diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
index d761ebfc85..fe87bdd2c0 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/29/2019
+ms.date: 05/09/2019
 ---
 
 # Enable controlled folder access
@@ -59,9 +59,12 @@ For more information about disabling local list merging, see [Prevent or allow u
    ![Create endpoint protection profile](images/create-endpoint-protection-profile.png) 
 1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**. 
 1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**. 
+
    ![Enable controlled folder access in Intune](images/enable-cfa-intune.png)
+
    >[!NOTE]
    >Wilcard is supported for applications, but not for folders. Subfolders are not protected. 
+
 1. Click **OK** to save each open blade and click **Create**. 
 1. Click the profile **Assignments**, assign to **All Users & All Devices**, and click **Save**.
 
@@ -93,7 +96,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
     - **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
     - **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
 
-    ![Screenshot of group policy option with Enabled and then Enable selected in the drop down](images/cfa-gp-enable.png)
+      ![Screenshot of group policy option with Enabled and then Enable selected in the drop down](images/cfa-gp-enable.png)
 
 >[!IMPORTANT]
 >To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu.