: Evaluating Windows Defender Firewall with Advanced Security Design Examples
-ms.assetid: a591389b-18fa-4a39-ba07-b6fb61961cbd
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md
index 686d6ff871..dee6778a40 100644
--- a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md
+++ b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md
@@ -1,17 +1,12 @@
 ---
 title: Exempt ICMP from Authentication (Windows)
 description: Learn how to add exemptions for any network traffic that uses the ICMP protocol in Windows Defender Firewall with Advanced Security.
-ms.assetid: c086c715-8d0c-4eb5-9ea7-2f7635a55548
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/exemption-list.md b/windows/security/threat-protection/windows-firewall/exemption-list.md
index c060789ce3..a150d214f5 100644
--- a/windows/security/threat-protection/windows-firewall/exemption-list.md
+++ b/windows/security/threat-protection/windows-firewall/exemption-list.md
@@ -1,17 +1,12 @@
 ---
 title: Exemption List (Windows)
 description: Learn about reasons to add devices to an exemption list in Windows Defender Firewall with Advanced Security and the trade-offs of having too many exemptions.
-ms.assetid: a05e65b4-b48d-44b1-a7f1-3a8ea9c19ed8
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md b/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
index ca7cb954eb..ad4e1359c3 100644
--- a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
+++ b/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
@@ -4,8 +4,6 @@ description: Filter origin documentation audit log improvements
 ms.reviewer: 
 ms.author: v-bshilpa
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: normal
 author: Benny-54
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-firewall/firewall-gpos.md b/windows/security/threat-protection/windows-firewall/firewall-gpos.md
index c6815864d5..9cac69201b 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-gpos.md
+++ b/windows/security/threat-protection/windows-firewall/firewall-gpos.md
@@ -1,17 +1,12 @@
 ---
 title: Firewall GPOs (Windows)
 description: In this example, a Group Policy Object is linked to the domain container because the domain controllers are not part of the isolated domain.
-ms.assetid: 720645fb-a01f-491e-8d05-c9c6d5e28033
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md
index e130a76c47..6152948655 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md
+++ b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md
@@ -1,17 +1,12 @@
 ---
 title: Basic Firewall Policy Design Example (Windows)
 description: This example features a fictitious company and illustrates firewall policy design for Windows Defender Firewall with Advanced Security.
-ms.assetid: 0dc3bcfe-7a4d-4a15-93a9-64b13bd775a7
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md b/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md
index 562716bc3b..db56dcc84e 100644
--- a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md
+++ b/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md
@@ -4,8 +4,6 @@ description: Firewall settings lost on upgrade
 ms.reviewer: 
 ms.author: v-bshilpa
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: Benny-54
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md
index 32c6dd328f..fe4d111ad1 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md
@@ -1,17 +1,12 @@
 ---
 title: Gathering Information about Your Active Directory Deployment (Windows)
 description: Learn about gathering Active Directory information, including domain layout, organizational unit architecture, and site topology, for your firewall deployment.
-ms.assetid: b591b85b-12ac-4329-a47e-bc1b03e66eb0
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
index 792686a4b3..0c7ab93228 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md
@@ -1,17 +1,12 @@
 ---
 title: Gathering Info about Your Network Infrastructure (Windows)
 description: Learn how to gather info about your network infrastructure so that you can effectively plan for Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: f98d2b17-e71d-4ffc-b076-118b4d4782f9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md
index 0e57c0e9a9..6d7e499d9c 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md
@@ -1,17 +1,12 @@
 ---
 title: Gathering Information about Your Devices (Windows)
 description: Learn what information to gather about the devices in your enterprise to plan your Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: 7f7cd3b9-de8e-4fbf-89c6-3d1a47bc2beb
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
index 579ef8f647..fe22f964b8 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
@@ -1,17 +1,12 @@
 ---
 title: Gathering Other Relevant Information (Windows)
 description: Learn about additional information you may need to gather to deploy Windows Defender Firewall with Advanced Security policies in your organization.
-ms.assetid: 87ccca07-4346-496b-876d-cdde57d0ce17
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md
index 8482a7cd65..0599090184 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md
@@ -1,17 +1,12 @@
 ---
 title: Gathering the Information You Need (Windows)
 description: Collect and analyze information about your network, directory services, and devices to prepare for Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: 545fef02-5725-4b1e-b67a-a32d94c27d15
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md
index afa8e8f5cc..adfb2e0acb 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md
+++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md
@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_Boundary (Windows)
 description: This example GPO supports devices that are not part of the isolated domain to access specific servers that must be available to those untrusted devices.
-ms.assetid: ead3a510-c329-4c2a-9ad2-46a3b4975cfd
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md
index d1ca928d07..bc83b6e60d 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md
+++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md
@@ -1,18 +1,13 @@
 ---
 title: GPO\_DOMISO\_Encryption\_WS2008 (Windows)
 description: This example GPO supports the ability for servers that contain sensitive data to require encryption for all connection requests.
-ms.assetid: 84375480-af6a-4c79-aafe-0a37115a7446
 ms.reviewer: 
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 ms.date: 09/08/2021
 ms.technology: windows-sec
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md
index 662dd03f50..6cd30ab0e7 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md
@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_Firewall (Windows)
 description: Learn about the settings and rules in this example GPO, which is authored by using the Group Policy editing tools.
-ms.assetid: 318467d2-5698-4c5d-8000-7f56f5314c42
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md
index bed380f50e..ce23a063fa 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md
+++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md
@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_IsolatedDomain\_Clients (Windows)
 description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
-ms.assetid: 73cd9e25-f2f1-4ef6-b0d1-d36209518cd9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md
index 84d2f5ce16..3e29726a15 100644
--- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md
+++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md
@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_IsolatedDomain\_Servers (Windows)
 description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
-ms.assetid: 33aed8f3-fdc3-4f96-985c-e9d2720015d3
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
index 6746a2c01c..5684e64a1e 100644
--- a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
+++ b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md
@@ -1,17 +1,12 @@
 ---
 title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment (Windows)
 description: Identifying Your Windows Defender Firewall with Advanced Security (WFAS) implementation goals
-ms.assetid: 598cf45e-2e1c-4947-970f-361dfa264bba
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
index 9f16389687..19be53c930 100644
--- a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
+++ b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md
@@ -1,17 +1,12 @@
 ---
 title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan (Windows)
 description: Implementing Your Windows Defender Firewall with Advanced Security Design Plan
-ms.assetid: 15f609d5-5e4e-4a71-9eff-493a2e3e40f9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md
index ccaefb1de6..afdbbb4444 100644
--- a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md
+++ b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md
@@ -1,17 +1,12 @@
 ---
 title: Isolated Domain GPOs (Windows)
 description: Learn about GPOs for isolated domains in this example configuration of Windows Defender Firewall with Advanced Security.
-ms.assetid: e254ce4a-18c6-4868-8179-4078d9de215f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain.md b/windows/security/threat-protection/windows-firewall/isolated-domain.md
index af0a3cd985..336af76b07 100644
--- a/windows/security/threat-protection/windows-firewall/isolated-domain.md
+++ b/windows/security/threat-protection/windows-firewall/isolated-domain.md
@@ -1,17 +1,12 @@
 ---
 title: Isolated Domain (Windows)
 description: Learn about the isolated domain, which is the primary zone for trusted devices, which use connection security and firewall rules to control communication.
-ms.assetid: d6fa8d67-0078-49f6-9bcc-db1f24816c5e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md
index 642c968859..94c2d1efc2 100644
--- a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md
+++ b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md
@@ -2,13 +2,9 @@
 title: Isolating Microsoft Store Apps on Your Network (Windows)
 description: Learn how to customize your firewall configuration to isolate the network access of the new Microsoft Store apps that run on devices added to your network.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md
index 472e264155..27ca0787a6 100644
--- a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md
+++ b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md
@@ -1,17 +1,12 @@
 ---
 title: Link the GPO to the Domain (Windows)
 description: Learn how to link a GPO to the Active Directory container for the target devices, after you configure it in Windows Defender Firewall with Advanced Security.
