- 1.6.0.0
+ 1.7.0.0
FindSPFatalError
A4028172-1B09-48F8-AD3B-86CDD7D55852
@@ -474,9 +397,9 @@ Refer to https://learn.microsoft.com/windows/deployment/upgrade/upgrade-error-co
Professional
Windows Defender
- 2019-06-06T21:19:10
+ 2023-06-06T21:19:10
- 2019-06-06T22:21:49
+ 2023-06-06T22:21:49
0001-01-01T00:00:00
0001-01-01T00:00:00
@@ -488,14 +411,14 @@ Refer to https://learn.microsoft.com/windows/deployment/upgrade/upgrade-error-co
F21F8FB6-00FD-4349-84FB-2AC75F389E73
F21F8FB6-00FD-4349-84FB-2AC75F389E73
- 2019-06-06 21:47:11, Error SP Error converting install time 5/2/2019 to structure[gle=0x00000057]
+ 2023-06-06 21:47:11, Error SP Error converting install time 5/2/2023 to structure[gle=0x00000057]
Error: SetupDiag reports Fatal Error.
Last Setup Phase = Downlevel
Last Setup Operation: Gather data, scope: EVERYTHING
Error: 0x00000057
- LogEntry: 2019-06-06 21:47:11, Error SP Error converting install time 5/2/2019 to structure[gle=0x00000057]
- LogEntry: 2019-06-06 21:47:11, Error SP Error converting install time 5/2/2019 to structure[gle=0x00000057]
+ LogEntry: 2023-06-06 21:47:11, Error SP Error converting install time 5/2/2023 to structure[gle=0x00000057]
+ LogEntry: 2023-06-06 21:47:11, Error SP Error converting install time 5/2/2023 to structure[gle=0x00000057]
Refer to "https://learn.microsoft.com/windows/desktop/Debug/system-error-codes" for error information.
Err = 0x00000057, LastOperation = Gather data, scope: EVERYTHING, LastPhase = Downlevel
@@ -504,7 +427,7 @@ Refer to "https://learn.microsoft.com/windows/desktop/Debug/system-error-codes"
### JSON log sample
-```
+```json
{
"Version":"1.6.0.0",
"ProfileName":"FindSPFatalError",
@@ -540,15 +463,15 @@ Refer to "https://learn.microsoft.com/windows/desktop/Debug/system-error-codes"
"UpgradeEndTime":"\/Date(1559884909000-0700)\/",
"UpgradeStartTime":"\/Date(1559881150000-0700)\/"
},
- "LogErrorLine":"2019-06-06 21:47:11, Error SP Error converting install time 5\/2\/2019 to structure[
+ "LogErrorLine":"2023-06-06 21:47:11, Error SP Error converting install time 5\/2\/2023 to structure[
gle=0x00000057
]",
"FailureData":[
"\u000aError: SetupDiag reports Fatal Error.\u000aLast Setup Phase = Downlevel\u000aLast Setup Operation: Gather data, scope: EVERYTHING\u000aError: 0x00000057",
- "LogEntry: 2019-06-06 21:47:11, Error SP Error converting install time 5\/2\/2019 to structure[
+ "LogEntry: 2023-06-06 21:47:11, Error SP Error converting install time 5\/2\/2023 to structure[
gle=0x00000057
]",
- "LogEntry: 2019-06-06 21:47:11, Error SP Error converting install time 5\/2\/2019 to structure[
+ "LogEntry: 2023-06-06 21:47:11, Error SP Error converting install time 5\/2\/2023 to structure[
gle=0x00000057
]",
"\u000aRefer to \"https:\/\/learn.microsoft.com\/windows\/desktop\/Debug\/system-error-codes\" for error information."
@@ -563,10 +486,10 @@ Refer to "https://learn.microsoft.com/windows/desktop/Debug/system-error-codes"
}
```
-## Sample registry key
+## Example registry key
-
+:::image type="content" alt-text="Example of Addreg registry key." source="../images/addreg.png":::
## Related articles
-[Resolve Windows 10 upgrade errors: Technical information for IT Pros](./resolve-windows-10-upgrade-errors.md)
+- [Resolve Windows upgrade errors: Technical information for IT Pros](./resolve-windows-upgrade-errors.md).
diff --git a/windows/deployment/upgrade/submit-errors.md b/windows/deployment/upgrade/submit-errors.md
index 5bd00dddf7..d970501fec 100644
--- a/windows/deployment/upgrade/submit-errors.md
+++ b/windows/deployment/upgrade/submit-errors.md
@@ -1,72 +1,75 @@
---
-title: Submit Windows 10 upgrade errors using Feedback Hub
+title: Submit Windows upgrade errors using Feedback Hub
manager: aaroncz
ms.author: frankroj
-description: Download the Feedback Hub app, and then submit Windows 10 upgrade errors for diagnosis using feedback hub.
+description: Download the Feedback Hub app, and then submit Windows upgrade errors for diagnosis using feedback hub.
ms.prod: windows-client
author: frankroj
ms.localizationpriority: medium
ms.topic: article
ms.technology: itpro-deploy
-ms.date: 10/28/2022
+ms.date: 01/18/2024
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
-# Submit Windows 10 upgrade errors using Feedback Hub
+# Submit Windows upgrade errors using Feedback Hub
-**Applies to**
-- Windows 10
+> [!NOTE]
+>
+> This article is a 100 level article (basic).
+>
+> See [Resolve Windows upgrade errors](resolve-windows-upgrade-errors.md) for a full list of articles in this section.
->[!NOTE]
->This is a 100 level topic (basic).
->See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article.
-
-## In this topic
-
-This topic describes how to submit problems with a Windows 10 upgrade to Microsoft using the Windows 10 Feedback Hub.
+This article describes how to submit problems with a Windows upgrade to Microsoft using the Windows Feedback Hub.
## About the Feedback Hub
-The Feedback Hub app lets you tell Microsoft about any problems you run in to while using Windows 10 and send suggestions to help us improve your Windows experience. Previously, you could only use the Feedback Hub if you were in the Windows Insider Program. Now anyone can use this tool. You can download the Feedback Hub app from the Microsoft Store [here](https://www.microsoft.com/store/p/feedback-hub/9nblggh4r32n?SilentAuth=1&wa=wsignin1.0).
+The Feedback Hub app allows reporting to Microsoft of any problems encountered while using Windows. It also allows sending suggestions to Microsoft on how to improve the Windows experience. Previously, the Feedback Hub could only be used through the Windows Insider Program. Now anyone can use this tool. The Feedback Hub app can be downloaded from the [Microsoft Store](https://www.microsoft.com/store/p/feedback-hub/9nblggh4r32n?SilentAuth=1&wa=wsignin1.0).
-The Feedback Hub requires Windows 10. If you're having problems upgrading from an older version of Windows to Windows 10, you can use the Feedback Hub to submit this information. However, you must collect the log files from the legacy operating system and then attach these files to your feedback using a device that is running Windows 10. If you're upgrading to Windows 10 from a previous version of Windows 10, the Feedback Hub will collect log files automatically.
+The Feedback Hub requires a currently supported version of Windows. The Feedback Hub can be used to submit information to Microsoft if problems are encountered while upgrading Windows. If upgrading to a currently supported version of Windows from a previous version that's Windows 10 or newer, the Feedback Hub automatically collects log files. For operating systems prior to Windows 10 that don't support the Feedback Hub, the log files must be manually collected. The log files can then be attached to the feedback item using a device that is running a currently supported version of Windows that supports the Feedback Hub.
## Submit feedback
-To submit feedback about a failed Windows 10 upgrade, select the following link: [Feedback Hub](feedback-hub://?referrer=resolveUpgradeErrorsPage&tabid=2&contextid=81&newFeedback=true&feedbackType=2&topic=submit-errors.md)
+To submit feedback about a failed Windows upgrade, open the [Feedback Hub](feedback-hub://?referrer=resolveUpgradeErrorsPage&tabid=2&contextid=81&newFeedback=true&feedbackType=2&topic=submit-errors.md).
-The Feedback Hub will open.
+In the Feedback Hub, fill out all four sections with as much detail as possible:
-- Under **Tell us about it**, and then under **Summarize your issue**, type **Upgrade failing**.
-- Under **Give us more detail**, provide additional information about the failed upgrade, such as:
- - When did the failure occur?
- - Were there any reboots?
- - How many times did the system reboot?
- - How did the upgrade fail?
- - Were any error codes visible?
- - Did the computer fail to a blue screen?
- - Did the computer automatically rollback or did it hang, requiring you to power cycle it before it rolled back?
-- Additional details
- - What type of security software is installed?
- - Is the computer up to date with latest drivers and firmware?
- - Are there any external devices connected?
-- If you used the link above, the category and subcategory will be automatically selected. If it isn't selected, choose **Install and Update** and **Windows Installation**.
+1. **Enter your feedback**
+1. **Choose a category**
+1. **Find similar feedback**
+1. **Add more details**
-You can attach a screenshot or file if desired. This is optional, but can be helpful when diagnosing your upgrade issue. The location of these files is described here: [Windows Setup log files and event logs](/windows-hardware/manufacture/desktop/windows-setup-log-files-and-event-logs).
+Recommended information that can be included under the **Add more details** section include:
-Select **Submit** to send your feedback.
+- When did the failure occur?
+ - Were there any reboots?
+ - How many times did the system reboot?
+- How did the upgrade fail?
+ - Were any error codes visible?
+ - Did the computer fail to a blue screen?
+ - Did the computer automatically rollback or did it hang, requiring the computer to be power cycled before it rolled back?
+- What type of security software is installed?
+- Is the computer up to date with latest drivers and firmware?
+- Are there any external devices connected?
-See the following example:
+Using the **Attach a screenshot** and **Attach a file** options allows screenshots or files to be included as part of the feedback item. Attachments and screenshots are optional, but can be helpful when diagnosing the upgrade issue. For example, log files can be included as attachments to the feedback item. The location of the Windows upgrade log files is described in the article [Windows Setup log files and event logs](/windows-hardware/manufacture/desktop/windows-setup-log-files-and-event-logs).
-
+Finally the **Recreate my problem** option can be used to potentially send additional data and logs for Microsoft to evaluate.
-After you select Submit, that's all you need to do. Microsoft will receive your feedback and begin analyzing the issue. You can check on your feedback periodically to see what solutions have been provided.
+Once all the feedback items are completed, select the **Submit** button to send the feedback. Microsoft receives the feedback and begins analyzing the issue. The submitted feedback can be checked on periodically to see what solutions are provided.
-## Link to your feedback
+## Link to the feedback
-After your feedback is submitted, you can email or post links to it by opening the Feedback Hub, clicking My feedback at the top, clicking the feedback item you submitted, clicking **Share**, then copying the short link that is displayed.
+After the feedback is submitted, additional information and items can be added to the feedback item. To do so:
-
+1. Open the [Feedback Hub](feedback-hub:).
+1. At the top of the Feedback Hub, select **My feedback**.
+1. Select the feedback item that was submitted.
+1. Select **Share**.
+1. Copy and then use the short link that is displayed.
+
+:::image type="content" alt-text="Share example." source="../images/share.jpg":::
## Related articles
-
-[Windows 10 release information](https://technet.microsoft.com/windows/release-info.aspx)
diff --git a/windows/deployment/upgrade/windows-error-reporting.md b/windows/deployment/upgrade/windows-error-reporting.md
index 57c9590028..edc0e1a846 100644
--- a/windows/deployment/upgrade/windows-error-reporting.md
+++ b/windows/deployment/upgrade/windows-error-reporting.md
@@ -8,25 +8,27 @@ author: frankroj
ms.localizationpriority: medium
ms.topic: article
ms.technology: itpro-deploy
-ms.date: 10/28/2022
+ms.date: 01/18/2024
+appliesto:
+ - ✅ Windows 11
+ - ✅ Windows 10
---
# Windows Error Reporting
-**Applies to**
-- Windows 10
-
> [!NOTE]
-> This is a 300 level topic (moderately advanced).
-> See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article.
+>
+> This article is a 300 level article (moderately advanced).
+>
+> See [Resolve Windows upgrade errors](resolve-windows-upgrade-errors.md) for a full list of articles in this section.
-
-When Windows Setup fails, the result and extend code are recorded as an informational event in the Application log by Windows Error Reporting as event 1001. The event name is **WinSetupDiag02**. You can use Event Viewer to review this event, or you can use Windows PowerShell.
+When Windows Setup fails, the result and extend code are recorded as an informational event in the Application log by Windows Error Reporting as event 1001. The event name is **WinSetupDiag02**. Event Viewer or Windows PowerShell can be used to review this event.
To use Windows PowerShell, type the following commands from an elevated Windows PowerShell prompt:
> [!IMPORTANT]
-> The following source will be available only if you have updated from a previous version of Windows 10 to a new version. If you installed the current version and have not updated, the source named **WinSetupDiag02** will be unavailable.
+>
+> The following Event logs are only available if Windows was updated from a previous version of Windows to a new version of Windows.
```powershell
$events = Get-WinEvent -FilterHashtable @{LogName="Application";ID="1001";Data="WinSetupDiag02"}
@@ -34,37 +36,35 @@ $event = [xml]$events[0].ToXml()
$event.Event.EventData.Data
```
-To use Event Viewer:
+To use Event Viewer:
+
1. Open Event Viewer and navigate to **Windows Logs\Application**.
-2. Select **Find**, and then search for **winsetupdiag02**.
-3. Double-click the event that is highlighted.
+1. Select **Find**, and then search for **winsetupdiag02**.
+1. Double-click the event that is highlighted.
> [!NOTE]
-> For legacy operating systems, the Event Name was WinSetupDiag01.
+>
+> For legacy operating systems, the Event Name was WinSetupDiag01.
Ten parameters are listed in the event:
-| Parameters |
-| ------------- |
-|P1: The Setup Scenario (1=Media,5=WindowsUpdate,7=Media Creation Tool) |
-|P2: Setup Mode (x=default,1=Downlevel,5=Rollback) |
-|P3: New OS Architecture (x=default,0=X86,9=AMD64) |
-|P4: Install Result (x=default,0=Success,1=Failure,2=Cancel,3=Blocked) |
-|**P5: Result Error Code** (Ex: 0xc1900101) |
-|**P6: Extend Error Code** (Ex: 0x20017) |
-|P7: Source OS build (Ex: 9600) |
-|P8: Source OS branch (not typically available) |
-|P9: New OS build (Ex: 16299} |
-|P10: New OS branch (Ex: rs3_release} |
+| Parameters |
+| ------------- |
+| P1: The Setup Scenario (1=Media,5=WindowsUpdate,7=Media Creation Tool) |
+| P2: Setup Mode (x=default,1=Downlevel,5=Rollback) |
+| P3: New OS Architecture (x=default,0=X86,9=AMD64) |
+| P4: Install Result (x=default,0=Success,1=Failure,2=Cancel,3=Blocked) |
+| **P5: Result Error Code** (Ex: 0xc1900101) |
+| **P6: Extend Error Code** (Ex: 0x20017) |
+| P7: Source OS build (Ex: 9600) |
+| P8: Source OS branch (not typically available) |
+| P9: New OS build (Ex: 16299) |
+| P10: New OS branch (Ex: rs3_release) |
-The event will also contain links to log files that can be used to perform a detailed diagnosis of the error. An example of this event from a successful upgrade is shown below.
+The event also contains links to log files that can be used to perform a detailed diagnosis of the error. The following example is an example of this event from a successful upgrade:
:::image type="content" alt-text="Windows Error Reporting." source="../images/event.png" lightbox="../images/event.png":::
## Related articles
-[Windows 10 FAQ for IT professionals](../planning/windows-10-enterprise-faq-itpro.yml)
-[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
-[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
-[Fix Windows Update errors by using the DISM or System Update Readiness tool](/troubleshoot/windows-server/deployment/fix-windows-update-errors)
\ No newline at end of file
+- [Fix Windows Update errors by using the DISM or System Update Readiness tool](/troubleshoot/windows-server/deployment/fix-windows-update-errors).
diff --git a/windows/deployment/usmt/usmt-requirements.md b/windows/deployment/usmt/usmt-requirements.md
index bbdeaf766b..eb7ed1c382 100644
--- a/windows/deployment/usmt/usmt-requirements.md
+++ b/windows/deployment/usmt/usmt-requirements.md
@@ -6,7 +6,7 @@ manager: aaroncz
ms.author: frankroj
ms.prod: windows-client
author: frankroj
-ms.date: 01/09/2024
+ms.date: 01/18/2024
ms.topic: article
ms.technology: itpro-deploy
appliesto:
@@ -38,6 +38,9 @@ The following table lists the operating systems supported in USMT.
## Unsupported scenarios
- USMT doesn't support any of the Windows Server operating systems.
+- USMT doesn't support Microsoft Entra joined devices as either a source or destination device.
+- USMT might work with Microsoft Entra hybrid joined devices, but it's not a tested scenario so therefore unsupported.
+- USMT doesn't support migrating settings for Microsoft Store apps.
- USMT shouldn't be used for migrating between previous versions of Windows. USMT is only meant to:
- Migrate to a currently supported version of Windows
- Migrate between currently supported versions of Windows, assuming the version of Windows being migrated to is newer or the same as the previous version of Windows being migrated from.
diff --git a/windows/deployment/usmt/usmt-what-does-usmt-migrate.md b/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
index ca020782bf..85b57065ed 100644
--- a/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
+++ b/windows/deployment/usmt/usmt-what-does-usmt-migrate.md
@@ -6,7 +6,7 @@ manager: aaroncz
ms.author: frankroj
ms.prod: windows-client
author: frankroj
-ms.date: 01/09/2024
+ms.date: 01/18/2024
ms.topic: article
ms.technology: itpro-deploy
appliesto:
@@ -214,7 +214,10 @@ USMT doesn't migrate the Start menu layout. To migrate a user's Start menu, sett
### User profiles from Active Directory to Microsoft Entra ID
-USMT doesn't support migrating user profiles from Active Directory to Microsoft Entra ID.
+- USMT doesn't support migrating user profiles from Active Directory domain joined devices to Microsoft Entra joined devices.
+- USMT doesn't support migrating user profiles from Microsoft Entra joined devices to Active Directory domain joined devices.
+- USMT doesn't support migrating user profiles between Microsoft Entra joined devices.
+- USMT might work when migrating user profiles between Microsoft Entra hybrid joined devices or between Active Directory domain joined devices and Microsoft Entra hybrid joined devices, but it's not a tested scenario so therefore unsupported.
## Related articles
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index 61823c8faa..35e82745ea 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -659,7 +659,7 @@ Deployment logs are available on the client computer in the following locations:
You can review WDS events in Event Viewer at: **Applications and Services Logs > Microsoft > Windows > Deployment-Services-Diagnostics**. By default, only the **Admin** and **Operational** logs are enabled. To enable other logs, right-click the log and then select **Enable Log**.
-Also see [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) for detailed troubleshooting information.
+Also see [Resolve Windows upgrade errors](upgrade/resolve-windows-upgrade-errors.md) for detailed troubleshooting information.
## Related articles
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-quality-update-overview.md
index 6082093e6d..6692fad8cb 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-quality-update-overview.md
@@ -1,7 +1,7 @@
---
title: Windows quality updates overview with Autopatch groups experience
description: This article explains how Windows quality updates are managed with Autopatch groups
-ms.date: 08/23/2023
+ms.date: 01/22/2024
ms.prod: windows-client
ms.technology: itpro-updates
ms.topic: conceptual
@@ -34,11 +34,82 @@ For devices in the [Default Autopatch group](../deploy/windows-autopatch-groups-
## Service level objective
-Windows Autopatch aims to keep at least 95% of eligible devices on the latest Windows quality update 21 days after release. Devices that have cadence type set to Schedule install aren't eligible for Windows quality update SLO. For more information about the Schedule Install cadence type, see [Deployment cadence types](../operate/windows-autopatch-groups-windows-update.md#deployment-cadence).
+Windows Autopatch aims to keep at least 95% of [Up to Date devices](../operate/windows-autopatch-groups-windows-quality-and-feature-update-reports-overview.md#up-to-date-devices) on the latest quality update. Autopatch uses the previously defined release schedule on a per ring basis with a five-day reporting period to calculate and evaluate the service level objective (SLO). The result of the service level objective is the column “% with the latest quality update” displayed in release management and reporting.
+
+### Service level objective calculation
+
+There are two states a device can be in when calculating the service level objective (SLO):
+
+- Devices that are active during the release
+- Devices that become active after the release
+
+The service level objective for each of these states is calculated as:
+
+| State | Calculation |
+| ----- | ----- |
+| Device that is active during release | This service level objective calculation assumes the device has typical activity during the scheduled release period. Calculated by:`Deferral + Deadline + Reporting Period = service level objective`
|
+| Device that becomes active after release | This service level objective calculation refers to offline devices during the scheduled release period but come back online later. Calculated by:`Grace Period + Reporting period = service level objective`
|
+
+| Timeframe | Value defined in |
+| ----- | ----- |
+| Deferral | Targeted deployment ring |
+| Deadline | Targeted deployment ring |
+| Grace period | Targeted deployment ring |
+| Reporting period | Five days. Value defined by Windows Autopatch. |
+
+> [!NOTE]
+> Targeted deployment ring refers to the deployment ring value of the device in question. If a device has a five day deferral with a two day deadline, and two day grace period, the SLO for the device would be calculated to `5 + 2 + 5 = 12`-day service level objective from the second Tuesday of the month. The five day reporting period is one established by Windows Autopatch to allow enough time for device check-in reporting and data evaluation within the service.
> [!IMPORTANT]
> Windows Autopatch supports registering [Windows 10 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/) devices that are being currently serviced by the [Windows LTSC](/windows/release-health/release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC.
+## Import Update rings for Windows 10 and later (public preview)
+
+> [!IMPORTANT]
+> This feature is in **public preview**. It's being actively developed, and might not be complete.
+
+You can import your organization’s existing Intune Update rings for Windows 10 and later into Windows Autopatch. Importing your organization’s Update rings provides the benefits of the Windows Autopatch's reporting and device readiness without the need to redeploy, or change your organization’s existing update rings.
+
+Imported rings automatically register all targeted devices into Windows Autopatch. For more information about device registration, see the [device registration workflow diagram](../deploy/windows-autopatch-device-registration-overview.md#detailed-device-registration-workflow-diagram).
+
+> [!NOTE]
+> Devices which are registered as part of an imported ring, might take up to 72 hours after the devices have received the latest version of the policy, to be reflected in Windows Autopatch devices blade and reporting. For more information about reporting, see [Windows quality and feature update reports overview](../operate/windows-autopatch-groups-windows-quality-and-feature-update-reports-overview.md).
+
+> [!NOTE]
+> Device registration failures don't affect your existing update schedule or targeting. However, devices that fail to register might affect Windows Autopatch’s ability to provide reporting and insights. Any conflicts should be resolved as needed. For additional assistance, [submit a support request](../operate/windows-autopatch-support-request.md).
+
+### Import Update rings for Windows 10 and later
+
+**To import Update rings for Windows 10 and later:**
+
+1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+2. Select **Devices** from the left navigation menu.
+3. Under the **Windows Autopatch** section, select **Release management**.
+4. In the **Release management** blade, go to the **Release schedule** tab and select **Windows quality updates**.
+5. Select **Import Update rings for Windows 10 and later**.
+6. Select the existing rings you would like to import.
+7. Select **Import**.
+
+### Remove an imported Update ring for Windows 10 and later
+
+**To remove an Imported Update rings for Windows 10 and later:**
+
+1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+2. Select **Devices** from the left navigation menu.
+3. Under the **Windows Autopatch** section, select **Release management**.
+4. In the **Release management** blade, go to the **Release schedule** tab and select **Windows quality updates**.
+5. Select the Update rings for Windows 10 and later you would like to remove.
+6. Select the **horizontal ellipses (...)** and select **Remove**.
+
+### Known limitations
+
+The following Windows Autopatch features aren't available with imported Intune Update rings:
+
+- Autopatch groups and features dependent on Autopatch groups
+- Moving devices in between deployment rings in devices
+- Automated deployment ring remediation functions
+- Policy health and remediation
+
## Release management
> [!NOTE]
@@ -54,14 +125,14 @@ In the Release management blade, you can:
For each [deployment ring](windows-autopatch-update-management.md#windows-autopatch-deployment-rings), the **Release schedule** tab contains:
-- The status of the update. Releases appear as **Active**. The update schedule is based on the values of the [Windows 10 Update Ring policies](/mem/intune/protect/windows-update-for-business-configure), which have been configured on your behalf.
+- The status of the update. Releases appear as **Active**. The update schedule is based on the values of the [Windows 10 Update Ring policies](/mem/intune/protect/windows-update-for-business-configure), which are configured on your behalf.
- The date the update is available.
- The target completion date of the update.
- In the **Release schedule** tab, you can either [**Pause** and/or **Resume**](#pause-and-resume-a-release) a Windows quality update release.
### Expedited releases
-Threat and vulnerability information about a new revision of Windows becomes available on the second Tuesday of each month. Windows Autopatch assesses that information shortly afterwards. If the service determines that it's critical to security, it may be expedited. The quality update is also evaluated on an ongoing basis throughout the release and Windows Autopatch may choose to expedite at any time during the release.
+Threat and vulnerability information about a new revision of Windows becomes available on the second Tuesday of each month. Windows Autopatch assesses that information shortly afterwards. If the service determines that it's critical to security, it might be expedited. The quality update is also evaluated on an ongoing basis throughout the release and Windows Autopatch might choose to expedite at any time during the release.
When expediting a release, the regular goal of 95% of devices in 21 days no longer applies. Instead, Windows Autopatch greatly accelerates the release schedule of the release to update the environment more quickly. This approach requires an updated schedule for all devices outside of the Test ring since those devices are already getting the update quickly.
@@ -104,7 +175,7 @@ For the deployment rings that have passed quality updates deferral date, the OOB
The service-level pause is driven by the various software update deployment-related signals Windows Autopatch receives from Windows Update for Business, and several other product groups within Microsoft.
-If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-groups-windows-quality-update-signals.md), we may decide to pause that release.
+If Windows Autopatch detects a [significant issue with a release](../operate/windows-autopatch-groups-windows-quality-update-signals.md), we might decide to pause that release.
> [!IMPORTANT]
> Pausing or resuming an update can take up to eight hours to be applied to devices. Windows Autopatch uses Microsoft Intune as its device management solution and that's the average frequency Windows devices take to communicate back to Microsoft Intune with new instructions to pause, resume or rollback updates.For more information, see [how long does it take for devices to get a policy, profile, or app after they are assigned from Microsoft Intune](/mem/intune/configuration/device-profile-troubleshoot#how-long-does-it-take-for-devices-to-get-a-policy-profile-or-app-after-they-are-assigned).
@@ -125,8 +196,8 @@ The three following statuses are associated with paused quality updates:
| Status | Description |
| ----- | ------ |
-| Paused by Service | If the Windows Autopatch service has paused an update, the release has the **Paused by Service** status. The Paused by Service only applies to rings that aren't Paused by the Tenant. |
-| Paused by Tenant | If you've paused an update, the release has the **Paused by Tenant** status. The Windows Autopatch service can't overwrite a tenant pause. You must select **Resume** to resume the update. |
+| Paused by Service | If the Windows Autopatch service paused an update, the release has the **Paused by Service** status. The **Paused by Service** status only applies to rings that aren't Paused by the Tenant. |
+| Paused by Tenant | If you paused an update, the release has the **Paused by Tenant** status. The Windows Autopatch service can't overwrite a tenant pause. You must select **Resume** to resume the update. |
## Remediating Not ready and/or Not up to Date devices
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
index e4a305257a..d145102556 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2024.md
@@ -1,7 +1,7 @@
---
title: What's new 2024
description: This article lists the 2024 feature releases and any corresponding Message center post numbers.
-ms.date: 01/11/2024
+ms.date: 01/22/2024
ms.prod: windows-client
ms.technology: itpro-updates
ms.topic: whats-new
@@ -27,4 +27,12 @@ Minor corrections such as typos, style, or formatting issues aren't listed.
| Article | Description |
| ----- | ----- |
+| [Windows quality updates overview](../operate/windows-autopatch-groups-windows-quality-update-overview.md) | Added [Import Update rings for Windows 10 and later](../operate/windows-autopatch-groups-windows-quality-update-overview.md#import-update-rings-for-windows-10-and-later-public-preview) |
+| [Windows quality updates overview](../operate/windows-autopatch-groups-windows-quality-update-overview.md#service-level-objective) | Updated the Service level objective, added the Service level objective calculation. |
| [Prerequisites](../prepare/windows-autopatch-prerequisites.md#more-about-licenses) | Added more E3 and E5 licenses to the [More about licenses](../prepare/windows-autopatch-prerequisites.md#more-about-licenses) section. |
+
+## January service releases
+
+| Message center post number | Description |
+| ----- | ----- |
+| [MC708071](https://admin.microsoft.com/adminportal/home#/MessageCenter) | Planned Maintenance: Service Improvements |
diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md
index 8b7dd967e8..1bebf8277d 100644
--- a/windows/privacy/manage-windows-1809-endpoints.md
+++ b/windows/privacy/manage-windows-1809-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10, version 1809
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 1809.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -296,7 +296,6 @@ If you [turn off traffic for these endpoints](manage-connections-from-windows-op
| Source process | Protocol | Destination |
|:--------------:|:--------:|:------------|
| | HTTP | `storeedgefd.dsx.mp.microsoft.com` |
-| | HTTP \ HTTPS | `pti.store.microsoft.com` |
||TLS v1.2| `cy2.*.md.mp.microsoft.com.*.` |
| svchost | HTTPS | `displaycatalog.mp.microsoft.com` |
diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index fe97fc1a69..7f7c6dc96f 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10 Enterprise, version 1903
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 1903.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -26,15 +26,15 @@ Some Windows components, app, and related services transfer data to Microsoft ne
This article lists different endpoints that are available on a clean installation of Windows 10, version 1709 and later.
Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md).
-Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic.
+Where applicable, each endpoint covered in this article includes a link to the specific details on how to control that traffic.
The following methodology was used to derive these network endpoints:
1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
-2. Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
+2. Leave the device(s) running idle for a week ("idle" means a user isn't interacting with the system/device).
3. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
4. Compile reports on traffic going to public IP addresses.
-5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+5. The test virtual machine(s) was logged into using a local account, and wasn't joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using an IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week, but if you capture traffic for longer you may have different results.
@@ -50,11 +50,11 @@ The following methodology was used to derive these network endpoints:
||The following endpoints are used to download updates to the Weather app Live Tile. If you turn off traffic to this endpoint, no Live Tiles will be updated.|HTTP|`blob.weather.microsoft.com`|
|||HTTP|tile-service.weather.microsoft.com|
|||HTTP|tile-service.weather.microsoft.com|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/livetile/?Language=en-US|
-||The following endpoint is used for Twitter updates. To turn off traffic for these endpoints, either uninstall Twitter or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|*.twimg.com*|
-||The following endpoint is used for Candy Crush Saga updates. To turn off traffic for this endpoint, either uninstall Candy Crush Saga or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLS v1.2|candycrushsoda.king.com|
-||The following endpoint is used by the Photos app to download configuration files, and to connect to the Microsoft 365 admin center's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|evoke-windowsservices-tas.msedge.net|
-||The following endpoint is used for by the Microsoft Wallet app. To turn off traffic for this endpoint, either uninstall the Wallet app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|wallet.microsoft.com|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/livetile/?Language=en-US|
+||The following endpoint is used for Twitter updates. To turn off traffic for these endpoints, either uninstall Twitter or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|*.twimg.com*|
+||The following endpoint is used for Candy Crush Saga updates. To turn off traffic for this endpoint, either uninstall Candy Crush Saga or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLS v1.2|candycrushsoda.king.com|
+||The following endpoint is used by the Photos app to download configuration files, and to connect to the Microsoft 365 admin center's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|evoke-windowsservices-tas.msedge.net|
+||The following endpoint is used for by the Microsoft Wallet app. To turn off traffic for this endpoint, either uninstall the Wallet app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|wallet.microsoft.com|
||The following endpoint is used by the Groove Music app for update HTTP handler status. If you turn off traffic for this endpoint, apps for websites won't work and customers who visit websites (such as mediaredirect.microsoft.com) that are registered with their associated app (such as Groove Music) will stay at the website and won't be able to directly launch the app.|HTTPS|mediaredirect.microsoft.com|
||The following endpoints are used when using the Whiteboard app. To turn off traffic for this endpoint disable the Microsoft Store.|HTTPS|int.whiteboard.microsoft.com|
|||HTTPS|wbd.ms|
@@ -63,11 +63,11 @@ The following methodology was used to derive these network endpoints:
|Azure |The following endpoints are related to Azure. |HTTPS|wd-prod-*fe*.cloudapp.azure.com|
|||HTTPS|ris-prod-atm.trafficmanager.net|
|||HTTPS|validation-v2.sls.trafficmanager.net|
-|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or is not trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
+|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or isn't trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they didn't receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
|||HTTP|ctldl.windowsupdate.com|
|Cortana and Search|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)|
-||The following endpoint is used to get images that are used for Microsoft Store suggestions. If you turn off traffic for this endpoint, you will block images that are used for Microsoft Store suggestions.|HTTPS|store-images.*microsoft.com|
-||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|HTTPS|www.bing.com/client|
+||The following endpoint is used to get images that are used for Microsoft Store suggestions. If you turn off traffic for this endpoint, you'll block images that are used for Microsoft Store suggestions.|HTTPS|store-images.*microsoft.com|
+||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you'll block updates to Cortana greetings, tips, and Live Tiles.|HTTPS|www.bing.com/client|
|||HTTPS|www.bing.com|
|||HTTPS|www.bing.com/proactive|
|||HTTPS|www.bing.com/threshold/xls.aspx|
@@ -77,40 +77,39 @@ The following methodology was used to derive these network endpoints:
|||HTTP|odinvzc.azureedge.net|
|||HTTP|spo-ring.msedge.net|
|Device authentication|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
-||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
+||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device won't be authenticated.|HTTPS|login.live.com*|
|Device metadata|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
-||The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata will not be updated for the device.|HTTP|dmd.metaservices.microsoft.com|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+||The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata won't be updated for the device.|HTTP|dmd.metaservices.microsoft.com|
+|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, won't be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||HTTP|v10.events.data.microsoft.com|
|||HTTPS|v10.vortex-win.data.microsoft.com/collect/v1|
|||HTTP|www.microsoft.com|
-||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|HTTPS|co4.telecommand.telemetry.microsoft.com|
+||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information won't be sent back to Microsoft.|HTTPS|co4.telecommand.telemetry.microsoft.com|
|||HTTP|cs11.wpc.v0cdn.net|
|||HTTPS|cs1137.wpc.gammacdn.net|
|||TLS v1.2|modern.watson.data.microsoft.com*|
|||HTTPS|watson.telemetry.microsoft.com|
|Licensing|The following endpoint is used for online activation and some app licensing. To turn off traffic for this endpoint, disable the Windows License Manager Service. This will also block online activation and app licensing may not work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#9-license-manager)|
|||HTTPS|*licensing.mp.microsoft.com*|
-|Location|The following endpoints are used for location data. If you turn off traffic for this endpoint, apps cannot use location data. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-location)|
+|Location|The following endpoints are used for location data. If you turn off traffic for this endpoint, apps can't use location data. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-location)|
|||HTTPS|inference.location.live.net|
|||HTTP|location-inference-westus.cloudapp.net|
|Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
-||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|HTTPS|*g.akamaiedge.net|
+||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps won't be updated.|HTTPS|*g.akamaiedge.net|
|||HTTP|*maps.windows.com*|
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
-||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |HTTP|login.msa.akadns6.net|
+||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users can't sign in with Microsoft accounts. |HTTP|login.msa.akadns6.net|
|||HTTP|us.configsvc1.live.com.akadns.net|
|Microsoft Edge|This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTPS|go.microsoft.com|
|||HTTP|www.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. If you turn off traffic for this endpoint, push notifications will no longer work, including MDM device management, mail synchronization, settings synchronization.|HTTPS|*.wns.windows.com|
-||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTP|storecatalogrevocation.storequality.microsoft.com|
-||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com*|
+||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTP|storecatalogrevocation.storequality.microsoft.com|
+||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps can't be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com*|
|||HTTPS|store-images.microsoft.com|
-||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|TLS v1.2|*.md.mp.microsoft.com*|
+||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps can't be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|TLS v1.2|*.md.mp.microsoft.com*|
|||HTTPS|*displaycatalog.mp.microsoft.com|
-|||HTTP \ HTTPS|pti.store.microsoft.com|
|||HTTP|storeedgefd.dsx.mp.microsoft.com|
|||HTTP|markets.books.microsoft.com|
|||HTTP |share.microsoft.com|
@@ -139,30 +138,30 @@ The following methodology was used to derive these network endpoints:
|||HTTPS|cy2.settings.data.microsoft.com.akadns.net|
|||HTTPS|settings.data.microsoft.com|
|||HTTPS|settings-win.data.microsoft.com|
-|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
+|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
|||HTTPS|browser.pipe.aria.microsoft.com|
|||HTTP|config.edge.skype.com|
|||HTTP|s2s.config.skype.com|
|||HTTPS|skypeecs-prod-usw-0-b.cloudapp.net|
-|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
+|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device won't use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS|wdcp.microsoft.com|
|||HTTPS|definitionupdates.microsoft.com|
|||HTTPS|go.microsoft.com|
-||The following endpoints are used for Windows Defender Smartscreen reporting and notifications. If you turn off traffic for these endpoints, Smartscreen notifications will not appear.|HTTPS|*smartscreen.microsoft.com|
+||The following endpoints are used for Windows Defender Smartscreen reporting and notifications. If you turn off traffic for these endpoints, Smartscreen notifications won't appear.|HTTPS|*smartscreen.microsoft.com|
|||HTTPS|smartscreen-sn3p.smartscreen.microsoft.com|
|||HTTPS|unitedstates.smartscreen-prod.microsoft.com|
-|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
+|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips won't be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
|||TLS v1.2|*.search.msn.com|
|||HTTPS|arc.msn.com|
|||HTTPS|g.msn.com*|
|||HTTPS|query.prod.cms.rt.microsoft.com|
|||HTTPS|ris.api.iris.microsoft.com|
-|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
+|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads won't be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network won't use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
|||HTTPS|*.prod.do.dsp.mp.microsoft.com|
|||HTTP|emdl.ws.microsoft.com|
-||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
+||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device won't be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
|||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTPS|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device won't be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device won't be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTPS|*.delivery.mp.microsoft.com|
|||HTTPS|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTP|adl.windows.com|
||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.|HTTPS|tsfe.trafficshaping.dsp.mp.microsoft.com|
diff --git a/windows/privacy/manage-windows-1909-endpoints.md b/windows/privacy/manage-windows-1909-endpoints.md
index 118a25fb5c..8bef710db9 100644
--- a/windows/privacy/manage-windows-1909-endpoints.md
+++ b/windows/privacy/manage-windows-1909-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10 Enterprise, version 1909
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 1909.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -25,15 +25,15 @@ Some Windows components, app, and related services transfer data to Microsoft ne
- Using your location to show a weather forecast.
Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md).
-Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic.
+Where applicable, each endpoint covered in this article includes a link to the specific details on how to control that traffic.
The following methodology was used to derive these network endpoints:
1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
-2. Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
+2. Leave the device(s) running idle for a week ("idle" means a user isn't interacting with the system/device).
3. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
4. Compile reports on traffic going to public IP addresses.
-5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+5. The test virtual machine(s) was logged into using a local account, and wasn't joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using an IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week, but if you capture traffic for longer you may have different results.
@@ -46,40 +46,39 @@ The following methodology was used to derive these network endpoints:
|Area|Description|Protocol|Destination|
|----------------|----------|----------|------------|
|Apps|||[Learn how to turn off traffic to the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
-||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
+||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
|||HTTP|tile-service.weather.microsoft.com/en-us/livetile/preinstall|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/*|
-||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLS v1.2|evoke-windowsservices-tas.msedge.net|
-|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or is not trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/*|
+||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLS v1.2|evoke-windowsservices-tas.msedge.net|
+|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or isn't trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they didn't receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
|||HTTP|ctldl.windowsupdate.com|
|Cortana and Live Tiles|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)|
-||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|HTTPS|www.bing.com*|
+||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you'll block updates to Cortana greetings, tips, and Live Tiles.|HTTPS|www.bing.com*|
|||HTTPS|www.bing.com/client/config|
|||TLS v1.2|fp.msedge.net|
|Device authentication|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
-||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device won't be authenticated.|HTTPS|login.live.com*|
+|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, won't be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||HTTP|v10.events.data.microsoft.com|
-||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|HTTPS|*.telecommand.telemetry.microsoft.com|
+||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information won't be sent back to Microsoft.|HTTPS|*.telecommand.telemetry.microsoft.com|
|||TLS v1.2|watson.*.microsoft.com|
|Licensing|The following endpoint is used for online activation and some app licensing. To turn off traffic for this endpoint, disable the Windows License Manager Service. This will also block online activation and app licensing may not work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#9-license-manager)|
|||HTTPS|*licensing.mp.microsoft.com|
|||HTTPS|licensing.mp.microsoft.com/v7.0/licenses/content|
|Location|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-location)|
-||The following endpoints are used for location data. If you turn off traffic for this endpoint, apps cannot use location data.|TLS v1.2|inference.location.live.net|
+||The following endpoints are used for location data. If you turn off traffic for this endpoint, apps can't use location data.|TLS v1.2|inference.location.live.net|
|Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
-||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|HTTP|*maps.windows.com|
+||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps won't be updated.|HTTP|*maps.windows.com|
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
-||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLS v1.2|*login.live.com|
+||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users can't sign in with Microsoft accounts. |TLS v1.2|*login.live.com|
|Microsoft Edge|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#13-microsoft-edge)|
||This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTPS|go.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLS v1.2|1storecatalogrevocation.storequality.microsoft.com|
+||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLS v1.2|1storecatalogrevocation.storequality.microsoft.com|
|||HTTPS|storecatalogrevocation.storequality.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|HTTPS|manage.devcenter.microsoft.com|
-||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store.|HTTPS|displaycatalog.mp.microsoft.com/*|
-|||HTTPS|pti.store.microsoft.com/*|
+||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps can't be installed or updated from the Microsoft Store.|HTTPS|displaycatalog.mp.microsoft.com/*|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTP|www.msftconnecttest.com*|
|Office|The following endpoints are used to connect to the Office 365 portal's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
@@ -94,24 +93,24 @@ The following methodology was used to derive these network endpoints:
|||HTTP| windows.policies.live.net|
|Settings|The following endpoint is used as a way for apps to dynamically update their configuration. Apps such as System Initiated User Feedback and the Xbox app use it. If you turn off traffic for this endpoint, an app that uses this endpoint may stop working.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLS v1.2|settings-win.data.microsoft.com|
-|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
+|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
|||HTTPS|*.pipe.aria.microsoft.com|
|||HTTP/TLS v1.2|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).]( manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||HTTPS|config.teams.microsoft.com|
-|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
+|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device won't use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS/TLS v1.2|wdcp.microsoft.com|
-||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS/TLS v1.2|*smartscreen-prod.microsoft.com|
+||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications won't appear.|HTTPS/TLS v1.2|*smartscreen-prod.microsoft.com|
|||HTTPS|checkappexec.microsoft.com|
-|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
+|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips won't be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
|||HTTPS/TLS v1.2|arc.msn.com|
|||HTTPS|ris.api.iris.microsoft.com|
-|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
+|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads won't be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network won't use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
|||HTTPS/TLS v1.2|*.prod.do.dsp.mp.microsoft.com|
|||HTTP|emdl.ws.microsoft.com|
-||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
+||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device won't be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
|||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTP|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device won't be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device won't be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTP|*.delivery.mp.microsoft.com|
|||HTTPS/TLS v1.2|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTP|adl.windows.com|
||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly.|HTTPS/TLS v1.2|tsfe.trafficshaping.dsp.mp.microsoft.com|
diff --git a/windows/privacy/manage-windows-20H2-endpoints.md b/windows/privacy/manage-windows-20H2-endpoints.md
index 6d1f53fe97..3b17ebda7d 100644
--- a/windows/privacy/manage-windows-20H2-endpoints.md
+++ b/windows/privacy/manage-windows-20H2-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10 Enterprise, version 20H2
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 20H2.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -26,15 +26,15 @@ Some Windows components, app, and related services transfer data to Microsoft ne
- Using your location to show a weather forecast.
Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md).
-Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic.
+Where applicable, each endpoint covered in this article includes a link to the specific details on how to control that traffic.
The following methodology was used to derive these network endpoints:
1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
-2. Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
+2. Leave the device(s) running idle for a week ("idle" means a user isn't interacting with the system/device).
3. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
4. Compile reports on traffic going to public IP addresses.
-5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+5. The test virtual machine(s) was logged into using a local account, and wasn't joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using an IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week, but if you capture traffic for longer you may have different results.
@@ -47,46 +47,45 @@ The following methodology was used to derive these network endpoints:
|Area|Description|Protocol|Destination|
|----------------|----------|----------|------------|
|Apps|||[Learn how to turn off traffic to the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
-||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
-||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net|
-|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or is not trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
+||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
+||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net|
+|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or isn't trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
|||TLSv1.2/HTTPS/HTTP|ctldl.windowsupdate.com|
|Cortana and Live Tiles|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)|
-||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
+||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you'll block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
|||TLSv1.2/HTTPS/HTTP|fp.msedge.net|
|||TLSv1.2|I-ring.msedge.net|
|||HTTPS|s-ring.msedge.net|
|Device authentication|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
-||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
-|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata will not be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
+||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device won't be authenticated.|HTTPS|login.live.com*|
+|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata won't be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
|||HTTP|dmd.metaservices.microsoft.com|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, won't be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||HTTP|www.microsoft.com|
-||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
+||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information won't be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
|||TLS v1.2/HTTPS/HTTP|watson.*.microsoft.com|
-|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you will not be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
+|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you won't be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
|||HTTPS|fs.microsoft.com|
|Licensing|The following endpoint is used for online activation and some app licensing. To turn off traffic for this endpoint, disable the Windows License Manager Service. This will also block online activation and app licensing may not work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#9-license-manager)|
|||TLSv1.2/HTTPS/HTTP|licensing.mp.microsoft.com|
|Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
-||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
+||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps won't be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
-||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
+||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users can't sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
|Microsoft Edge|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#13-microsoft-edge)|
||This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
||The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge won't be able to check for and apply new edge updates.|TLSv1.2/HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTP|go.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
+||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps can't be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is needed to load the content in the Microsoft Store app.|HTTPS|livetileedge.dsx.mp.microsoft.com|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. If you turn off traffic for this endpoint, push notifications will no longer work, including MDM device management, mail synchronization, settings synchronization.|TLSv1.2/HTTPS|*.wns.windows.com|
-||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
+||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|HTTPS|manage.devcenter.microsoft.com|
-||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
+||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps can't be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
|||HTTP|share.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
@@ -104,24 +103,24 @@ The following methodology was used to derive these network endpoints:
|Settings|The following endpoint is used as a way for apps to dynamically update their configuration. Apps such as System Initiated User Feedback and the Xbox app use it. If you turn off traffic for this endpoint, an app that uses this endpoint may stop working.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|settings-win.data.microsoft.com|
|||HTTPS|settings.data.microsoft.com|
-|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
+|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
|||HTTPS/HTTP|*.pipe.aria.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).]( manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
-|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
+|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device won't use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS/TLSv1.2|wdcp.microsoft.com|
-||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS|*smartscreen-prod.microsoft.com|
+||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications won't appear.|HTTPS|*smartscreen-prod.microsoft.com|
|||HTTPS/HTTP|checkappexec.microsoft.com|
-|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
+|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips won't be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
|||TLSv1.2/HTTPS/HTTP|arc.msn.com|
|||HTTPS|ris.api.iris.microsoft.com|
-|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
+|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads won't be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network won't use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
|||TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||HTTP|emdl.ws.microsoft.com|
-||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
+||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device won't be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
|||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device won't be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device won't be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTPS|adl.windows.com|
||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
diff --git a/windows/privacy/manage-windows-21H1-endpoints.md b/windows/privacy/manage-windows-21H1-endpoints.md
index 59568d1dd6..cc6b1a5407 100644
--- a/windows/privacy/manage-windows-21H1-endpoints.md
+++ b/windows/privacy/manage-windows-21H1-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10 Enterprise, version 21H1
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 21H1.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -26,15 +26,15 @@ Some Windows components, app, and related services transfer data to Microsoft ne
- Using your location to show a weather forecast.
Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md).
-Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic.
+Where applicable, each endpoint covered in this article includes a link to the specific details on how to control that traffic.
The following methodology was used to derive these network endpoints:
1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
-2. Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
+2. Leave the device(s) running idle for a week ("idle" means a user isn't interacting with the system/device).
3. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
4. Compile reports on traffic going to public IP addresses.
-5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+5. The test virtual machine(s) was logged into using a local account, and wasn't joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using an IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week, but if you capture traffic for longer you may have different results.
@@ -47,46 +47,45 @@ The following methodology was used to derive these network endpoints:
|Area|Description|Protocol|Destination|
|----------------|----------|----------|------------|
|Apps|||[Learn how to turn off traffic to the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
-||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
-||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net
-|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or is not trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
+||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
+||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft Store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net
+|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or isn't trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they didn't receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
|||TLSv1.2/HTTPS/HTTP|ctldl.windowsupdate.com|
|Cortana and Live Tiles|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)|
-||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
+||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you'll block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
|||TLSv1.2/HTTPS/HTTP|fp.msedge.net|
|||TLSv1.2|I-ring.msedge.net|
|||HTTPS|s-ring.msedge.net|
|Device authentication|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
-||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
-|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata will not be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
+||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device won't be authenticated.|HTTPS|login.live.com*|
+|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata won't be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
|||HTTP|dmd.metaservices.microsoft.com|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, won't be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||HTTP|www.microsoft.com|
-||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: **Administrative Templates** > **Windows Components** > **Windows Error Reporting** > **Disable Windows Error Reporting**. This means error reporting information will not be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
+||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: **Administrative Templates** > **Windows Components** > **Windows Error Reporting** > **Disable Windows Error Reporting**. This means error reporting information won't be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
|||TLS v1.2/HTTPS/HTTP|watson.*.microsoft.com|
-|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you will not be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
+|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you won't be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
|||HTTPS|fs.microsoft.com|
|Licensing|The following endpoint is used for online activation and some app licensing. To turn off traffic for this endpoint, disable the Windows License Manager Service. This will also block online activation and app licensing may not work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#9-license-manager)|
|||TLSv1.2/HTTPS/HTTP|licensing.mp.microsoft.com|
|Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
-||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
+||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps won't be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
-||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
+||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users can't sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
|Microsoft Edge|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#13-microsoft-edge)|
||This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
||The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge won't be able to check for and apply new edge updates.|TLSv1.2/HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead, disable the traffic that's getting forwarded.|HTTP|go.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
+||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps can't be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is needed to load the content in the Microsoft Store app.|HTTPS|livetileedge.dsx.mp.microsoft.com|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. If you turn off traffic for this endpoint, push notifications will no longer work, including MDM device management, mail synchronization, settings synchronization.|TLSv1.2/HTTPS|*.wns.windows.com|
-||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
+||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|HTTPS|manage.devcenter.microsoft.com|
-||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
+||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps can't be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
|||HTTP|share.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
@@ -104,24 +103,24 @@ The following methodology was used to derive these network endpoints:
|Settings|The following endpoint is used as a way for apps to dynamically update their configuration. Apps such as System Initiated User Feedback and the Xbox app use it. If you turn off traffic for this endpoint, an app that uses this endpoint may stop working.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|settings-win.data.microsoft.com|
|||HTTPS|settings.data.microsoft.com|
-|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
+|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
|||HTTPS/HTTP|*.pipe.aria.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
-|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
+|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device won't use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS/TLSv1.2|wdcp.microsoft.com|
-||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS|*smartscreen-prod.microsoft.com|
+||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications won't appear.|HTTPS|*smartscreen-prod.microsoft.com|
|||HTTPS/HTTP|checkappexec.microsoft.com|
-|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
+|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips won't be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
|||TLSv1.2/HTTPS/HTTP|arc.msn.com|
|||HTTPS|ris.api.iris.microsoft.com|
-|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
+|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads won't be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network won't use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
|||TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||HTTP|emdl.ws.microsoft.com|
-||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
+||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device won't be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
|||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Microsoft Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device won't be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device won't be able to acquire and update apps from the Microsoft Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTPS|adl.windows.com|
||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
diff --git a/windows/privacy/manage-windows-21h2-endpoints.md b/windows/privacy/manage-windows-21h2-endpoints.md
index b43864a94f..52a3f761ae 100644
--- a/windows/privacy/manage-windows-21h2-endpoints.md
+++ b/windows/privacy/manage-windows-21h2-endpoints.md
@@ -1,8 +1,8 @@
---
title: Connection endpoints for Windows 10 Enterprise, version 21H2
description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact. Specific to Windows 10 Enterprise, version 21H2.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -26,15 +26,15 @@ Some Windows components, app, and related services transfer data to Microsoft ne
- Using your location to show a weather forecast.
Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md).
-Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic.
+Where applicable, each endpoint covered in this article includes a link to the specific details on how to control that traffic.
The following methodology was used to derive these network endpoints:
1. Set up the latest version of Windows 10 on a test virtual machine using the default settings.
-2. Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
+2. Leave the device(s) running idle for a week ("idle" means a user isn't interacting with the system/device).
3. Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.
4. Compile reports on traffic going to public IP addresses.
-5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+5. The test virtual machine(s) was logged into using a local account, and wasn't joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using an IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week, but if you capture traffic for longer you may have different results.
@@ -47,44 +47,43 @@ The following methodology was used to derive these network endpoints:
|Area|Description|Protocol|Destination|
|----------------|----------|----------|------------|
|Apps|||[Learn how to turn off traffic to the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
-||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
-||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net|
-|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or is not trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they did not receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
+||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS/HTTP|cdn.onenote.net|
+||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2/HTTPS|evoke-windowsservices-tas.msedge.net|
+|Certificates|Certificates are digital files, stored on client devices, used to both encrypt data and verify the identity of an individual or organization. Trusted root certificates issued by a certification authority (CA) are stored in a certificate trust list (CTL). The Automatic Root Certificates Update mechanism contacts Windows Updates to update the CTL. If a new version of the CTL is identified, the list of trusted root certificates cached on the local device will be updated. Untrusted certificates are certificates where the server certificate issuer is unknown or isn't trusted by the service. Untrusted certificates are also stored in a list on the local device and updated by the Automatic Root Certificates Update mechanism.
If automatic updates are turned off, applications and websites may stop working because they didn't receive an updated root certificate that the application uses. Additionally, the list of untrusted certificates will no longer be updated, which increases the attack vector on the device. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
|||TLSv1.2/HTTPS/HTTP|ctldl.windowsupdate.com|
|Cortana and Live Tiles|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)|
-||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
+||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you'll block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2/HTTPS/HTTP|www.bing.com*|
|||TLSv1.2/HTTPS/HTTP|fp.msedge.net|
|||TLSv1.2|I-ring.msedge.net|
|||HTTPS|s-ring.msedge.net|
|Device authentication|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
-||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
-|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata will not be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
+||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device won't be authenticated.|HTTPS|login.live.com*|
+|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata won't be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
|||HTTP|dmd.metaservices.microsoft.com|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.
If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.
If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, won't be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|v10.events.data.microsoft.com|
-||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
+||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information won't be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
|||TLS v1.2/HTTPS/HTTP|watson.*.microsoft.com|
-|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you will not be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
+|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you won't be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
|||HTTPS|fs.microsoft.com|
|Licensing|The following endpoint is used for online activation and some app licensing. To turn off traffic for this endpoint, disable the Windows License Manager Service. This will also block online activation and app licensing may not work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#9-license-manager)|
|||TLSv1.2/HTTPS/HTTP|licensing.mp.microsoft.com|
|Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
-||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
+||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps won't be updated.|TLSv1.2/HTTPS/HTTP|maps.windows.com|
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
-||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
+||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users can't sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
|Microsoft Edge|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#13-microsoft-edge)|
||This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
||The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge won’t be able to check for and apply new edge updates.|TLSv1.2/HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTP|go.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
+||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps can't be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is needed to load the content in the Microsoft Store app.|HTTPS|livetileedge.dsx.mp.microsoft.com|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. If you turn off traffic for this endpoint, push notifications will no longer work, including MDM device management, mail synchronization, settings synchronization.|TLSv1.2/HTTPS|*.wns.windows.com|
-||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
+||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|HTTPS|manage.devcenter.microsoft.com|
-||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
+||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps can't be installed or updated from the Microsoft Store.|TLSv1.2/HTTPS/HTTP|displaycatalog.mp.microsoft.com|
|||HTTP|share.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
@@ -102,24 +101,24 @@ The following methodology was used to derive these network endpoints:
|Settings|The following endpoint is used as a way for apps to dynamically update their configuration. Apps such as System Initiated User Feedback and the Xbox app use it. If you turn off traffic for this endpoint, an app that uses this endpoint may stop working.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|settings-win.data.microsoft.com|
|||HTTPS|settings.data.microsoft.com|
-|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
+|Skype|The following endpoint is used to retrieve Skype configuration values. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft store, other Microsoft Store apps can't be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
|||HTTPS/HTTP|*.pipe.aria.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).]( manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
-|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
+|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device won't use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS/TLSv1.2|wdcp.microsoft.com|
-||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS|*smartscreen-prod.microsoft.com|
+||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications won't appear.|HTTPS|*smartscreen-prod.microsoft.com|
|||HTTPS/HTTP|checkappexec.microsoft.com|
-|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
+|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips won't be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
|||TLSv1.2/HTTPS/HTTP|arc.msn.com|
|||HTTPS|ris.api.iris.microsoft.com|
-|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
+|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads won't be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network won't use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
|||TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||HTTP|emdl.ws.microsoft.com|
-||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
+||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device won't be able to download updates for the operating system.|TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
|||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device won't be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device won't be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|TLSv1.2/HTTPS/HTTP|*.delivery.mp.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTPS|adl.windows.com|
||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly downloaded or not downloaded at all.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
index c10a331f56..b558fc1c1e 100644
--- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
@@ -1,8 +1,8 @@
---
title: Windows 10, version 1903, connection endpoints for non-Enterprise editions
description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1903.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -88,7 +88,6 @@ The following methodology was used to derive the network endpoints:
| oneclient.sfx.ms\* | HTTPS | Used by OneDrive for Business to download and verify app updates
| onecollector.cloudapp.aria.akadns.net | HTTPS | Microsoft Office
| ow1.res.office365.com | HTTP | Microsoft Office
-| pti.store.microsoft.com | HTTPS | Microsoft Store
| purchase.mp.microsoft.com\* | HTTPS | Used to communicate with Microsoft Store
| query.prod.cms.rt.microsoft.com\* | HTTPS | Used to retrieve Windows Spotlight metadata
| ris.api.iris.microsoft.com\* | TLSv1.2/HTTPS | Used to retrieve Windows Spotlight metadata
@@ -172,7 +171,6 @@ The following methodology was used to derive the network endpoints:
| nav.smartscreen.microsoft.com | HTTPS | Windows Defender
| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities
| oneclient.sfx.ms | HTTP | OneDrive
-| pti.store.microsoft.com | HTTPS | Microsoft Store
| ris.api.iris.microsoft.com.akadns.net | HTTPS | Used to retrieve Windows Spotlight metadata
| ris-prod-atm.trafficmanager.net | HTTPS | Azure
| s2s.config.skype.com | HTTP | Microsoft Skype
@@ -251,7 +249,6 @@ The following methodology was used to derive the network endpoints:
| ocsp.digicert.com\* | HTTP | CRL and OCSP checks to the issuing certificate authorities
| oneclient.sfx.ms/\* | HTTPS | Used by OneDrive for Business to download and verify app updates
| onecollector.cloudapp.aria.akadns.net | HTTPS | Microsoft Office
-| pti.store.microsoft.com | HTTPS | Microsoft Store
| settings-win.data.microsoft.com/settings/\* | HTTPS | Used as a way for apps to dynamically update their configuration
| share.microsoft.com | HTTPS | Microsoft Store
| skypeecs-prod-usw-0.cloudapp.net | HTTPS | Skype
diff --git a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
index 22f613edc5..a0bfa21291 100644
--- a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
@@ -1,8 +1,8 @@
---
title: Windows 10, version 1909, connection endpoints for non-Enterprise editions
description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1909.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -70,7 +70,6 @@ The following methodology was used to derive the network endpoints:
|outlook.office365.com|HTTP|Used to connect to the Microsoft 365 admin center's shared infrastructure, including Office in a browser
|ocsp.digicert.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
|oneclient.sfx.ms|HTTPS|Used by OneDrive for Business to download and verify app updates
-|pti.store.microsoft.com/*|HTTP|Used to communicate with Microsoft Store
|img-prod-cms-rt-microsoft-com.akamaized.net|HTTP|Used to communicate with Microsoft Store
|manage.devcenter.microsoft.com|HTTP/TLS v1.2|Used to get Microsoft Store analytics
|ris.api.iris.microsoft.com|HTTPS|Used to retrieve Windows Spotlight metadata that describes content
@@ -139,7 +138,6 @@ The following methodology was used to derive the network endpoints:
|ocsp.msocsp.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
|oneclient.sfx.ms|HTTPS|Used by OneDrive for Business to download and verify app updates
|mobile.pipe.aria.microsoft.com|HTTP|Office Telemetry
-|pti.store.microsoft.com/*|HTTP|Used to communicate with Microsoft Store
|ris.api.iris.microsoft.com|TLS v1.2|Windows Spotlight
|settings-win.data.microsoft.com|HTTPS/TLS v1.2|Used for Windows apps to dynamically update their configuration
|spo-ring.msedge.net|TLSv1.2|Cortana and Live Tiles
@@ -189,7 +187,6 @@ The following methodology was used to derive the network endpoints:
|iecvlist.microsoft.com|HTTP|Microsoft Edge
|download.windowsupdate.com|HTTP|Windows Update
|checkappexec.microsoft.com|HTTPS|Windows Defender
-|pti.store.microsoft.com/*|HTTP|Microsoft Store
|emdl.ws.microsoft.com|HTTP|Windows Update
|evoke-windowsservices-tas.msedge.net|HTTPS/TLS v1.2|Photos app
|g.live.com|TLS v1.2|OneDrive
diff --git a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md
index dd6dc0c592..f41413a60a 100644
--- a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md
@@ -1,8 +1,8 @@
---
title: Windows 10, version 20H2, connection endpoints for non-Enterprise editions
description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 20H2.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -75,7 +75,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
||The following endpoints are used get images that are used for Microsoft Store suggestions|TLSv1.2|store-images.s-microsoft.com|
@@ -152,7 +151,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet.|TLSv1.2/HTTP|www.msftconnecttest.com*|
@@ -227,7 +225,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|1storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet.|TLSv1.2/HTTP|www.msftconnecttest.com*|
diff --git a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md
index c9fc4c9d3a..ae92428145 100644
--- a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md
@@ -1,8 +1,8 @@
---
title: Windows 10, version 21H1, connection endpoints for non-Enterprise editions
description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 21H1.