-ms.assetid: 746d4553-b1a6-4954-9770-a948926b1165
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
index 4d847f7055..e14954cb74 100644
--- a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
+++ b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md
@@ -1,17 +1,12 @@
 ---
 title: Mapping your implementation goals to a Windows Firewall with Advanced Security design (Windows)
 description: Mapping your implementation goals to a Windows Firewall with Advanced Security design
-ms.assetid: 7e68c59e-ba40-49c4-8e47-5de5d6b5eb22
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
index e2e209ff07..20c89d309f 100644
--- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
+++ b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md
@@ -1,17 +1,12 @@
 ---
 title: Modify GPO Filters (Windows)
 description: Learn how to modify GPO filters to apply to a different zone or version of windows in Windows Defender Firewall with Advanced Security.
-ms.assetid: 24ede9ca-a501-4025-9020-1129e2cdde80
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
index 7b4d920b83..27d55010fe 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
+++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md
@@ -1,17 +1,12 @@
 ---
 title: Open the Group Policy Management Console to IP Security Policies (Windows)
 description: Learn how to open the Group Policy Management Console to IP Security Policies to configure GPOs for earlier versions of the Windows operating system.
-ms.assetid: 235f73e4-37b7-40f4-a35e-3e7238bbef43
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
index d55f5793ea..6b414fd0e1 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
@@ -1,17 +1,12 @@
 ---
 title: Group Policy Management of Windows Firewall with Advanced Security (Windows)
 description: Group Policy Management of Windows Firewall with Advanced Security
-ms.assetid: 28afab36-8768-4938-9ff2-9d6dab702e98
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
index 77e7c364b3..7c1ef5c3ab 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md
@@ -1,17 +1,12 @@
 ---
 title: Group Policy Management of Windows Defender Firewall (Windows)
 description: Group Policy Management of Windows Defender Firewall with Advanced Security
-ms.assetid: 5090b2c8-e038-4905-b238-19ecf8227760
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md
index c46ba8f97f..31a3fba50f 100644
--- a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md
@@ -1,17 +1,12 @@
 ---
 title: Open Windows Defender Firewall with Advanced Security (Windows)
 description: Learn how to open the Windows Defender Firewall with Advanced Security console. You must be a member of the Administrators group.
-ms.assetid: 788faff2-0f50-4e43-91f2-3e2595c0b6a1
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md
index c5d10098c9..e0e0de7084 100644
--- a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md
+++ b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Certificate-based Authentication (Windows)
 description: Learn how a device unable to join an Active Directory domain can still participate in an isolated domain by using certificate-based authentication.
-ms.assetid: a55344e6-d0df-4ad5-a6f5-67ccb6397dec
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md
index a5c690294e..8732491e55 100644
--- a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md
+++ b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Domain Isolation Zones (Windows)
 description: Learn how to use information you have gathered to make decisions about isolation zones for your environment in Windows Defender Firewall with Advanced Security.
-ms.assetid: 70bc7c52-91f0-4a0d-a64a-69d3ea1c6d05
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md
index 81d3ffeabe..fcdef1ec8f 100644
--- a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md
+++ b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md
@@ -1,17 +1,12 @@
 ---
 title: Planning GPO Deployment (Windows)
 description: Learn how to use security group filtering and WMI filtering to provide the most flexible options for applying GPOs to devices in Active Directory.
-ms.assetid: b38adfb1-1371-4227-a887-e6d118809de1
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
index 3002cef090..46f1ec18cd 100644
--- a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
+++ b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Group Policy Deployment for Your Isolation Zones (Windows)
 description: Learn how to plan a group policy deployment for your isolation zones after you determine the best logical design for your isolation environment.
-ms.assetid: ea7c0acd-af28-4347-9d4a-4801b470557c
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md
index 6cf3ebe60c..703b785517 100644
--- a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md
+++ b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Isolation Groups for the Zones (Windows)
 description: Learn about planning isolation groups for the zones in Microsoft Firewall, including information on universal groups and GPOs.
-ms.assetid: be4b662d-c1ce-441e-b462-b140469a5695
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md
index 9a897f0089..115c4bc0b4 100644
--- a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md
+++ b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Network Access Groups (Windows)
 description: Learn how to implement a network access group for users and devices that can access an isolated server in Windows Defender Firewall with Advanced Security.
-ms.assetid: 56ea1717-1731-4a5d-b277-5a73eb86feb0
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md
index 9e87ee9790..7c7ab8b78d 100644
--- a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md
+++ b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Server Isolation Zones (Windows)
 description: Learn how to restrict access to a server to approved users by using a server isolation zone in Windows Defender Firewall with Advanced Security.
-ms.assetid: 5f63c929-589e-4b64-82ea-515d62765b7b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
index ed55752803..5aed4df804 100644
--- a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
+++ b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Settings for a Basic Firewall Policy (Windows)
 description: Learn how to design a basic policy for Windows Defender Firewall with Advanced Security, the settings and rules that enforce your requirements on devices.
-ms.assetid: 4c90df5a-3cbc-4b85-924b-537c2422d735
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md
index 74e85fa1a0..054cd6b4c9 100644
--- a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md
+++ b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md
@@ -1,17 +1,12 @@
 ---
 title: Planning the GPOs (Windows)
 description: Learn about planning Group Policy Objects for your isolation zones in Windows Defender Firewall with Advanced Security, after you design the zone layout.
-ms.assetid: 11949ca3-a11c-4a16-b297-0862432eb5b4
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
index d651e8e71b..1bb9e49550 100644
--- a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md
@@ -1,17 +1,12 @@
 ---
 title: Plan to Deploy Windows Defender Firewall with Advanced Security (Windows)
 description: Use the design information in this article to plan for the deployment of Windows Defender Firewall with Advanced Security in your organization.
-ms.assetid: 891a30c9-dbf5-4a88-a279-00662b9da48e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
index 66140941f1..c88257ead5 100644
--- a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
+++ b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md
@@ -1,17 +1,12 @@
 ---
 title: Planning Your Windows Defender Firewall with Advanced Security Design (Windows)
 description: After you gather the relevant information, select the design or combination of designs for Windows Defender Firewall with Advanced Security in your environment.
-ms.assetid: f3ac3d49-ef4c-4f3c-a16c-e107284e169f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md
index e45fb6c5e6..8c98be2b77 100644
--- a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md
+++ b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md
@@ -1,17 +1,12 @@
 ---
 title: Procedures Used in This Guide (Windows)
 description: Refer to this summary of procedures for Windows Defender Firewall with Advanced Security from checklists in this guide.
-ms.assetid: 45c0f549-e4d8-45a3-a600-63e2a449e178
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md
index 40645e4078..ba994c905e 100644
--- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md
+++ b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md
@@ -1,17 +1,12 @@
 ---
 title: Protect devices from unwanted network traffic (Windows)
 description: Learn how running a host-based firewall on every device in your organization can help protect against attacks as part of a defense-in-depth security strategy.