-ms.prod: windows-client
-ms.technology: itpro-privacy
+ms.service: windows-client
+ms.subservice: itpro-privacy
ms.localizationpriority: high
author: DHB-MSFT
ms.author: danbrown
@@ -73,7 +73,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
||The following endpoints are used get images that are used for Microsoft Store suggestions|TLSv1.2|store-images.s-microsoft.com|
@@ -148,7 +147,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet.|TLSv1.2/HTTP|www.msftconnecttest.com*|
@@ -221,7 +219,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|1storecatalogrevocation.storequality.microsoft.com|
||The following endpoints are used to communicate with Microsoft Store.|TLSv1.2/HTTPS/HTTP|*displaycatalog.mp.microsoft.com|
-|||HTTPS|pti.store.microsoft.com|
|||HTTPS|storesdk.dsx.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet.|TLSv1.2/HTTP|www.msftconnecttest.com*|
diff --git a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
index 2ec2462e4c..f268f032bb 100644
--- a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
+++ b/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
@@ -1,12 +1,10 @@
---
title: Windows Defender Application Control and virtualization-based code integrity
description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with Windows Defender Application Control (WDAC).
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
ms.author: vinpa
manager: aaroncz
-ms.technology: itpro-security
ms.date: 03/16/2023
ms.topic: article
---
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index 445dd2b03e..62c1b9f07b 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -33,6 +33,8 @@
"overwrite": [],
"externalReference": [],
"globalMetadata": {
+ "ms.subservice": "itpro-security",
+ "ms.service": "windows-client",
"recommendations": true,
"adobe-target": true,
"ms.collection": [
@@ -42,8 +44,6 @@
"zone_pivot_group_filename": "resources/zone-pivot-groups.json",
"uhfHeaderId": "MSDocsHeader-Windows",
"ms.localizationpriority": "medium",
- "ms.prod": "windows-client",
- "ms.technology": "itpro-security",
"manager": "aaroncz",
"feedback_system": "Standard",
"feedback_product_url": "https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332",
diff --git a/windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows.md
index d5451404d1..e68ce7f0d5 100644
--- a/windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows.md
+++ b/windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows.md
@@ -1,16 +1,16 @@
---
-title: How Windows Defender System Guard helps protect Windows
-description: Learn how Windows Defender System Guard reorganizes the existing Windows system integrity features under one roof.
+title: How System Guard helps protect Windows
+description: Learn how System Guard reorganizes the existing Windows system integrity features under one roof.
ms.localizationpriority: medium
-ms.date: 10/25/2023
+ms.date: 01/16/2024
ms.topic: conceptual
---
-# Windows Defender System Guard: How a hardware-based root of trust helps protect Windows
+# System Guard: How a hardware-based root of trust helps protect Windows
To protect critical resources such as the Windows authentication stack, single sign-on tokens, the Windows Hello biometric stack, and the Virtual Trusted Platform Module, a system's firmware and hardware must be trustworthy.
-Windows Defender System Guard reorganizes the existing Windows system integrity features under one roof and sets up the next set of investments in Windows security. It's designed to make these security guarantees:
+System Guard reorganizes the existing Windows system integrity features under one roof and sets up the next set of investments in Windows security. It's designed to make these security guarantees:
- Protect and maintain the integrity of the system as it starts up
- Validate that system integrity has truly been maintained through local and remote attestation
@@ -33,7 +33,7 @@ Also, a bug fix for UEFI code can take a long time to design, build, retest, val
### Secure Launch—the Dynamic Root of Trust for Measurement (DRTM)
-[Windows Defender System Guard Secure Launch](system-guard-secure-launch-and-smm-protection.md), first introduced in Windows 10 version 1809, aims to alleviate these issues by leveraging a technology known as the Dynamic Root of Trust for Measurement (DRTM). DRTM lets the system freely boot into untrusted code initially, but shortly after launches the system into a trusted state by taking control of all CPUs and forcing them down a well-known and measured code path. This has the benefit of allowing untrusted early UEFI code to boot the system, but then being able to securely transition into a trusted and measured state.
+[System Guard Secure Launch](system-guard-secure-launch-and-smm-protection.md), first introduced in Windows 10 version 1809, aims to alleviate these issues by leveraging a technology known as the Dynamic Root of Trust for Measurement (DRTM). DRTM lets the system freely boot into untrusted code initially, but shortly after launches the system into a trusted state by taking control of all CPUs and forcing them down a well-known and measured code path. This has the benefit of allowing untrusted early UEFI code to boot the system, but then being able to securely transition into a trusted and measured state.
@@ -56,15 +56,15 @@ SMM protection is built on top of the Secure Launch technology and requires it t
## Validating platform integrity after Windows is running (run time)
-While Windows Defender System Guard provides advanced protection that will help protect and maintain the integrity of the platform during boot and at run time, the reality is that we must apply an "assume breach" mentality to even our most sophisticated security technologies. We can trust that the technologies are successfully doing their jobs, but we also need the ability to verify that they were successful in achieving their goals. For platform integrity, we can't just trust the platform, which potentially could be compromised, to self-attest to its security state. So Windows Defender System Guard includes a series of technologies that enable remote analysis of the device's integrity.
+While System Guard provides advanced protection that will help protect and maintain the integrity of the platform during boot and at run time, the reality is that we must apply an "assume breach" mentality to even our most sophisticated security technologies. We can trust that the technologies are successfully doing their jobs, but we also need the ability to verify that they were successful in achieving their goals. For platform integrity, we can't just trust the platform, which potentially could be compromised, to self-attest to its security state. So System Guard includes a series of technologies that enable remote analysis of the device's integrity.
-As Windows boots, a series of integrity measurements are taken by Windows Defender System Guard using the device's Trusted Platform Module 2.0 (TPM 2.0). System Guard Secure Launch doesn't support earlier TPM versions, such as TPM 1.2. This process and data are hardware-isolated away from Windows to help ensure that the measurement data isn't subject to the type of tampering that could happen if the platform was compromised. From here, the measurements can be used to determine the integrity of the device's firmware, hardware configuration state, and Windows boot-related components, to name a few.
+As Windows boots, a series of integrity measurements are taken by System Guard using the device's Trusted Platform Module 2.0 (TPM 2.0). System Guard Secure Launch doesn't support earlier TPM versions, such as TPM 1.2. This process and data are hardware-isolated away from Windows to help ensure that the measurement data isn't subject to the type of tampering that could happen if the platform was compromised. From here, the measurements can be used to determine the integrity of the device's firmware, hardware configuration state, and Windows boot-related components, to name a few.
-
+
-After the system boots, Windows Defender System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Configuration Manager can acquire them for remote analysis. If Windows Defender System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
+After the system boots, System Guard signs and seals these measurements using the TPM. Upon request, a management system like Intune or Microsoft Configuration Manager can acquire them for remote analysis. If System Guard indicates that the device lacks integrity, the management system can take a series of actions, such as denying the device access to resources.
-[!INCLUDE [windows-defender-system-guard](../../../includes/licensing/windows-defender-system-guard.md)]
+[!INCLUDE [system-guard](../../../includes/licensing/system-guard.md)]
## System requirements for System Guard
@@ -78,7 +78,7 @@ This feature is available for the following processors:
|Name|Description|
|--------|-----------|
-|64-bit CPU|A 64-bit computer with minimum four cores (logical processors) is required for hypervisor and virtualization-based security (VBS). For more information about Hyper-V, see [Hyper-V on Windows Server 2016](/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/about/). For more information about hypervisor, see [Hypervisor Specifications](/virtualization/hyper-v-on-windows/reference/tlfs).|
+|64-bit CPU|A 64-bit computer with minimum four cores (logical processors) is required for hypervisor and Virtualization-based security (VBS). For more information about Hyper-V, see [Hyper-V on Windows Server 2016](/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/about/). For more information about hypervisor, see [Hypervisor Specifications](/virtualization/hyper-v-on-windows/reference/tlfs).|
|Trusted Platform Module (TPM) 2.0|Platforms must support a discrete TPM 2.0. Integrated/firmware TPMs aren't supported, except Intel chips that support Platform Trust Technology (PTT), which is a type of integrated hardware TPM that meets the TPM 2.0 spec.|
|Windows DMA Protection|Platforms must meet the Windows DMA Protection Specification (all external DMA ports must be off by default until the OS explicitly powers them).|
|SMM communication buffers| All SMM communication buffers must be implemented in EfiRuntimeServicesData, EfiRuntimeServicesCode, EfiACPIMemoryNVS, or EfiReservedMemoryType memory types. |
@@ -94,7 +94,7 @@ This feature is available for the following processors:
|Name|Description|
|--------|-----------|
-|64-bit CPU|A 64-bit computer with minimum four cores (logical processors) is required for hypervisor and virtualization-based security (VBS). For more information about Hyper-V, see [Hyper-V on Windows Server 2016](/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/about/). For more information about hypervisor, see [Hypervisor Specifications](/virtualization/hyper-v-on-windows/reference/tlfs).|
+|64-bit CPU|A 64-bit computer with minimum four cores (logical processors) is required for hypervisor and Virtualization-based security (VBS). For more information about Hyper-V, see [Hyper-V on Windows Server 2016](/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/about/). For more information about hypervisor, see [Hypervisor Specifications](/virtualization/hyper-v-on-windows/reference/tlfs).|
|Trusted Platform Module (TPM) 2.0|Platforms must support a discrete TPM 2.0 OR Microsoft Pluton TPM.|
|Windows DMA Protection|Platforms must meet the Windows DMA Protection Specification (all external DMA ports must be off by default until the OS explicitly powers them).|
|SMM communication buffers| All SMM communication buffers must be implemented in EfiRuntimeServicesData, EfiRuntimeServicesCode, EfiACPIMemoryNVS, or EfiReservedMemoryType memory types. |
diff --git a/windows/security/hardware-security/images/system-guard-boot-time-integrity.png b/windows/security/hardware-security/images/system-guard-boot-time-integrity.png
new file mode 100644
index 0000000000..2dc989f2ef
Binary files /dev/null and b/windows/security/hardware-security/images/system-guard-boot-time-integrity.png differ
diff --git a/windows/security/hardware-security/images/system-guard-secure-launch.png b/windows/security/hardware-security/images/system-guard-secure-launch.png
index b8167afbdc..9d02a7e2f3 100644
Binary files a/windows/security/hardware-security/images/system-guard-secure-launch.png and b/windows/security/hardware-security/images/system-guard-secure-launch.png differ
diff --git a/windows/security/hardware-security/images/windows-defender-system-guard-boot-time-integrity.png b/windows/security/hardware-security/images/windows-defender-system-guard-boot-time-integrity.png
deleted file mode 100644
index 1761e2e539..0000000000
Binary files a/windows/security/hardware-security/images/windows-defender-system-guard-boot-time-integrity.png and /dev/null differ
diff --git a/windows/security/hardware-security/toc.yml b/windows/security/hardware-security/toc.yml
index c941dc715a..92e9f40c56 100644
--- a/windows/security/hardware-security/toc.yml
+++ b/windows/security/hardware-security/toc.yml
@@ -3,7 +3,7 @@ items:
href: index.md
- name: Hardware root of trust
items:
- - name: Windows Defender System Guard
+ - name: System Guard
href: how-hardware-based-root-of-trust-helps-protect-windows.md
- name: Trusted Platform Module
href: tpm/trusted-platform-module-overview.md
diff --git a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
index cb77691205..583823e56f 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md
@@ -1,8 +1,8 @@
---
-ms.date: 11/22/2023
title: Smart Card and Remote Desktop Services
description: This topic for the IT professional describes the behavior of Remote Desktop Services when you implement smart card sign-in.
ms.topic: concept-article
+ms.date: 01/16/2024
---
# Smart Card and Remote Desktop Services
diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
index 3fa6fe2bae..bd640b89fd 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
@@ -2,7 +2,7 @@
title: Smart Card Architecture
description: This topic for the IT professional describes the system architecture that supports smart cards in the Windows operating system.
ms.topic: reference-architecture
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Architecture
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
index fe6f0b5c39..770de019ca 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md
@@ -2,7 +2,7 @@
title: Certificate propagation service
description: Learn about the certificate propagation service (CertPropSvc), which is used in smart card implementation.
ms.topic: concept-article
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Certificate propagation service
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
index 9f8291d4a6..5b33c9f79c 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
@@ -2,7 +2,7 @@
title: Certificate Requirements and Enumeration
description: This topic for the IT professional and smart card developers describes how certificates are managed and used for smart card sign-in.
ms.topic: concept-article
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Certificate Requirements and Enumeration
diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
index d5df22275e..ce951db2a1 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
@@ -2,7 +2,7 @@
title: Smart Card Troubleshooting
description: Describes the tools and services that smart card developers can use to help identify certificate issues with the smart card deployment.
ms.topic: troubleshooting
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Troubleshooting
diff --git a/windows/security/identity-protection/smart-cards/smart-card-events.md b/windows/security/identity-protection/smart-cards/smart-card-events.md
index 96a66ee27a..6aef6b3288 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-events.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-events.md
@@ -2,7 +2,7 @@
title: Smart card events
description: Learn about smart card deployment and development events.
ms.topic: troubleshooting
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart card events
diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
index d218b20bc5..79e5f674c9 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
@@ -2,7 +2,7 @@
title: Smart Card Group Policy and Registry Settings
description: Discover the Group Policy, registry key, local security policy, and credential delegation policy settings that are available for configuring smart cards.
ms.topic: reference
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Group Policy and Registry Settings
@@ -373,7 +373,7 @@ The following smart card-related Group Policy settings are in **Computer Configu
| Group Policy setting and registry key | Default | Description |
|--|--|--|
-| Interactive logon: Require smart card
**scforceoption** | Disabled | This security policy setting requires users to sign in to a computer by using a smart card.
**Enabled** Users can sign in to the computer only by using a smart card.
**Disabled** Users can sign in to the computer by using any method.
NOTE: the Windows LAPS-managed local account is exempted from this policy when Enabled. For more information see [Windows LAPS integration with smart card policy](/windows-server/identity/laps/laps-concepts#windows-laps-integration-with-smart-card-policy).
|
+| Interactive logon: Require smart card
**scforceoption** | Disabled | This security policy setting requires users to sign in to a computer by using a smart card.
**Enabled** Users can sign in to the computer only by using a smart card.
**Disabled** Users can sign in to the computer by using any method.
NOTE: the Windows LAPS-managed local account is exempted from this policy when Enabled. |
| Interactive logon: Smart card removal behavior
**scremoveoption** | This policy setting isn't defined, which means that the system treats it as **No Action**. | This setting determines what happens when the smart card for a signed-in user is removed from the smart card reader. The options are:
**No Action**
**Lock Workstation**: The workstation is locked when the smart card is removed, so users can leave the area, take their smart card with them, and still maintain a protected session.
**Force Logoff**: The user is automatically signed out when the smart card is removed.
**Disconnect if a Remote Desktop Services session**: Removal of the smart card disconnects the session without signing out the user. The user can reinsert the smart card and resume the session later, or at another computer that's equipped with a smart card reader, without having to sign in again. If the session is local, this policy setting functions identically to the **Lock Workstation** option. |
From the Local Security Policy Editor (secpol.msc), you can edit and apply system policies to manage credential delegation for local or domain computers.
diff --git a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
index 6727a73a66..6f23ce09a9 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md
@@ -2,7 +2,7 @@
title: How Smart Card Sign-in Works in Windows
description: This topic for IT professional provides links to resources about the implementation of smart card technologies in the Windows operating system.
ms.topic: overview
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# How Smart Card Sign-in Works in Windows
diff --git a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
index 7709e7524f..65933d65a1 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md
@@ -2,7 +2,7 @@
title: Smart Card Removal Policy Service
description: This topic for the IT professional describes the role of the removal policy service (ScPolicySvc) in smart card implementation.
ms.topic: concept-article
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Removal Policy Service
diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
index cf988e8549..ad2cd71fb9 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
@@ -2,7 +2,7 @@
title: Smart Cards for Windows Service
description: This topic for the IT professional and smart card developers describes how the Smart Cards for Windows service manages readers and application interactions.
ms.topic: concept-article
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Cards for Windows Service
diff --git a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
index 0d0d5e8372..f703ec1f9c 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md
@@ -2,7 +2,7 @@
title: Smart Card Tools and Settings
description: This topic for the IT professional and smart card developer links to information about smart card debugging, settings, and events.
ms.topic: get-started
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Tools and Settings
diff --git a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
index da1a559648..d615e2079c 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
@@ -2,7 +2,7 @@
title: Smart Card Technical Reference
description: Learn about the Windows smart card infrastructure for physical smart cards, and how smart card-related components work in Windows.
ms.topic: overview
-ms.date: 11/22/2023
+ms.date: 01/16/2024
---
# Smart Card Technical Reference
diff --git a/windows/security/index.yml b/windows/security/index.yml
index 069ecf8fb7..99c0f44731 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -6,8 +6,6 @@ brand: windows
metadata:
ms.topic: hub-page
- ms.prod: windows-client
- ms.technology: itpro-security
ms.collection:
- tier1
author: paolomatarazzo
diff --git a/windows/security/licensing-and-edition-requirements.md b/windows/security/licensing-and-edition-requirements.md
index 5f18fd26da..ece47c14a8 100644
--- a/windows/security/licensing-and-edition-requirements.md
+++ b/windows/security/licensing-and-edition-requirements.md
@@ -7,7 +7,6 @@ appliesto:
- ✅ Windows 11
ms.author: paoloma
author: paolomatarazzo
-ms.prod: windows-client
---
# Windows security features licensing and edition requirements
diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index eaa7ed73d3..4c63211e0c 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -3,7 +3,6 @@ title: Advanced security audit policy settings
description: This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.
ms.assetid: 93b28b92-796f-4036-a53b-8b9e80f9f171
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -12,7 +11,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Advanced security audit policy settings (Windows 10)
diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.yml b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.yml
index 9b46b2d3a3..768de067a0 100644
--- a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.yml
+++ b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.yml
@@ -2,13 +2,11 @@
metadata:
title: Advanced security auditing FAQ
description: This article lists common questions and answers about understanding, deploying, and managing security audit policies.
- ms.prod: windows-client
author: vinaypamnani-msft
ms.author: vinpa
manager: aaroncz
ms.topic: faq
ms.date: 05/24/2022
- ms.technology: itpro-security
title: Advanced security auditing FAQ
diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing.md b/windows/security/threat-protection/auditing/advanced-security-auditing.md
index 1aed416fd1..84c93ea504 100644
--- a/windows/security/threat-protection/auditing/advanced-security-auditing.md
+++ b/windows/security/threat-protection/auditing/advanced-security-auditing.md
@@ -4,7 +4,6 @@ description: Advanced security audit policy settings might appear to overlap wit
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/6/2021
-ms.technology: itpro-security
---
# Advanced security audit policies
diff --git a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
index e27eedd443..2ddc4a8249 100644
--- a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
+++ b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md
@@ -2,7 +2,6 @@
title: Appendix A, Security monitoring recommendations for many audit events
description: Learn about recommendations for the type of monitoring required for certain classes of security audit events.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/06/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
index d8dcb28e30..5e7b8bfd19 100644
--- a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
+++ b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
@@ -4,7 +4,6 @@ description: Apply audit policies to individual files and folders on your comput
ms.assetid: 565E7249-5CD0-4B2E-B2C0-B3A0793A51E2
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Apply a basic audit policy on a file or folder
diff --git a/windows/security/threat-protection/auditing/audit-account-lockout.md b/windows/security/threat-protection/auditing/audit-account-lockout.md
index 5f21d6eab6..e4bbde6028 100644
--- a/windows/security/threat-protection/auditing/audit-account-lockout.md
+++ b/windows/security/threat-protection/auditing/audit-account-lockout.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-application-generated.md b/windows/security/threat-protection/auditing/audit-application-generated.md
index ad5c87de63..3c22b0237f 100644
--- a/windows/security/threat-protection/auditing/audit-application-generated.md
+++ b/windows/security/threat-protection/auditing/audit-application-generated.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-application-group-management.md b/windows/security/threat-protection/auditing/audit-application-group-management.md
index 9fb1c10453..fd489adaac 100644
--- a/windows/security/threat-protection/auditing/audit-application-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-application-group-management.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-audit-policy-change.md b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
index be89c50a5a..d1291e568e 100644
--- a/windows/security/threat-protection/auditing/audit-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-audit-policy-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
index 2b14cd5e29..7ab38720e0 100644
--- a/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authentication-policy-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
index b86b2d9b6b..5ad0e5fff3 100644
--- a/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-authorization-policy-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
index b330e72006..dbadfb80dd 100644
--- a/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
+++ b/windows/security/threat-protection/auditing/audit-central-access-policy-staging.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-certification-services.md b/windows/security/threat-protection/auditing/audit-certification-services.md
index cb33e2480b..1818d6abea 100644
--- a/windows/security/threat-protection/auditing/audit-certification-services.md
+++ b/windows/security/threat-protection/auditing/audit-certification-services.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-computer-account-management.md b/windows/security/threat-protection/auditing/audit-computer-account-management.md
index 78bd0d1701..836f66077c 100644
--- a/windows/security/threat-protection/auditing/audit-computer-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-computer-account-management.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-credential-validation.md b/windows/security/threat-protection/auditing/audit-credential-validation.md
index 3d6283d2ab..776717c166 100644
--- a/windows/security/threat-protection/auditing/audit-credential-validation.md
+++ b/windows/security/threat-protection/auditing/audit-credential-validation.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
index d909d6ba62..7f07a68413 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-directory-service-replication.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-detailed-file-share.md b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
index bb87079a1b..0b41ec8acd 100644
--- a/windows/security/threat-protection/auditing/audit-detailed-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-detailed-file-share.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-access.md b/windows/security/threat-protection/auditing/audit-directory-service-access.md
index 0576b52401..2a83b4b3ec 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-access.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-changes.md b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
index d2b294d326..d746cc2a12 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-changes.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-changes.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-directory-service-replication.md b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
index bae794b8c0..c3efe2134f 100644
--- a/windows/security/threat-protection/auditing/audit-directory-service-replication.md
+++ b/windows/security/threat-protection/auditing/audit-directory-service-replication.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-distribution-group-management.md b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
index e254cd23b0..87cfeca376 100644
--- a/windows/security/threat-protection/auditing/audit-distribution-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-distribution-group-management.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-dpapi-activity.md b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
index edc400cd02..f7a7cf3eaa 100644
--- a/windows/security/threat-protection/auditing/audit-dpapi-activity.md
+++ b/windows/security/threat-protection/auditing/audit-dpapi-activity.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-file-share.md b/windows/security/threat-protection/auditing/audit-file-share.md
index 65ea03ef20..c57ba2e002 100644
--- a/windows/security/threat-protection/auditing/audit-file-share.md
+++ b/windows/security/threat-protection/auditing/audit-file-share.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-file-system.md b/windows/security/threat-protection/auditing/audit-file-system.md
index 18e5b32a55..689b7bd0e5 100644
--- a/windows/security/threat-protection/auditing/audit-file-system.md
+++ b/windows/security/threat-protection/auditing/audit-file-system.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
index 2edf237cad..8393e5be1c 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
index a3d70e667a..9c77101ee8 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
index fe1236b0e6..9ab9af405b 100644
--- a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-group-membership.md b/windows/security/threat-protection/auditing/audit-group-membership.md
index b5531fb996..771769f0be 100644
--- a/windows/security/threat-protection/auditing/audit-group-membership.md
+++ b/windows/security/threat-protection/auditing/audit-group-membership.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-handle-manipulation.md b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
index 081f3a3d34..2452d552c4 100644
--- a/windows/security/threat-protection/auditing/audit-handle-manipulation.md
+++ b/windows/security/threat-protection/auditing/audit-handle-manipulation.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-driver.md b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
index 1719e81ee6..20882eebbc 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-driver.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-driver.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
index 0e2168d0f5..45b5d1ef63 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
index 81cfde4d9d..f1c660e1e8 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
index 0ee38a23f7..c456fc1f21 100644
--- a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
+++ b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
index bd54abd7d0..6ec1fcf9e4 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
index f942a116de..2d13eeaf23 100644
--- a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
+++ b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-kernel-object.md b/windows/security/threat-protection/auditing/audit-kernel-object.md
index afb2069653..ae38545e9f 100644
--- a/windows/security/threat-protection/auditing/audit-kernel-object.md
+++ b/windows/security/threat-protection/auditing/audit-kernel-object.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-logoff.md b/windows/security/threat-protection/auditing/audit-logoff.md
index 8c631d2e0a..0525d84b24 100644
--- a/windows/security/threat-protection/auditing/audit-logoff.md
+++ b/windows/security/threat-protection/auditing/audit-logoff.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-logon.md b/windows/security/threat-protection/auditing/audit-logon.md
index fcd5e254ef..1437ead2f9 100644
--- a/windows/security/threat-protection/auditing/audit-logon.md
+++ b/windows/security/threat-protection/auditing/audit-logon.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
index a6f72640dc..d00998a052 100644
--- a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
+++ b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-network-policy-server.md b/windows/security/threat-protection/auditing/audit-network-policy-server.md
index 8c46beb77a..9af80769b0 100644
--- a/windows/security/threat-protection/auditing/audit-network-policy-server.md
+++ b/windows/security/threat-protection/auditing/audit-network-policy-server.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
index 298b8a5061..937e8bc34c 100644
--- a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
index 664c5f6b17..9b973c0b7b 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-account-management-events.md b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
index 68fa5e72ef..670cf6612d 100644
--- a/windows/security/threat-protection/auditing/audit-other-account-management-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-account-management-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
index 075d245ab1..86e40c99ae 100644
--- a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-object-access-events.md b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
index fc6e2dbd2e..5807ad6849 100644
--- a/windows/security/threat-protection/auditing/audit-other-object-access-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-object-access-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
index 8f78be458c..b05830fca8 100644
--- a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
index d7b89004e2..123145fdaf 100644
--- a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-other-system-events.md b/windows/security/threat-protection/auditing/audit-other-system-events.md
index 9c768d486b..5472834fd9 100644
--- a/windows/security/threat-protection/auditing/audit-other-system-events.md
+++ b/windows/security/threat-protection/auditing/audit-other-system-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-pnp-activity.md b/windows/security/threat-protection/auditing/audit-pnp-activity.md
index b0f231d898..bd82df1b1e 100644
--- a/windows/security/threat-protection/auditing/audit-pnp-activity.md
+++ b/windows/security/threat-protection/auditing/audit-pnp-activity.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-process-creation.md b/windows/security/threat-protection/auditing/audit-process-creation.md
index 53eec87d8c..c19e613f2c 100644
--- a/windows/security/threat-protection/auditing/audit-process-creation.md
+++ b/windows/security/threat-protection/auditing/audit-process-creation.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 03/16/2022
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-process-termination.md b/windows/security/threat-protection/auditing/audit-process-termination.md
index 0a9089db1f..0ecd8f1351 100644
--- a/windows/security/threat-protection/auditing/audit-process-termination.md
+++ b/windows/security/threat-protection/auditing/audit-process-termination.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md
index 418fda413d..a4cea25938 100644
--- a/windows/security/threat-protection/auditing/audit-registry.md
+++ b/windows/security/threat-protection/auditing/audit-registry.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 01/05/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-removable-storage.md b/windows/security/threat-protection/auditing/audit-removable-storage.md
index faa143e4c6..5ef92d1b38 100644
--- a/windows/security/threat-protection/auditing/audit-removable-storage.md
+++ b/windows/security/threat-protection/auditing/audit-removable-storage.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-rpc-events.md b/windows/security/threat-protection/auditing/audit-rpc-events.md
index 1b6a9b69ca..b5dd671672 100644
--- a/windows/security/threat-protection/auditing/audit-rpc-events.md
+++ b/windows/security/threat-protection/auditing/audit-rpc-events.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-sam.md b/windows/security/threat-protection/auditing/audit-sam.md
index 4eb4577d13..c0253c800f 100644
--- a/windows/security/threat-protection/auditing/audit-sam.md
+++ b/windows/security/threat-protection/auditing/audit-sam.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-security-group-management.md b/windows/security/threat-protection/auditing/audit-security-group-management.md
index 8fd69b4b8a..ce479065a5 100644
--- a/windows/security/threat-protection/auditing/audit-security-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-security-group-management.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-security-state-change.md b/windows/security/threat-protection/auditing/audit-security-state-change.md
index 93830b3271..c1a71e863e 100644
--- a/windows/security/threat-protection/auditing/audit-security-state-change.md
+++ b/windows/security/threat-protection/auditing/audit-security-state-change.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-security-system-extension.md b/windows/security/threat-protection/auditing/audit-security-system-extension.md
index ceef6d3134..a058f09795 100644
--- a/windows/security/threat-protection/auditing/audit-security-system-extension.md
+++ b/windows/security/threat-protection/auditing/audit-security-system-extension.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
index becca46597..3f5fa3f97d 100644
--- a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
+++ b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-special-logon.md b/windows/security/threat-protection/auditing/audit-special-logon.md
index 12308ff6e3..291c011a68 100644
--- a/windows/security/threat-protection/auditing/audit-special-logon.md
+++ b/windows/security/threat-protection/auditing/audit-special-logon.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-system-integrity.md b/windows/security/threat-protection/auditing/audit-system-integrity.md
index 8d64f386ff..85cd8f762c 100644
--- a/windows/security/threat-protection/auditing/audit-system-integrity.md
+++ b/windows/security/threat-protection/auditing/audit-system-integrity.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
index 1b9208a8d5..ca2b5b0186 100644
--- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -5,8 +5,6 @@ manager: aaroncz
author: vinaypamnani-msft
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
-ms.technology: itpro-security
ms.date: 12/31/2017
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-user-account-management.md b/windows/security/threat-protection/auditing/audit-user-account-management.md
index a504763fe3..22bd1134da 100644
--- a/windows/security/threat-protection/auditing/audit-user-account-management.md
+++ b/windows/security/threat-protection/auditing/audit-user-account-management.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/audit-user-device-claims.md b/windows/security/threat-protection/auditing/audit-user-device-claims.md
index 27e1a7f23d..748184d302 100644
--- a/windows/security/threat-protection/auditing/audit-user-device-claims.md
+++ b/windows/security/threat-protection/auditing/audit-user-device-claims.md
@@ -6,13 +6,11 @@ ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/06/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
index 017fb5ec82..7c8b3b1d1a 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md
@@ -4,7 +4,6 @@ description: Determines whether to audit each instance of a user logging on to o
ms.assetid: 84B44181-E325-49A1-8398-AECC3CE0A516
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit account logon events
diff --git a/windows/security/threat-protection/auditing/basic-audit-account-management.md b/windows/security/threat-protection/auditing/basic-audit-account-management.md
index e3e8fa199c..0f902b9980 100644
--- a/windows/security/threat-protection/auditing/basic-audit-account-management.md
+++ b/windows/security/threat-protection/auditing/basic-audit-account-management.md
@@ -4,7 +4,6 @@ description: Determines whether to audit each event of account management on a d
ms.assetid: 369197E1-7E0E-45A4-89EA-16D91EF01689
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit account management
diff --git a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
index 82647ef71b..fb7213123d 100644
--- a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md
@@ -4,7 +4,6 @@ description: Determines whether to audit the event of a user accessing an Active
ms.assetid: 52F02EED-3CFE-4307-8D06-CF1E27693D09
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit directory service access
diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
index 4b5e68258f..6019102b0e 100644
--- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
@@ -4,7 +4,6 @@ description: Determines whether to audit each instance of a user logging on to o
ms.assetid: 78B5AFCB-0BBD-4C38-9FE9-6B4571B94A35
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit logon events
diff --git a/windows/security/threat-protection/auditing/basic-audit-object-access.md b/windows/security/threat-protection/auditing/basic-audit-object-access.md
index 66a2833e20..a27f9b77a0 100644
--- a/windows/security/threat-protection/auditing/basic-audit-object-access.md
+++ b/windows/security/threat-protection/auditing/basic-audit-object-access.md
@@ -4,7 +4,6 @@ description: The policy setting, Audit object access, determines whether to audi
ms.assetid: D15B6D67-7886-44C2-9972-3F192D5407EA
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit object access
diff --git a/windows/security/threat-protection/auditing/basic-audit-policy-change.md b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
index 4db162688d..c8c2ed48d0 100644
--- a/windows/security/threat-protection/auditing/basic-audit-policy-change.md
+++ b/windows/security/threat-protection/auditing/basic-audit-policy-change.md
@@ -4,7 +4,6 @@ description: Determines whether to audit every incident of a change to user righ
ms.assetid: 1025A648-6B22-4C85-9F47-FE0897F1FA31
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit policy change
diff --git a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
index 11a05ab720..1275bd3206 100644
--- a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
+++ b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md
@@ -4,7 +4,6 @@ description: Determines whether to audit each instance of a user exercising a us
ms.assetid: C5C6DAAF-8B58-4DFB-B1CE-F0675AE0E9F8
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit privilege use
diff --git a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
index 796e7f323f..71a2c2735c 100644
--- a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
+++ b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md
@@ -4,7 +4,6 @@ description: Determines whether to audit detailed tracking information for event
ms.assetid: 91AC5C1E-F4DA-4B16-BEE2-C92D66E4CEEA
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit process tracking
diff --git a/windows/security/threat-protection/auditing/basic-audit-system-events.md b/windows/security/threat-protection/auditing/basic-audit-system-events.md
index c3a231e65c..d29c89b90f 100644
--- a/windows/security/threat-protection/auditing/basic-audit-system-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-system-events.md
@@ -4,7 +4,6 @@ description: Determines whether to audit when a user restarts or shuts down the
ms.assetid: BF27588C-2AA7-4365-A4BF-3BB377916447
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Audit system events
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policies.md b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
index 93ea3850e5..a238c70e5c 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policies.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policies.md
@@ -4,7 +4,6 @@ description: Learn about basic security audit policies that specify the categori
ms.assetid: 3B678568-7AD7-4734-9BB4-53CF5E04E1D3
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Basic security audit policies
diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
index 70b4c9c798..1b496de6ee 100644
--- a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md
@@ -4,7 +4,6 @@ description: Basic security audit policy settings are found under Computer Confi
ms.assetid: 31C2C453-2CFC-4D9E-BC88-8CE1C1A8F900
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/06/2021
-ms.technology: itpro-security
---
# Basic security audit policy settings
diff --git a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
index 90f66f7720..0dbeef18fc 100644
--- a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
+++ b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md
@@ -4,7 +4,6 @@ description: By defining auditing settings for specific event categories, you ca
ms.assetid: C9F52751-B40D-482E-BE9D-2C61098249D3
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/07/2021
-ms.technology: itpro-security
---
# Create a basic audit policy for an event category
diff --git a/windows/security/threat-protection/auditing/event-1100.md b/windows/security/threat-protection/auditing/event-1100.md
index c243b5aac7..fd669405ba 100644
--- a/windows/security/threat-protection/auditing/event-1100.md
+++ b/windows/security/threat-protection/auditing/event-1100.md
@@ -2,7 +2,6 @@
title: 1100(S) The event logging service has shut down.
description: Describes security event 1100(S) The event logging service has shut down.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-1102.md b/windows/security/threat-protection/auditing/event-1102.md
index f576776df5..3f66f12f17 100644
--- a/windows/security/threat-protection/auditing/event-1102.md
+++ b/windows/security/threat-protection/auditing/event-1102.md
@@ -2,7 +2,6 @@
title: 1102(S) The audit log was cleared.
description: Though you shouldn't normally see it, this event generates every time Windows Security audit log is cleared. This is for event 1102(S).