-ms.assetid: 307d2b38-e8c4-4358-ae16-f2143af965dc
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 01/18/2022
diff --git a/windows/security/threat-protection/windows-firewall/quarantine.md b/windows/security/threat-protection/windows-firewall/quarantine.md
index 83309d4b1b..42338ede59 100644
--- a/windows/security/threat-protection/windows-firewall/quarantine.md
+++ b/windows/security/threat-protection/windows-firewall/quarantine.md
@@ -4,14 +4,9 @@ description: Quarantine behavior is explained in detail.
 ms.author: v-bshilpa
 author: Benny-54
 manager: dansimp
-ms.assetid: 
 ms.reviewer: 
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: normal
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
index 5ae57cd35b..23025f1e50 100644
--- a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
+++ b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md
@@ -1,17 +1,12 @@
 ---
 title: Require Encryption When Accessing Sensitive Network Resources (Windows)
 description: Windows Defender Firewall with Advanced Security allows you to require that all network traffic in an isolated domain be encrypted.
-ms.assetid: da980d30-a68b-4e2a-ba63-94726355ce6f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
index 4e8ca4f98b..b91f299c18 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
+++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md
@@ -1,17 +1,12 @@
 ---
 title: Restrict Access to Only Specified Users or Devices (Windows)
 description: Restrict access to devices and users that are members of domain groups authorized to access that device using Windows Defender Firewall with Advanced Security.
-ms.assetid: a6106a07-f9e5-430f-8dbd-06d3bf7406df
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md
index 287942862c..cc78b7ceb7 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md
+++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md
@@ -1,17 +1,12 @@
 ---
 title: Restrict access to only trusted devices (Windows)
 description: Windows Defender Firewall with Advanced Security enables you to isolate devices you trust and restrict access of untrusted devices to trusted devices.
-ms.assetid: bc1f49a4-7d54-4857-8af9-b7c79f47273b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
index 35882149d3..d405ae9ad9 100644
--- a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
+++ b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md
@@ -1,17 +1,12 @@
 ---
 title: Restrict Server Access to Members of a Group Only (Windows)
 description: Create a firewall rule to access isolated servers running Windows Server 2008 or later and restrict server access to members of a group.
-ms.assetid: ea51c55b-e1ed-44b4-82e3-3c4287a8628b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
index 70ebf3fd75..e43a977d74 100644
--- a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
+++ b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md
@@ -2,13 +2,9 @@
 title: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012 (Windows)
 description: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md
index 9ec9d59a12..9f249ae1c5 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md
+++ b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md
@@ -1,17 +1,12 @@
 ---
 title: Server Isolation GPOs (Windows)
 description: Learn about required GPOs for isolation zones and how many server isolation zones you need in Windows Defender Firewall with Advanced Security.
-ms.assetid: c97b1f2f-51d8-4596-b38a-8a3f6f706be4
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md
index 59eb498be0..f5b9e6802b 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md
+++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md
@@ -1,17 +1,12 @@
 ---
 title: Server Isolation Policy Design Example (Windows)
 description: Learn about server isolation policy design in Windows Defender Firewall with Advanced Security by referring to this example of a fictitious company.
-ms.assetid: 337e5f6b-1ec5-4b83-bee5-d0aea1fa5fc6
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md
index 92ff6b97db..c9a669692f 100644
--- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md
+++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md
@@ -1,17 +1,12 @@
 ---
 title: Server Isolation Policy Design (Windows)
 description: Learn about server isolation policy design, where you assign servers to a zone that allows access only to members of an approved network access group.
-ms.assetid: f93f65cd-b863-461e-ab5d-a620fd962c9a
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index 3e3a5b108f..2337344ccf 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -4,8 +4,6 @@ description: Troubleshooting UWP App Connectivity Issues in Windows Firewall
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
index 0ae4b4f8dd..64a55b790e 100644
--- a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
+++ b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md
@@ -1,17 +1,12 @@
 ---
 title: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior (Windows)
 description: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior
-ms.assetid: 3c3fe832-ea81-4227-98d7-857a3129db74
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
index d6dbf5fd5a..dd58d0c8d0 100644
--- a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
+++ b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md
@@ -2,13 +2,9 @@
 title: Understand WFAS Deployment (Windows)
 description: Resources for helping you understand the Windows Defender Firewall with Advanced Security (WFAS) Design Process
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
index 7ae486d08d..0c11ed522b 100644
--- a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
+++ b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
@@ -1,17 +1,12 @@
 ---
 title: Verify That Network Traffic Is Authenticated (Windows)
 description: Learn how to confirm that network traffic is being protected by IPsec authentication after you configure your domain isolation rule to require authentication.