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-1104.md b/windows/security/threat-protection/auditing/event-1104.md
index bb5e126fa3..60114513f7 100644
--- a/windows/security/threat-protection/auditing/event-1104.md
+++ b/windows/security/threat-protection/auditing/event-1104.md
@@ -2,7 +2,6 @@
title: 1104(S) The security log is now full.
description: This event generates every time Windows security log becomes full and the event log retention method is set to Do not overwrite events.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-1105.md b/windows/security/threat-protection/auditing/event-1105.md
index 52cf7ef880..ab01840a97 100644
--- a/windows/security/threat-protection/auditing/event-1105.md
+++ b/windows/security/threat-protection/auditing/event-1105.md
@@ -2,7 +2,6 @@
title: 1105(S) Event log automatic backup.
description: This event generates every time Windows security log becomes full and new event log file was created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-1108.md b/windows/security/threat-protection/auditing/event-1108.md
index 82f001a25b..df61026142 100644
--- a/windows/security/threat-protection/auditing/event-1108.md
+++ b/windows/security/threat-protection/auditing/event-1108.md
@@ -2,7 +2,6 @@
title: The event logging service encountered an error
description: Describes security event 1108(S) The event logging service encountered an error while processing an incoming event published from %1.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4608.md b/windows/security/threat-protection/auditing/event-4608.md
index fe0e35c6f0..4d229afc2d 100644
--- a/windows/security/threat-protection/auditing/event-4608.md
+++ b/windows/security/threat-protection/auditing/event-4608.md
@@ -2,7 +2,6 @@
title: 4608(S) Windows is starting up.
description: Describes security event 4608(S) Windows is starting up. This event is logged when the LSASS.EXE process starts and the auditing subsystem is initialized.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4610.md b/windows/security/threat-protection/auditing/event-4610.md
index d30d8aa1fe..a277e58ec7 100644
--- a/windows/security/threat-protection/auditing/event-4610.md
+++ b/windows/security/threat-protection/auditing/event-4610.md
@@ -2,7 +2,6 @@
title: 4610(S) An authentication package has been loaded by the Local Security Authority.
description: Describes security event 4610(S) An authentication package has been loaded by the Local Security Authority.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4611.md b/windows/security/threat-protection/auditing/event-4611.md
index 2730d51adc..27574efa40 100644
--- a/windows/security/threat-protection/auditing/event-4611.md
+++ b/windows/security/threat-protection/auditing/event-4611.md
@@ -2,7 +2,6 @@
title: 4611(S) A trusted logon process has been registered with the Local Security Authority.
description: Describes security event 4611(S) A trusted logon process has been registered with the Local Security Authority.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4612.md b/windows/security/threat-protection/auditing/event-4612.md
index 5be5bf7008..fba5b23479 100644
--- a/windows/security/threat-protection/auditing/event-4612.md
+++ b/windows/security/threat-protection/auditing/event-4612.md
@@ -2,7 +2,6 @@
title: 4612(S) Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.
description: Describes security event 4612(S) Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4614.md b/windows/security/threat-protection/auditing/event-4614.md
index 03a7376a53..7742a34ee9 100644
--- a/windows/security/threat-protection/auditing/event-4614.md
+++ b/windows/security/threat-protection/auditing/event-4614.md
@@ -2,7 +2,6 @@
title: 4614(S) A notification package has been loaded by the Security Account Manager.
description: Describes security event 4614(S) A notification package has been loaded by the Security Account Manager.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4615.md b/windows/security/threat-protection/auditing/event-4615.md
index 3032b10d53..c8a16371bd 100644
--- a/windows/security/threat-protection/auditing/event-4615.md
+++ b/windows/security/threat-protection/auditing/event-4615.md
@@ -2,7 +2,6 @@
title: 4615(S) Invalid use of LPC port.
description: Describes security event 4615(S) Invalid use of LPC port. It appears that the Invalid use of LPC port event never occurs.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4616.md b/windows/security/threat-protection/auditing/event-4616.md
index 62f34dc232..91890bb297 100644
--- a/windows/security/threat-protection/auditing/event-4616.md
+++ b/windows/security/threat-protection/auditing/event-4616.md
@@ -2,7 +2,6 @@
title: 4616(S) The system time was changed.
description: Describes security event 4616(S) The system time was changed. This event is generated every time system time is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4618.md b/windows/security/threat-protection/auditing/event-4618.md
index 0871962990..888ba46e90 100644
--- a/windows/security/threat-protection/auditing/event-4618.md
+++ b/windows/security/threat-protection/auditing/event-4618.md
@@ -2,7 +2,6 @@
title: 4618(S) A monitored security event pattern has occurred.
description: Describes security event 4618(S) A monitored security event pattern has occurred.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4621.md b/windows/security/threat-protection/auditing/event-4621.md
index 3d5e633672..23a502abad 100644
--- a/windows/security/threat-protection/auditing/event-4621.md
+++ b/windows/security/threat-protection/auditing/event-4621.md
@@ -2,7 +2,6 @@
title: 4621(S) Administrator recovered system from CrashOnAuditFail.
description: Describes security event 4621(S) Administrator recovered system from CrashOnAuditFail.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4622.md b/windows/security/threat-protection/auditing/event-4622.md
index 6fbd529f39..c55bf6a9b2 100644
--- a/windows/security/threat-protection/auditing/event-4622.md
+++ b/windows/security/threat-protection/auditing/event-4622.md
@@ -2,7 +2,6 @@
title: 4622(S) A security package has been loaded by the Local Security Authority.
description: Describes security event 4622(S) A security package has been loaded by the Local Security Authority.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md
index 244371e389..07fdf70e44 100644
--- a/windows/security/threat-protection/auditing/event-4624.md
+++ b/windows/security/threat-protection/auditing/event-4624.md
@@ -2,7 +2,6 @@
title: 4624(S) An account was successfully logged on.
description: Describes security event 4624(S) An account was successfully logged on.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.collection:
- highpri
- tier3
@@ -252,6 +250,9 @@ This event generates when a logon session is created (on destination machine). I
- **Source Port** [Type = UnicodeString]: source port which was used for logon attempt from remote machine.
- 0 for interactive logons.
+
+ > [!NOTE]
+ The fields for IP address/port and workstation name are populated depending on the authentication context and protocol used. LSASS will audit the information the authenticating service shares with LSASS. For example, network logons with Kerberos likely have no workstation information, and NTLM logons have no TCP/IP details.
**Detailed Authentication Information:**
diff --git a/windows/security/threat-protection/auditing/event-4625.md b/windows/security/threat-protection/auditing/event-4625.md
index 702684a0a3..0cb398d228 100644
--- a/windows/security/threat-protection/auditing/event-4625.md
+++ b/windows/security/threat-protection/auditing/event-4625.md
@@ -2,7 +2,6 @@
title: 4625(F) An account failed to log on.
description: Describes security event 4625(F) An account failed to log on. This event is generated if an account logon attempt failed for a locked out account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 01/03/2022
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.collection:
- highpri
- tier3
diff --git a/windows/security/threat-protection/auditing/event-4626.md b/windows/security/threat-protection/auditing/event-4626.md
index fc6a96544c..3e4a81e7d5 100644
--- a/windows/security/threat-protection/auditing/event-4626.md
+++ b/windows/security/threat-protection/auditing/event-4626.md
@@ -2,7 +2,6 @@
title: 4626(S) User/Device claims information.
description: Describes security event 4626(S) User/Device claims information. This event is generated for new account logons.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4627.md b/windows/security/threat-protection/auditing/event-4627.md
index 739f621949..bb08d6bfd0 100644
--- a/windows/security/threat-protection/auditing/event-4627.md
+++ b/windows/security/threat-protection/auditing/event-4627.md
@@ -2,7 +2,6 @@
title: 4627(S) Group membership information.
description: Describes security event 4627(S) Group membership information. This event is generated with event 4624(S) An account was successfully logged on.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4634.md b/windows/security/threat-protection/auditing/event-4634.md
index 0c24208115..6d1dd284e6 100644
--- a/windows/security/threat-protection/auditing/event-4634.md
+++ b/windows/security/threat-protection/auditing/event-4634.md
@@ -2,7 +2,6 @@
title: 4634(S) An account was logged off.
description: Describes security event 4634(S) An account was logged off. This event is generated when a logon session is terminated and no longer exists.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4647.md b/windows/security/threat-protection/auditing/event-4647.md
index 6a346735b9..d7ba93610b 100644
--- a/windows/security/threat-protection/auditing/event-4647.md
+++ b/windows/security/threat-protection/auditing/event-4647.md
@@ -2,7 +2,6 @@
title: 4647(S) User initiated logoff.
description: Describes security event 4647(S) User initiated logoff. This event is generated when a logoff is initiated. No further user-initiated activity can occur.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4648.md b/windows/security/threat-protection/auditing/event-4648.md
index 57e38cffb9..bd172bb754 100644
--- a/windows/security/threat-protection/auditing/event-4648.md
+++ b/windows/security/threat-protection/auditing/event-4648.md
@@ -2,7 +2,6 @@
title: 4648(S) A logon was attempted using explicit credentials.
description: Describes security event 4648(S) A logon was attempted using explicit credentials.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4649.md b/windows/security/threat-protection/auditing/event-4649.md
index ab9f2ef58e..81ceab6ec4 100644
--- a/windows/security/threat-protection/auditing/event-4649.md
+++ b/windows/security/threat-protection/auditing/event-4649.md
@@ -2,7 +2,6 @@
title: 4649(S) A replay attack was detected.
description: Describes security event 4649(S) A replay attack was detected. This event is generated when a KRB_AP_ERR_REPEAT Kerberos response is sent to the client.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4656.md b/windows/security/threat-protection/auditing/event-4656.md
index d019e5e260..8441566c4f 100644
--- a/windows/security/threat-protection/auditing/event-4656.md
+++ b/windows/security/threat-protection/auditing/event-4656.md
@@ -2,7 +2,6 @@
title: 4656(S, F) A handle to an object was requested.
description: Describes security event 4656(S, F) A handle to an object was requested.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4657.md b/windows/security/threat-protection/auditing/event-4657.md
index 35f1a2be85..c6279c1fa1 100644
--- a/windows/security/threat-protection/auditing/event-4657.md
+++ b/windows/security/threat-protection/auditing/event-4657.md
@@ -2,7 +2,6 @@
title: 4657(S) A registry value was modified.
description: Describes security event 4657(S) A registry value was modified. This event is generated when a registry key value is modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4658.md b/windows/security/threat-protection/auditing/event-4658.md
index ed093c51b6..346730e603 100644
--- a/windows/security/threat-protection/auditing/event-4658.md
+++ b/windows/security/threat-protection/auditing/event-4658.md
@@ -2,7 +2,6 @@
title: 4658(S) The handle to an object was closed.
description: Describes security event 4658(S) The handle to an object was closed. This event is generated when the handle to an object is closed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4660.md b/windows/security/threat-protection/auditing/event-4660.md
index 8613c16cee..820e2eed6f 100644
--- a/windows/security/threat-protection/auditing/event-4660.md
+++ b/windows/security/threat-protection/auditing/event-4660.md
@@ -2,7 +2,6 @@
title: 4660(S) An object was deleted.
description: Describes security event 4660(S) An object was deleted. This event is generated when an object is deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4661.md b/windows/security/threat-protection/auditing/event-4661.md
index ffd0495d6f..ea83c3bcec 100644
--- a/windows/security/threat-protection/auditing/event-4661.md
+++ b/windows/security/threat-protection/auditing/event-4661.md
@@ -2,7 +2,6 @@
title: 4661(S, F) A handle to an object was requested.
description: Describes security event 4661(S, F) A handle to an object was requested.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4662.md b/windows/security/threat-protection/auditing/event-4662.md
index 03c05ae001..13b91b7666 100644
--- a/windows/security/threat-protection/auditing/event-4662.md
+++ b/windows/security/threat-protection/auditing/event-4662.md
@@ -2,7 +2,6 @@
title: 4662(S, F) An operation was performed on an object.
description: Describes security event 4662(S, F) An operation was performed on an object.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4663.md b/windows/security/threat-protection/auditing/event-4663.md
index e6eb49e26e..3568c87841 100644
--- a/windows/security/threat-protection/auditing/event-4663.md
+++ b/windows/security/threat-protection/auditing/event-4663.md
@@ -2,7 +2,6 @@
title: 4663(S) An attempt was made to access an object.
description: Describes security event 4663(S) An attempt was made to access an object.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4664.md b/windows/security/threat-protection/auditing/event-4664.md
index 80106ccf42..79af8c22de 100644
--- a/windows/security/threat-protection/auditing/event-4664.md
+++ b/windows/security/threat-protection/auditing/event-4664.md
@@ -2,7 +2,6 @@
title: 4664(S) An attempt was made to create a hard link.
description: Describes security event 4664(S) An attempt was made to create a hard link.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4670.md b/windows/security/threat-protection/auditing/event-4670.md
index a2d1d9f284..45d44238be 100644
--- a/windows/security/threat-protection/auditing/event-4670.md
+++ b/windows/security/threat-protection/auditing/event-4670.md
@@ -2,7 +2,6 @@
title: 4670(S) Permissions on an object were changed.
description: Describes security event 4670(S) Permissions on an object were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4671.md b/windows/security/threat-protection/auditing/event-4671.md
index 3c078e977d..f027eb4094 100644
--- a/windows/security/threat-protection/auditing/event-4671.md
+++ b/windows/security/threat-protection/auditing/event-4671.md
@@ -2,7 +2,6 @@
title: 4671(-) An application attempted to access a blocked ordinal through the TBS.
description: Describes security event 4671(-) An application attempted to access a blocked ordinal through the TBS.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4672.md b/windows/security/threat-protection/auditing/event-4672.md
index 32e6c9eb6a..d1ea01797e 100644
--- a/windows/security/threat-protection/auditing/event-4672.md
+++ b/windows/security/threat-protection/auditing/event-4672.md
@@ -2,7 +2,6 @@
title: 4672(S) Special privileges assigned to new logon.
description: Describes security event 4672(S) Special privileges assigned to new logon.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4673.md b/windows/security/threat-protection/auditing/event-4673.md
index 7dc7f54208..492ddbcfe0 100644
--- a/windows/security/threat-protection/auditing/event-4673.md
+++ b/windows/security/threat-protection/auditing/event-4673.md
@@ -2,7 +2,6 @@
title: 4673(S, F) A privileged service was called.
description: Describes security event 4673(S, F) A privileged service was called. This event is generated for an attempt to perform privileged system service operations.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4674.md b/windows/security/threat-protection/auditing/event-4674.md
index 80a9614ae6..6f571b60ea 100644
--- a/windows/security/threat-protection/auditing/event-4674.md
+++ b/windows/security/threat-protection/auditing/event-4674.md
@@ -2,7 +2,6 @@
title: 4674(S, F) An operation was attempted on a privileged object.
description: Describes security event 4674(S, F) An operation was attempted on a privileged object.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4675.md b/windows/security/threat-protection/auditing/event-4675.md
index cdd97e8a9e..50f41a4220 100644
--- a/windows/security/threat-protection/auditing/event-4675.md
+++ b/windows/security/threat-protection/auditing/event-4675.md
@@ -2,7 +2,6 @@
title: 4675(S) SIDs were filtered.
description: Describes security event 4675(S) SIDs were filtered. This event is generated when SIDs were filtered for a specific Active Directory trust.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md
index d56ba5367b..3dd248ad3c 100644
--- a/windows/security/threat-protection/auditing/event-4688.md
+++ b/windows/security/threat-protection/auditing/event-4688.md
@@ -2,7 +2,6 @@
title: 4688(S) A new process has been created.
description: Describes security event 4688(S) A new process has been created. This event is generated when a new process starts.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 01/24/2022
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4689.md b/windows/security/threat-protection/auditing/event-4689.md
index c23269a82a..fdda28bf9a 100644
--- a/windows/security/threat-protection/auditing/event-4689.md
+++ b/windows/security/threat-protection/auditing/event-4689.md
@@ -2,7 +2,6 @@
title: 4689(S) A process has exited.
description: Describes security event 4689(S) A process has exited. This event is generates when a process exits.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4690.md b/windows/security/threat-protection/auditing/event-4690.md
index b1247baf18..7bb3a0ee1c 100644
--- a/windows/security/threat-protection/auditing/event-4690.md
+++ b/windows/security/threat-protection/auditing/event-4690.md
@@ -2,7 +2,6 @@
title: 4690(S) An attempt was made to duplicate a handle to an object.
description: Describes security event 4690(S) An attempt was made to duplicate a handle to an object.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4691.md b/windows/security/threat-protection/auditing/event-4691.md
index abc7e7224a..3d757a2f5d 100644
--- a/windows/security/threat-protection/auditing/event-4691.md
+++ b/windows/security/threat-protection/auditing/event-4691.md
@@ -2,7 +2,6 @@
title: 4691(S) Indirect access to an object was requested.
description: Describes security event 4691(S) Indirect access to an object was requested.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4692.md b/windows/security/threat-protection/auditing/event-4692.md
index fd2df12df7..bd3ed5f273 100644
--- a/windows/security/threat-protection/auditing/event-4692.md
+++ b/windows/security/threat-protection/auditing/event-4692.md
@@ -2,7 +2,6 @@
title: 4692(S, F) Backup of data protection master key was attempted.
description: Describes security event 4692(S, F) Backup of data protection master key was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4693.md b/windows/security/threat-protection/auditing/event-4693.md
index e8fd42218d..68957da33e 100644
--- a/windows/security/threat-protection/auditing/event-4693.md
+++ b/windows/security/threat-protection/auditing/event-4693.md
@@ -2,7 +2,6 @@
title: 4693(S, F) Recovery of data protection master key was attempted.
description: Describes security event 4693(S, F) Recovery of data protection master key was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4694.md b/windows/security/threat-protection/auditing/event-4694.md
index 18eed045ab..e26a1ff60f 100644
--- a/windows/security/threat-protection/auditing/event-4694.md
+++ b/windows/security/threat-protection/auditing/event-4694.md
@@ -2,7 +2,6 @@
title: 4694(S, F) Protection of auditable protected data was attempted.
description: Describes security event 4694(S, F) Protection of auditable protected data was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4695.md b/windows/security/threat-protection/auditing/event-4695.md
index 7093744387..a19d09bf9b 100644
--- a/windows/security/threat-protection/auditing/event-4695.md
+++ b/windows/security/threat-protection/auditing/event-4695.md
@@ -2,7 +2,6 @@
title: 4695(S, F) Unprotection of auditable protected data was attempted.
description: Describes security event 4695(S, F) Unprotection of auditable protected data was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4696.md b/windows/security/threat-protection/auditing/event-4696.md
index 38800c2bd2..570606c8de 100644
--- a/windows/security/threat-protection/auditing/event-4696.md
+++ b/windows/security/threat-protection/auditing/event-4696.md
@@ -2,7 +2,6 @@
title: 4696(S) A primary token was assigned to process.
description: Describes security event 4696(S) A primary token was assigned to process.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4697.md b/windows/security/threat-protection/auditing/event-4697.md
index 3775a7bda7..01e5df45ef 100644
--- a/windows/security/threat-protection/auditing/event-4697.md
+++ b/windows/security/threat-protection/auditing/event-4697.md
@@ -2,7 +2,6 @@
title: 4697(S) A service was installed in the system.
description: Describes security event 4697(S) A service was installed in the system.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4698.md b/windows/security/threat-protection/auditing/event-4698.md
index 2609217fd3..e270f187af 100644
--- a/windows/security/threat-protection/auditing/event-4698.md
+++ b/windows/security/threat-protection/auditing/event-4698.md
@@ -2,7 +2,6 @@
title: 4698(S) A scheduled task was created.
description: Describes security event 4698(S) A scheduled task was created. This event is generated when a scheduled task is created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4699.md b/windows/security/threat-protection/auditing/event-4699.md
index 87a10ab8bf..ea206aba73 100644
--- a/windows/security/threat-protection/auditing/event-4699.md
+++ b/windows/security/threat-protection/auditing/event-4699.md
@@ -2,7 +2,6 @@
title: 4699(S) A scheduled task was deleted.
description: Describes security event 4699(S) A scheduled task was deleted. This event is generated every time a scheduled task is deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4700.md b/windows/security/threat-protection/auditing/event-4700.md
index 0f8d3494fe..aae8e027d4 100644
--- a/windows/security/threat-protection/auditing/event-4700.md
+++ b/windows/security/threat-protection/auditing/event-4700.md
@@ -2,7 +2,6 @@
title: 4700(S) A scheduled task was enabled.
description: Describes security event 4700(S) A scheduled task was enabled. This event is generated every time a scheduled task is enabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4701.md b/windows/security/threat-protection/auditing/event-4701.md
index ecd015fbae..f47c7a3379 100644
--- a/windows/security/threat-protection/auditing/event-4701.md
+++ b/windows/security/threat-protection/auditing/event-4701.md
@@ -2,7 +2,6 @@
title: 4701(S) A scheduled task was disabled.
description: Describes security event 4701(S) A scheduled task was disabled. This event is generated every time a scheduled task is disabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4702.md b/windows/security/threat-protection/auditing/event-4702.md
index 68dfec7592..4bb86d53b2 100644
--- a/windows/security/threat-protection/auditing/event-4702.md
+++ b/windows/security/threat-protection/auditing/event-4702.md
@@ -2,7 +2,6 @@
title: 4702(S) A scheduled task was updated.
description: Describes security event 4702(S) A scheduled task was updated. This event is generated when a scheduled task is updated/changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4703.md b/windows/security/threat-protection/auditing/event-4703.md
index effc1b4ddc..0abe8a8e60 100644
--- a/windows/security/threat-protection/auditing/event-4703.md
+++ b/windows/security/threat-protection/auditing/event-4703.md
@@ -2,7 +2,6 @@
title: 4703(S) A user right was adjusted.
description: Describes security event 4703(S) A user right was adjusted. This event is generated when token privileges are enabled or disabled for a specific account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4704.md b/windows/security/threat-protection/auditing/event-4704.md
index 94bcdf96eb..9d80b0b5ba 100644
--- a/windows/security/threat-protection/auditing/event-4704.md
+++ b/windows/security/threat-protection/auditing/event-4704.md
@@ -2,7 +2,6 @@
title: 4704(S) A user right was assigned.
description: Describes security event 4704(S) A user right was assigned. This event is generated when a user right is assigned to an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4705.md b/windows/security/threat-protection/auditing/event-4705.md
index 1030f0b6b6..aa5fedab07 100644
--- a/windows/security/threat-protection/auditing/event-4705.md
+++ b/windows/security/threat-protection/auditing/event-4705.md
@@ -2,7 +2,6 @@
title: 4705(S) A user right was removed.
description: Describes security event 4705(S) A user right was removed. This event is generated when a user right is removed from an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4706.md b/windows/security/threat-protection/auditing/event-4706.md
index 7fdea8fb2c..d379640fbc 100644
--- a/windows/security/threat-protection/auditing/event-4706.md
+++ b/windows/security/threat-protection/auditing/event-4706.md
@@ -2,7 +2,6 @@
title: 4706(S) A new trust was created to a domain.
description: Describes security event 4706(S) A new trust was created to a domain. This event is generated when a new trust is created for a domain.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4707.md b/windows/security/threat-protection/auditing/event-4707.md
index e2a779b376..a7d7e7fab3 100644
--- a/windows/security/threat-protection/auditing/event-4707.md
+++ b/windows/security/threat-protection/auditing/event-4707.md
@@ -2,7 +2,6 @@
title: 4707(S) A trust to a domain was removed.
description: Describes security event 4707(S) A trust to a domain was removed. This event is generated when a domain trust is removed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4713.md b/windows/security/threat-protection/auditing/event-4713.md
index 49ad5eeca7..f83c8df8ce 100644
--- a/windows/security/threat-protection/auditing/event-4713.md
+++ b/windows/security/threat-protection/auditing/event-4713.md
@@ -2,7 +2,6 @@
title: 4713(S) Kerberos policy was changed.
description: Describes security event 4713(S) Kerberos policy was changed. This event is generated when Kerberos policy is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4714.md b/windows/security/threat-protection/auditing/event-4714.md
index 495cda1557..13f82a2f64 100644
--- a/windows/security/threat-protection/auditing/event-4714.md
+++ b/windows/security/threat-protection/auditing/event-4714.md
@@ -2,7 +2,6 @@
title: 4714(S) Encrypted data recovery policy was changed.
description: Describes security event 4714(S) Encrypted data recovery policy was changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4715.md b/windows/security/threat-protection/auditing/event-4715.md
index 6a09b30ae2..b92a998c6d 100644
--- a/windows/security/threat-protection/auditing/event-4715.md
+++ b/windows/security/threat-protection/auditing/event-4715.md
@@ -2,7 +2,6 @@
title: 4715(S) The audit policy (SACL) on an object was changed.
description: Describes security event 4715(S) The audit policy (SACL) on an object was changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4716.md b/windows/security/threat-protection/auditing/event-4716.md
index 12eafb94f3..42b0a6e238 100644
--- a/windows/security/threat-protection/auditing/event-4716.md
+++ b/windows/security/threat-protection/auditing/event-4716.md
@@ -2,7 +2,6 @@
title: 4716(S) Trusted domain information was modified.
description: Describes security event 4716(S) Trusted domain information was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4717.md b/windows/security/threat-protection/auditing/event-4717.md
index b02eef2f90..c41a064781 100644
--- a/windows/security/threat-protection/auditing/event-4717.md
+++ b/windows/security/threat-protection/auditing/event-4717.md
@@ -2,7 +2,6 @@
title: 4717(S) System security access was granted to an account.
description: Describes security event 4717(S) System security access was granted to an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4718.md b/windows/security/threat-protection/auditing/event-4718.md
index 14707ab644..04e8efedd9 100644
--- a/windows/security/threat-protection/auditing/event-4718.md
+++ b/windows/security/threat-protection/auditing/event-4718.md
@@ -2,7 +2,6 @@
title: 4718(S) System security access was removed from an account.
description: Describes security event 4718(S) System security access was removed from an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4719.md b/windows/security/threat-protection/auditing/event-4719.md
index 4cf66c7350..6df41ebce4 100644
--- a/windows/security/threat-protection/auditing/event-4719.md
+++ b/windows/security/threat-protection/auditing/event-4719.md
@@ -2,7 +2,6 @@
title: 4719(S) System audit policy was changed.
description: Describes security event 4719(S) System audit policy was changed. This event is generated when the computer audit policy changes.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4720.md b/windows/security/threat-protection/auditing/event-4720.md
index 5ca11d5d60..6e107ff555 100644
--- a/windows/security/threat-protection/auditing/event-4720.md
+++ b/windows/security/threat-protection/auditing/event-4720.md
@@ -2,7 +2,6 @@
title: 4720(S) A user account was created.
description: Describes security event 4720(S) A user account was created. This event is generated a user object is created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4722.md b/windows/security/threat-protection/auditing/event-4722.md
index add2d048cc..9cfac3ba8c 100644
--- a/windows/security/threat-protection/auditing/event-4722.md
+++ b/windows/security/threat-protection/auditing/event-4722.md
@@ -2,7 +2,6 @@
title: 4722(S) A user account was enabled.
description: Describes security event 4722(S) A user account was enabled. This event is generated when a user or computer object is enabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4723.md b/windows/security/threat-protection/auditing/event-4723.md
index 7aad069614..7793556fa9 100644
--- a/windows/security/threat-protection/auditing/event-4723.md
+++ b/windows/security/threat-protection/auditing/event-4723.md
@@ -2,7 +2,6 @@
title: 4723(S, F) An attempt was made to change an account's password.
description: Describes security event 4723(S, F) An attempt was made to change an account's password.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4724.md b/windows/security/threat-protection/auditing/event-4724.md
index 456ec46743..8ce482061b 100644
--- a/windows/security/threat-protection/auditing/event-4724.md
+++ b/windows/security/threat-protection/auditing/event-4724.md
@@ -2,7 +2,6 @@
title: 4724(S, F) An attempt was made to reset an account's password.
description: Describes security event 4724(S, F) An attempt was made to reset an account's password.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4725.md b/windows/security/threat-protection/auditing/event-4725.md
index 55cad0f2a1..5b0a882eac 100644
--- a/windows/security/threat-protection/auditing/event-4725.md
+++ b/windows/security/threat-protection/auditing/event-4725.md
@@ -2,7 +2,6 @@
title: 4725(S) A user account was disabled.
description: Describes security event 4725(S) A user account was disabled. This event is generated when a user or computer object is disabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4726.md b/windows/security/threat-protection/auditing/event-4726.md
index a947159c47..08c38bd0b8 100644
--- a/windows/security/threat-protection/auditing/event-4726.md
+++ b/windows/security/threat-protection/auditing/event-4726.md
@@ -2,7 +2,6 @@
title: 4726(S) A user account was deleted.
description: Describes security event 4726(S) A user account was deleted. This event is generated when a user object is deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4731.md b/windows/security/threat-protection/auditing/event-4731.md
index 2c65171ef1..f932a95fbb 100644
--- a/windows/security/threat-protection/auditing/event-4731.md
+++ b/windows/security/threat-protection/auditing/event-4731.md
@@ -2,7 +2,6 @@
title: 4731(S) A security-enabled local group was created.
description: Describes security event 4731(S) A security-enabled local group was created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4732.md b/windows/security/threat-protection/auditing/event-4732.md
index 00d16da21d..2256f550a0 100644
--- a/windows/security/threat-protection/auditing/event-4732.md
+++ b/windows/security/threat-protection/auditing/event-4732.md
@@ -2,7 +2,6 @@
title: 4732(S) A member was added to a security-enabled local group.
description: Describes security event 4732(S) A member was added to a security-enabled local group.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4733.md b/windows/security/threat-protection/auditing/event-4733.md
index 926066fb81..9dadc5c6bf 100644
--- a/windows/security/threat-protection/auditing/event-4733.md
+++ b/windows/security/threat-protection/auditing/event-4733.md
@@ -2,7 +2,6 @@
title: 4733(S) A member was removed from a security-enabled local group.
description: Describes security event 4733(S) A member was removed from a security-enabled local group.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4734.md b/windows/security/threat-protection/auditing/event-4734.md
index c2af62b2bc..ec84652e18 100644
--- a/windows/security/threat-protection/auditing/event-4734.md
+++ b/windows/security/threat-protection/auditing/event-4734.md
@@ -2,7 +2,6 @@
title: 4734(S) A security-enabled local group was deleted.
description: Describes security event 4734(S) A security-enabled local group was deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4735.md b/windows/security/threat-protection/auditing/event-4735.md
index a08fb0391f..7aadb30077 100644
--- a/windows/security/threat-protection/auditing/event-4735.md
+++ b/windows/security/threat-protection/auditing/event-4735.md
@@ -2,7 +2,6 @@
title: 4735(S) A security-enabled local group was changed.
description: Describes security event 4735(S) A security-enabled local group was changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4738.md b/windows/security/threat-protection/auditing/event-4738.md
index be3bf1a1e5..2bf505a3b7 100644
--- a/windows/security/threat-protection/auditing/event-4738.md
+++ b/windows/security/threat-protection/auditing/event-4738.md
@@ -2,7 +2,6 @@
title: 4738(S) A user account was changed.
description: Describes security event 4738(S) A user account was changed. This event is generated when a user object is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4739.md b/windows/security/threat-protection/auditing/event-4739.md
index 8b6090da8d..3aac4840a8 100644
--- a/windows/security/threat-protection/auditing/event-4739.md
+++ b/windows/security/threat-protection/auditing/event-4739.md
@@ -2,7 +2,6 @@
title: 4739(S) Domain Policy was changed.
description: Describes security event 4739(S) Domain Policy was changed. This event is generated when certain changes are made to the local computer security policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4740.md b/windows/security/threat-protection/auditing/event-4740.md
index 9fae037e5f..5447618950 100644
--- a/windows/security/threat-protection/auditing/event-4740.md
+++ b/windows/security/threat-protection/auditing/event-4740.md
@@ -2,7 +2,6 @@
title: 4740(S) A user account was locked out.
description: Describes security event 4740(S) A user account was locked out. This event is generated every time a user account is locked out.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4741.md b/windows/security/threat-protection/auditing/event-4741.md
index e26b0c96b3..37842d6609 100644
--- a/windows/security/threat-protection/auditing/event-4741.md
+++ b/windows/security/threat-protection/auditing/event-4741.md
@@ -2,7 +2,6 @@
title: 4741(S) A computer account was created.
description: Describes security event 4741(S) A computer account was created. This event is generated every time a computer object is created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4742.md b/windows/security/threat-protection/auditing/event-4742.md
index 4a82933448..a397156de0 100644
--- a/windows/security/threat-protection/auditing/event-4742.md
+++ b/windows/security/threat-protection/auditing/event-4742.md
@@ -2,7 +2,6 @@
title: 4742(S) A computer account was changed.
description: Describes security event 4742(S) A computer account was changed. This event is generated every time a computer object is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4743.md b/windows/security/threat-protection/auditing/event-4743.md
index 4f3da1ff73..7761fa540b 100644
--- a/windows/security/threat-protection/auditing/event-4743.md
+++ b/windows/security/threat-protection/auditing/event-4743.md
@@ -2,7 +2,6 @@
title: 4743(S) A computer account was deleted.
description: Describes security event 4743(S) A computer account was deleted. This event is generated every time a computer object is deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4749.md b/windows/security/threat-protection/auditing/event-4749.md
index 94f70a7eae..f0d009b637 100644
--- a/windows/security/threat-protection/auditing/event-4749.md
+++ b/windows/security/threat-protection/auditing/event-4749.md
@@ -2,7 +2,6 @@
title: 4749(S) A security-disabled global group was created.
description: Describes security event 4749(S) A security-disabled global group was created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4750.md b/windows/security/threat-protection/auditing/event-4750.md
index 98025cf33c..3a7433f4de 100644
--- a/windows/security/threat-protection/auditing/event-4750.md
+++ b/windows/security/threat-protection/auditing/event-4750.md
@@ -2,7 +2,6 @@
title: 4750(S) A security-disabled global group was changed.
description: Describes security event 4750(S) A security-disabled global group was changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4751.md b/windows/security/threat-protection/auditing/event-4751.md
index d28e5a4ace..cf6278c300 100644
--- a/windows/security/threat-protection/auditing/event-4751.md
+++ b/windows/security/threat-protection/auditing/event-4751.md
@@ -2,7 +2,6 @@
title: 4751(S) A member was added to a security-disabled global group.
description: Describes security event 4751(S) A member was added to a security-disabled global group.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4752.md b/windows/security/threat-protection/auditing/event-4752.md
index 937c2d5d78..e81f6a3046 100644
--- a/windows/security/threat-protection/auditing/event-4752.md
+++ b/windows/security/threat-protection/auditing/event-4752.md
@@ -2,7 +2,6 @@
title: 4752(S) A member was removed from a security-disabled global group.
description: Describes security event 4752(S) A member was removed from a security-disabled global group.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4753.md b/windows/security/threat-protection/auditing/event-4753.md
index e03d2dad24..ad1a890f3c 100644
--- a/windows/security/threat-protection/auditing/event-4753.md
+++ b/windows/security/threat-protection/auditing/event-4753.md
@@ -2,7 +2,6 @@
title: 4753(S) A security-disabled global group was deleted.
description: Describes security event 4753(S) A security-disabled global group was deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4764.md b/windows/security/threat-protection/auditing/event-4764.md
index 28615743d5..7edbd2330a 100644
--- a/windows/security/threat-protection/auditing/event-4764.md
+++ b/windows/security/threat-protection/auditing/event-4764.md
@@ -2,7 +2,6 @@
title: 4764(S) A group's type was changed.
description: Describes security event 4764(S) A group's type was changed. This event is generated when the type of a group is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4765.md b/windows/security/threat-protection/auditing/event-4765.md
index b7e4d12932..6f98fc7e25 100644
--- a/windows/security/threat-protection/auditing/event-4765.md
+++ b/windows/security/threat-protection/auditing/event-4765.md
@@ -2,7 +2,6 @@
title: 4765(S) SID History was added to an account.
description: Describes security event 4765(S) SID History was added to an account. This event is generated when SID History is added to an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4766.md b/windows/security/threat-protection/auditing/event-4766.md
index 6ec2b6bbf3..59ca2a65fa 100644
--- a/windows/security/threat-protection/auditing/event-4766.md
+++ b/windows/security/threat-protection/auditing/event-4766.md
@@ -2,7 +2,6 @@
title: 4766(F) An attempt to add SID History to an account failed.
description: Describes security event 4766(F) An attempt to add SID History to an account failed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4767.md b/windows/security/threat-protection/auditing/event-4767.md
index e18080c9e3..8ef81340aa 100644
--- a/windows/security/threat-protection/auditing/event-4767.md
+++ b/windows/security/threat-protection/auditing/event-4767.md
@@ -2,7 +2,6 @@
title: 4767(S) A user account was unlocked.
description: Describes security event 4767(S) A user account was unlocked. This event is generated every time a user account is unlocked.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4768.md b/windows/security/threat-protection/auditing/event-4768.md
index 9af99fe83b..d0f63ca03a 100644
--- a/windows/security/threat-protection/auditing/event-4768.md
+++ b/windows/security/threat-protection/auditing/event-4768.md
@@ -2,7 +2,6 @@
title: 4768(S, F) A Kerberos authentication ticket (TGT) was requested.
description: Describes security event 4768(S, F) A Kerberos authentication ticket (TGT) was requested.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 10/20/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4769.md b/windows/security/threat-protection/auditing/event-4769.md
index 2605d404c9..dde7e668e1 100644
--- a/windows/security/threat-protection/auditing/event-4769.md
+++ b/windows/security/threat-protection/auditing/event-4769.md
@@ -2,7 +2,6 @@
title: 4769(S, F) A Kerberos service ticket was requested.
description: Describes security event 4769(S, F) A Kerberos service ticket was requested.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4770.md b/windows/security/threat-protection/auditing/event-4770.md
index e0206db3db..398468db3c 100644
--- a/windows/security/threat-protection/auditing/event-4770.md
+++ b/windows/security/threat-protection/auditing/event-4770.md
@@ -2,7 +2,6 @@
title: 4770(S) A Kerberos service ticket was renewed.
description: Describes security event 4770(S) A Kerberos service ticket was renewed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4771.md b/windows/security/threat-protection/auditing/event-4771.md
index bad7f21c77..cfe1bcfb82 100644
--- a/windows/security/threat-protection/auditing/event-4771.md
+++ b/windows/security/threat-protection/auditing/event-4771.md
@@ -2,7 +2,6 @@
title: 4771(F) Kerberos pre-authentication failed.
description: Describes security event 4771(F) Kerberos pre-authentication failed. This event is generated when the Key Distribution Center fails to issue a Kerberos TGT.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.collection:
- highpri
- tier3
diff --git a/windows/security/threat-protection/auditing/event-4772.md b/windows/security/threat-protection/auditing/event-4772.md
index 1bb81355f0..6222ece1bb 100644
--- a/windows/security/threat-protection/auditing/event-4772.md
+++ b/windows/security/threat-protection/auditing/event-4772.md
@@ -2,7 +2,6 @@
title: 4772(F) A Kerberos authentication ticket request failed.
description: Describes security event 4772(F) A Kerberos authentication ticket request failed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4773.md b/windows/security/threat-protection/auditing/event-4773.md
index a966cf2abd..3741a22b02 100644
--- a/windows/security/threat-protection/auditing/event-4773.md
+++ b/windows/security/threat-protection/auditing/event-4773.md
@@ -2,7 +2,6 @@
title: 4773(F) A Kerberos service ticket request failed.
description: Describes security event 4773(F) A Kerberos service ticket request failed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4774.md b/windows/security/threat-protection/auditing/event-4774.md
index 5c9253d51a..25e3fe2dab 100644
--- a/windows/security/threat-protection/auditing/event-4774.md
+++ b/windows/security/threat-protection/auditing/event-4774.md
@@ -2,7 +2,6 @@
title: 4774(S, F) An account was mapped for logon.
description: Describes security event 4774(S, F) An account was mapped for logon. This event is generated when an account is mapped for logon.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4775.md b/windows/security/threat-protection/auditing/event-4775.md
index 35264e2c50..2090c1e52e 100644
--- a/windows/security/threat-protection/auditing/event-4775.md
+++ b/windows/security/threat-protection/auditing/event-4775.md
@@ -2,7 +2,6 @@
title: 4775(F) An account could not be mapped for logon.
description: Describes security event 4775(F) An account could not be mapped for logon.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md
index 736a967ea4..7911aa31f0 100644
--- a/windows/security/threat-protection/auditing/event-4776.md
+++ b/windows/security/threat-protection/auditing/event-4776.md
@@ -2,7 +2,6 @@
title: 4776(S, F) The computer attempted to validate the credentials for an account.
description: Describes security event 4776(S, F) The computer attempted to validate the credentials for an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/13/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.collection:
- highpri
- tier3
diff --git a/windows/security/threat-protection/auditing/event-4777.md b/windows/security/threat-protection/auditing/event-4777.md
index f14f4b4a58..a24c5864eb 100644
--- a/windows/security/threat-protection/auditing/event-4777.md
+++ b/windows/security/threat-protection/auditing/event-4777.md
@@ -2,7 +2,6 @@
title: 4777(F) The domain controller failed to validate the credentials for an account.
description: Describes security event 4777(F) The domain controller failed to validate the credentials for an account.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4778.md b/windows/security/threat-protection/auditing/event-4778.md
index d9a5bd2d94..0399f1f5c4 100644
--- a/windows/security/threat-protection/auditing/event-4778.md
+++ b/windows/security/threat-protection/auditing/event-4778.md
@@ -2,7 +2,6 @@
title: 4778(S) A session was reconnected to a Window Station.
description: Describes security event 4778(S) A session was reconnected to a Window Station.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4779.md b/windows/security/threat-protection/auditing/event-4779.md
index 3ab94db6fb..5852da5e2a 100644
--- a/windows/security/threat-protection/auditing/event-4779.md
+++ b/windows/security/threat-protection/auditing/event-4779.md
@@ -2,7 +2,6 @@
title: 4779(S) A session was disconnected from a Window Station.
description: Describes security event 4779(S) A session was disconnected from a Window Station.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4780.md b/windows/security/threat-protection/auditing/event-4780.md
index 8bc11f4997..e7c43cf82e 100644
--- a/windows/security/threat-protection/auditing/event-4780.md
+++ b/windows/security/threat-protection/auditing/event-4780.md
@@ -2,7 +2,6 @@
title: 4780(S) The ACL was set on accounts which are members of administrators groups.
description: Describes security event 4780(S) The ACL was set on accounts which are members of administrators groups.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4781.md b/windows/security/threat-protection/auditing/event-4781.md
index 3918ee0ef1..96fd56086f 100644
--- a/windows/security/threat-protection/auditing/event-4781.md
+++ b/windows/security/threat-protection/auditing/event-4781.md
@@ -2,7 +2,6 @@
title: 4781(S) The name of an account was changed.
description: Describes security event 4781(S) The name of an account was changed. This event is generated every time a user or computer account name is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4782.md b/windows/security/threat-protection/auditing/event-4782.md
index 83020ee642..4f20ae39d6 100644
--- a/windows/security/threat-protection/auditing/event-4782.md
+++ b/windows/security/threat-protection/auditing/event-4782.md
@@ -2,7 +2,6 @@
title: 4782(S) The password hash of an account was accessed.
description: Describes security event 4782(S) The password hash of an account was accessed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4793.md b/windows/security/threat-protection/auditing/event-4793.md
index 4774459a71..713ca3f5de 100644
--- a/windows/security/threat-protection/auditing/event-4793.md
+++ b/windows/security/threat-protection/auditing/event-4793.md
@@ -2,7 +2,6 @@
title: 4793(S) The Password Policy Checking API was called.