-ms.assetid: cc1fb973-aedf-4074-ad4a-7376b24f03d2
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
index b00b59d00e..c89e65cba2 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md
@@ -2,13 +2,9 @@
 title: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell (Windows)
 description: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
index dfcf6cfc99..fbb11692e8 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md
@@ -1,17 +1,12 @@
 ---
 title: Windows Defender Firewall with Advanced Security deployment overview (Windows)
 description: Use this guide to deploy Windows Defender Firewall with Advanced Security for your enterprise to help protect devices and data that they share across a network.
-ms.assetid: 56b51b97-1c38-481e-bbda-540f1216ad56
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
index 38545a3d40..623503499e 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md
@@ -1,17 +1,12 @@
 ---
 title: Windows Defender Firewall with Advanced Security design guide (Windows)
 description: Learn about common goals for using Windows Defender Firewall with Advanced Security to choose or create a design for deploying the firewall in your enterprise.
-ms.assetid: 5c631389-f232-4b95-9e48-ec02b8677d51
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
index 989c1be1a1..966c5e4a6a 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
@@ -2,14 +2,10 @@
 title: Windows Defender Firewall with Advanced Security (Windows)
 description: Learn overview information about the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md
index 281436db6f..d9ecdb1fb0 100644
--- a/windows/security/threat-protection/windows-platform-common-criteria.md
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@@ -2,7 +2,6 @@
 title: Common Criteria Certifications
 description: This topic details how Microsoft supports the Common Criteria certification program.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md
index 31d3aba69a..be77c53fd5 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md
@@ -2,7 +2,6 @@
 title: Windows Sandbox architecture
 description: Windows Sandbox architecture
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
index cd5f7a2082..94adc3d7c8 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
@@ -2,7 +2,6 @@
 title: Windows Sandbox configuration
 description: Windows Sandbox configuration
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index 29b2f22f62..ec43ba1f84 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -2,7 +2,6 @@
 title: Windows Sandbox
 description: Windows Sandbox overview
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
index c3cc25f375..52c3d0d811 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -1,14 +1,11 @@
 ---
 title: Get support for security baselines
 description: Find answers to frequently asked question on how to get support for baselines, the Security Compliance Toolkit (SCT), and related topics.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 02/14/2022
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
index eec2742b4c..3fd0c07c67 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
@@ -1,14 +1,11 @@
 ---
 title: Microsoft Security Compliance Toolkit 1.0 Guide
 description: This article describes how to use Security Compliance Toolkit 1.0 in your organization
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 02/14/2022
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index 6d4c993655..18cb5242f6 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -1,14 +1,11 @@
 ---
 title: Security baselines guide
 description: Learn how to use security baselines in your organization.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 01/26/2022
diff --git a/windows/security/trusted-boot.md b/windows/security/trusted-boot.md
index 6792a8df14..a0e24a1035 100644
--- a/windows/security/trusted-boot.md
+++ b/windows/security/trusted-boot.md
@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/21/2021
 ms.prod: m365-security
@@ -13,8 +12,7 @@ ms.technology: windows-sec
 ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
-ms.reviewer: jsuther
-f1.keywords: NOCSH  
+ms.reviewer: jsuther  
 ---
 
 # Secure Boot and Trusted Boot
diff --git a/windows/security/zero-trust-windows-device-health.md b/windows/security/zero-trust-windows-device-health.md
index 8b9b5e1d73..6953ab042b 100644
--- a/windows/security/zero-trust-windows-device-health.md
+++ b/windows/security/zero-trust-windows-device-health.md
@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.custom: intro-overview