description: Describes security event 4793(S) The Password Policy Checking API was called.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4794.md b/windows/security/threat-protection/auditing/event-4794.md
index ed8e9aebdc..29e851f761 100644
--- a/windows/security/threat-protection/auditing/event-4794.md
+++ b/windows/security/threat-protection/auditing/event-4794.md
@@ -2,7 +2,6 @@
title: 4794(S, F) An attempt was made to set the Directory Services Restore Mode administrator password.
description: Describes security event 4794(S, F) An attempt was made to set the Directory Services Restore Mode administrator password.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4798.md b/windows/security/threat-protection/auditing/event-4798.md
index 8c5e7d3c50..7a66f7461c 100644
--- a/windows/security/threat-protection/auditing/event-4798.md
+++ b/windows/security/threat-protection/auditing/event-4798.md
@@ -2,7 +2,6 @@
title: 4798(S) A user's local group membership was enumerated.
description: Describes security event 4798(S) A user's local group membership was enumerated.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4799.md b/windows/security/threat-protection/auditing/event-4799.md
index a089e448f4..7b4aead71c 100644
--- a/windows/security/threat-protection/auditing/event-4799.md
+++ b/windows/security/threat-protection/auditing/event-4799.md
@@ -2,7 +2,6 @@
title: 4799(S) A security-enabled local group membership was enumerated.
description: Describes security event 4799(S) A security-enabled local group membership was enumerated.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4800.md b/windows/security/threat-protection/auditing/event-4800.md
index fcacf65cb0..35f11545c6 100644
--- a/windows/security/threat-protection/auditing/event-4800.md
+++ b/windows/security/threat-protection/auditing/event-4800.md
@@ -2,7 +2,6 @@
title: 4800(S) The workstation was locked.
description: Describes security event 4800(S) The workstation was locked. This event is generated when a workstation is locked.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4801.md b/windows/security/threat-protection/auditing/event-4801.md
index 94d9dee683..348ba5fce6 100644
--- a/windows/security/threat-protection/auditing/event-4801.md
+++ b/windows/security/threat-protection/auditing/event-4801.md
@@ -2,7 +2,6 @@
title: 4801(S) The workstation was unlocked.
description: Describes security event 4801(S) The workstation was unlocked. This event is generated when workstation is unlocked.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4802.md b/windows/security/threat-protection/auditing/event-4802.md
index 82492616cc..9884000aae 100644
--- a/windows/security/threat-protection/auditing/event-4802.md
+++ b/windows/security/threat-protection/auditing/event-4802.md
@@ -2,7 +2,6 @@
title: 4802(S) The screen saver was invoked.
description: Describes security event 4802(S) The screen saver was invoked. This event is generated when screen saver is invoked.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4803.md b/windows/security/threat-protection/auditing/event-4803.md
index 497a3a8d07..8fae699b17 100644
--- a/windows/security/threat-protection/auditing/event-4803.md
+++ b/windows/security/threat-protection/auditing/event-4803.md
@@ -2,7 +2,6 @@
title: 4803(S) The screen saver was dismissed.
description: Describes security event 4803(S) The screen saver was dismissed. This event is generated when screen saver is dismissed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4816.md b/windows/security/threat-protection/auditing/event-4816.md
index be77d5a97c..3cfcc91bde 100644
--- a/windows/security/threat-protection/auditing/event-4816.md
+++ b/windows/security/threat-protection/auditing/event-4816.md
@@ -2,7 +2,6 @@
title: 4816(S) RPC detected an integrity violation while decrypting an incoming message.
description: Describes security event 4816(S) RPC detected an integrity violation while decrypting an incoming message.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4817.md b/windows/security/threat-protection/auditing/event-4817.md
index e166782510..685c9a0c84 100644
--- a/windows/security/threat-protection/auditing/event-4817.md
+++ b/windows/security/threat-protection/auditing/event-4817.md
@@ -2,7 +2,6 @@
title: 4817(S) Auditing settings on object were changed.
description: Describes security event 4817(S) Auditing settings on object were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4818.md b/windows/security/threat-protection/auditing/event-4818.md
index 127a71406e..b502dcb97b 100644
--- a/windows/security/threat-protection/auditing/event-4818.md
+++ b/windows/security/threat-protection/auditing/event-4818.md
@@ -2,7 +2,6 @@
title: 4818(S) Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.
description: Describes security event 4818(S) Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4819.md b/windows/security/threat-protection/auditing/event-4819.md
index 0e479a57b1..b1b3d80845 100644
--- a/windows/security/threat-protection/auditing/event-4819.md
+++ b/windows/security/threat-protection/auditing/event-4819.md
@@ -2,7 +2,6 @@
title: 4819(S) Central Access Policies on the machine have been changed.
description: Describes security event 4819(S) Central Access Policies on the machine have been changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4826.md b/windows/security/threat-protection/auditing/event-4826.md
index 2e79af5e64..d776cba974 100644
--- a/windows/security/threat-protection/auditing/event-4826.md
+++ b/windows/security/threat-protection/auditing/event-4826.md
@@ -2,7 +2,6 @@
title: 4826(S) Boot Configuration Data loaded.
description: Describes security event 4826(S) Boot Configuration Data loaded. This event is generated every time system starts and loads Boot Configuration Data settings.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4864.md b/windows/security/threat-protection/auditing/event-4864.md
index cbed773c60..3d52b57ab7 100644
--- a/windows/security/threat-protection/auditing/event-4864.md
+++ b/windows/security/threat-protection/auditing/event-4864.md
@@ -2,7 +2,6 @@
title: 4864(S) A namespace collision was detected.
description: Describes security event 4864(S) A namespace collision was detected. This event is generated when a namespace collision is detected.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4865.md b/windows/security/threat-protection/auditing/event-4865.md
index 8b792069f3..f98be7ebdc 100644
--- a/windows/security/threat-protection/auditing/event-4865.md
+++ b/windows/security/threat-protection/auditing/event-4865.md
@@ -2,7 +2,6 @@
title: 4865(S) A trusted forest information entry was added.
description: Describes security event 4865(S) A trusted forest information entry was added.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4866.md b/windows/security/threat-protection/auditing/event-4866.md
index 2ec48bdf4f..f138df2d0a 100644
--- a/windows/security/threat-protection/auditing/event-4866.md
+++ b/windows/security/threat-protection/auditing/event-4866.md
@@ -2,7 +2,6 @@
title: 4866(S) A trusted forest information entry was removed.
description: Describes security event 4866(S) A trusted forest information entry was removed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4867.md b/windows/security/threat-protection/auditing/event-4867.md
index b4affb0ff4..e86b7b7afe 100644
--- a/windows/security/threat-protection/auditing/event-4867.md
+++ b/windows/security/threat-protection/auditing/event-4867.md
@@ -2,7 +2,6 @@
title: 4867(S) A trusted forest information entry was modified.
description: Describes security event 4867(S) A trusted forest information entry was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4902.md b/windows/security/threat-protection/auditing/event-4902.md
index a53fd03d58..0cd35ad40a 100644
--- a/windows/security/threat-protection/auditing/event-4902.md
+++ b/windows/security/threat-protection/auditing/event-4902.md
@@ -2,7 +2,6 @@
title: 4902(S) The Per-user audit policy table was created.
description: Describes security event 4902(S) The Per-user audit policy table was created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4904.md b/windows/security/threat-protection/auditing/event-4904.md
index 1f7335e6da..0da52bcaf6 100644
--- a/windows/security/threat-protection/auditing/event-4904.md
+++ b/windows/security/threat-protection/auditing/event-4904.md
@@ -2,7 +2,6 @@
title: 4904(S) An attempt was made to register a security event source.
description: Describes security event 4904(S) An attempt was made to register a security event source.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/07/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4905.md b/windows/security/threat-protection/auditing/event-4905.md
index c710230070..bda5be072e 100644
--- a/windows/security/threat-protection/auditing/event-4905.md
+++ b/windows/security/threat-protection/auditing/event-4905.md
@@ -2,7 +2,6 @@
title: 4905(S) An attempt was made to unregister a security event source.
description: Describes security event 4905(S) An attempt was made to unregister a security event source.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4906.md b/windows/security/threat-protection/auditing/event-4906.md
index 2cdc197a9b..ba0d53e713 100644
--- a/windows/security/threat-protection/auditing/event-4906.md
+++ b/windows/security/threat-protection/auditing/event-4906.md
@@ -2,7 +2,6 @@
title: 4906(S) The CrashOnAuditFail value has changed.
description: Describes security event 4906(S) The CrashOnAuditFail value has changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4907.md b/windows/security/threat-protection/auditing/event-4907.md
index 91ed3cfa75..413c994ac3 100644
--- a/windows/security/threat-protection/auditing/event-4907.md
+++ b/windows/security/threat-protection/auditing/event-4907.md
@@ -2,7 +2,6 @@
title: 4907(S) Auditing settings on object were changed.
description: Describes security event 4907(S) Auditing settings on object were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md
index 58d9d7331a..3f6c135f60 100644
--- a/windows/security/threat-protection/auditing/event-4908.md
+++ b/windows/security/threat-protection/auditing/event-4908.md
@@ -2,7 +2,6 @@
title: 4908(S) Special Groups Logon table modified.
description: Describes security event 4908(S) Special Groups Logon table modified. This event is generated when the Special Groups Logon table is modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4909.md b/windows/security/threat-protection/auditing/event-4909.md
index 6420bf04c1..d1a8711011 100644
--- a/windows/security/threat-protection/auditing/event-4909.md
+++ b/windows/security/threat-protection/auditing/event-4909.md
@@ -2,7 +2,6 @@
title: 4909(-) The local policy settings for the TBS were changed.
description: Describes security event 4909(-) The local policy settings for the TBS were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4910.md b/windows/security/threat-protection/auditing/event-4910.md
index a541352ac0..37f4293a84 100644
--- a/windows/security/threat-protection/auditing/event-4910.md
+++ b/windows/security/threat-protection/auditing/event-4910.md
@@ -2,7 +2,6 @@
title: 4910(-) The group policy settings for the TBS were changed.
description: Describes security event 4910(-) The group policy settings for the TBS were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4911.md b/windows/security/threat-protection/auditing/event-4911.md
index c31636a2f6..ea45660bc8 100644
--- a/windows/security/threat-protection/auditing/event-4911.md
+++ b/windows/security/threat-protection/auditing/event-4911.md
@@ -2,7 +2,6 @@
title: 4911(S) Resource attributes of the object were changed.
description: Describes security event 4911(S) Resource attributes of the object were changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4912.md b/windows/security/threat-protection/auditing/event-4912.md
index 152e9607f3..8670490796 100644
--- a/windows/security/threat-protection/auditing/event-4912.md
+++ b/windows/security/threat-protection/auditing/event-4912.md
@@ -2,7 +2,6 @@
title: 4912(S) Per User Audit Policy was changed.
description: Describes security event 4912(S) Per User Audit Policy was changed. This event is generated every time Per User Audit Policy is changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4913.md b/windows/security/threat-protection/auditing/event-4913.md
index 5da5f88ef9..279791472e 100644
--- a/windows/security/threat-protection/auditing/event-4913.md
+++ b/windows/security/threat-protection/auditing/event-4913.md
@@ -2,7 +2,6 @@
title: 4913(S) Central Access Policy on the object was changed.
description: Describes security event 4913(S) Central Access Policy on the object was changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4928.md b/windows/security/threat-protection/auditing/event-4928.md
index 371f4689c7..370b7401c1 100644
--- a/windows/security/threat-protection/auditing/event-4928.md
+++ b/windows/security/threat-protection/auditing/event-4928.md
@@ -2,7 +2,6 @@
title: 4928(S, F) An Active Directory replica source naming context was established.
description: Describes security event 4928(S, F) An Active Directory replica source naming context was established.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4929.md b/windows/security/threat-protection/auditing/event-4929.md
index 288d0528f8..76891ca2a8 100644
--- a/windows/security/threat-protection/auditing/event-4929.md
+++ b/windows/security/threat-protection/auditing/event-4929.md
@@ -2,7 +2,6 @@
title: 4929(S, F) An Active Directory replica source naming context was removed.
description: Describes security event 4929(S, F) An Active Directory replica source naming context was removed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4930.md b/windows/security/threat-protection/auditing/event-4930.md
index ca6a21d07a..5b50e911b7 100644
--- a/windows/security/threat-protection/auditing/event-4930.md
+++ b/windows/security/threat-protection/auditing/event-4930.md
@@ -2,7 +2,6 @@
title: 4930(S, F) An Active Directory replica source naming context was modified.
description: Describes security event 4930(S, F) An Active Directory replica source naming context was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4931.md b/windows/security/threat-protection/auditing/event-4931.md
index 0f1f2d11af..253625ddd5 100644
--- a/windows/security/threat-protection/auditing/event-4931.md
+++ b/windows/security/threat-protection/auditing/event-4931.md
@@ -2,7 +2,6 @@
title: 4931(S, F) An Active Directory replica destination naming context was modified.
description: Describes security event 4931(S, F) An Active Directory replica destination naming context was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4932.md b/windows/security/threat-protection/auditing/event-4932.md
index 574e020321..94321a4fc3 100644
--- a/windows/security/threat-protection/auditing/event-4932.md
+++ b/windows/security/threat-protection/auditing/event-4932.md
@@ -2,7 +2,6 @@
title: 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
description: Describes security event 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4933.md b/windows/security/threat-protection/auditing/event-4933.md
index 54e6d63dd5..7747d4c6e7 100644
--- a/windows/security/threat-protection/auditing/event-4933.md
+++ b/windows/security/threat-protection/auditing/event-4933.md
@@ -2,7 +2,6 @@
title: 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
description: Describes security event 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4934.md b/windows/security/threat-protection/auditing/event-4934.md
index 363e2dea0f..52cfbf71f4 100644
--- a/windows/security/threat-protection/auditing/event-4934.md
+++ b/windows/security/threat-protection/auditing/event-4934.md
@@ -2,7 +2,6 @@
title: 4934(S) Attributes of an Active Directory object were replicated.
description: Describes security event 4934(S) Attributes of an Active Directory object were replicated.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4935.md b/windows/security/threat-protection/auditing/event-4935.md
index 04b067063a..cff9eedb80 100644
--- a/windows/security/threat-protection/auditing/event-4935.md
+++ b/windows/security/threat-protection/auditing/event-4935.md
@@ -2,7 +2,6 @@
title: 4935(F) Replication failure begins.
description: Describes security event 4935(F) Replication failure begins. This event is generated when Active Directory replication failure begins.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4936.md b/windows/security/threat-protection/auditing/event-4936.md
index 04fb5a689c..fb2ebfa921 100644
--- a/windows/security/threat-protection/auditing/event-4936.md
+++ b/windows/security/threat-protection/auditing/event-4936.md
@@ -2,7 +2,6 @@
title: 4936(S) Replication failure ends.
description: Describes security event 4936(S) Replication failure ends. This event is generated when Active Directory replication failure ends.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4937.md b/windows/security/threat-protection/auditing/event-4937.md
index ad871628bd..d368e3a4b5 100644
--- a/windows/security/threat-protection/auditing/event-4937.md
+++ b/windows/security/threat-protection/auditing/event-4937.md
@@ -2,7 +2,6 @@
title: 4937(S) A lingering object was removed from a replica.
description: Describes security event 4937(S) A lingering object was removed from a replica.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4944.md b/windows/security/threat-protection/auditing/event-4944.md
index d93811a130..44a42b082b 100644
--- a/windows/security/threat-protection/auditing/event-4944.md
+++ b/windows/security/threat-protection/auditing/event-4944.md
@@ -2,7 +2,6 @@
title: 4944(S) The following policy was active when the Windows Firewall started.
description: Describes security event 4944(S) The following policy was active when the Windows Firewall started.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4945.md b/windows/security/threat-protection/auditing/event-4945.md
index 8099cfeca6..446c3da541 100644
--- a/windows/security/threat-protection/auditing/event-4945.md
+++ b/windows/security/threat-protection/auditing/event-4945.md
@@ -2,7 +2,6 @@
title: 4945(S) A rule was listed when the Windows Firewall started.
description: Describes security event 4945(S) A rule was listed when the Windows Firewall started.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4946.md b/windows/security/threat-protection/auditing/event-4946.md
index 077de83d96..a823ec76fa 100644
--- a/windows/security/threat-protection/auditing/event-4946.md
+++ b/windows/security/threat-protection/auditing/event-4946.md
@@ -2,7 +2,6 @@
title: 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
description: Describes security event 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4947.md b/windows/security/threat-protection/auditing/event-4947.md
index 7647e63929..0eff4491dc 100644
--- a/windows/security/threat-protection/auditing/event-4947.md
+++ b/windows/security/threat-protection/auditing/event-4947.md
@@ -2,7 +2,6 @@
title: 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
description: Describes security event 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4948.md b/windows/security/threat-protection/auditing/event-4948.md
index 9000f97907..66e43ae5bd 100644
--- a/windows/security/threat-protection/auditing/event-4948.md
+++ b/windows/security/threat-protection/auditing/event-4948.md
@@ -2,7 +2,6 @@
title: 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
description: Describes security event 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4949.md b/windows/security/threat-protection/auditing/event-4949.md
index 188a147179..c2ca64e36a 100644
--- a/windows/security/threat-protection/auditing/event-4949.md
+++ b/windows/security/threat-protection/auditing/event-4949.md
@@ -2,7 +2,6 @@
title: 4949(S) Windows Firewall settings were restored to the default values.
description: Describes security event 4949(S) Windows Firewall settings were restored to the default values.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4950.md b/windows/security/threat-protection/auditing/event-4950.md
index 4b7c3ef8da..fe1a3cacc8 100644
--- a/windows/security/threat-protection/auditing/event-4950.md
+++ b/windows/security/threat-protection/auditing/event-4950.md
@@ -2,7 +2,6 @@
title: 4950(S) A Windows Firewall setting has changed.
description: Describes security event 4950(S) A Windows Firewall setting has changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4951.md b/windows/security/threat-protection/auditing/event-4951.md
index 3922a0d9bc..e83a14e571 100644
--- a/windows/security/threat-protection/auditing/event-4951.md
+++ b/windows/security/threat-protection/auditing/event-4951.md
@@ -2,7 +2,6 @@
title: 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
description: Describes security event 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4952.md b/windows/security/threat-protection/auditing/event-4952.md
index 1b2c9a1677..d727a8f210 100644
--- a/windows/security/threat-protection/auditing/event-4952.md
+++ b/windows/security/threat-protection/auditing/event-4952.md
@@ -2,7 +2,6 @@
title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.
description: Security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4953.md b/windows/security/threat-protection/auditing/event-4953.md
index dcb48de16e..a729e5af8e 100644
--- a/windows/security/threat-protection/auditing/event-4953.md
+++ b/windows/security/threat-protection/auditing/event-4953.md
@@ -2,7 +2,6 @@
title: 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
description: Describes security event 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4954.md b/windows/security/threat-protection/auditing/event-4954.md
index 42e1732841..cdb31c5fbb 100644
--- a/windows/security/threat-protection/auditing/event-4954.md
+++ b/windows/security/threat-protection/auditing/event-4954.md
@@ -2,7 +2,6 @@
title: 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
description: Describes security event 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4956.md b/windows/security/threat-protection/auditing/event-4956.md
index ab54b58db2..299e21d03c 100644
--- a/windows/security/threat-protection/auditing/event-4956.md
+++ b/windows/security/threat-protection/auditing/event-4956.md
@@ -2,7 +2,6 @@
title: 4956(S) Windows Firewall has changed the active profile.
description: Describes security event 4956(S) Windows Firewall has changed the active profile.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4957.md b/windows/security/threat-protection/auditing/event-4957.md
index 0049947eee..a2fd4fd1b8 100644
--- a/windows/security/threat-protection/auditing/event-4957.md
+++ b/windows/security/threat-protection/auditing/event-4957.md
@@ -2,7 +2,6 @@
title: 4957(F) Windows Firewall did not apply the following rule.
description: Describes security event 4957(F) Windows Firewall didn't apply the following rule.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4958.md b/windows/security/threat-protection/auditing/event-4958.md
index f1cbaa0f1d..b46bed82ca 100644
--- a/windows/security/threat-protection/auditing/event-4958.md
+++ b/windows/security/threat-protection/auditing/event-4958.md
@@ -2,7 +2,6 @@
title: 4958(F) Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer.
description: Describes security event 4958(F) Windows Firewall didn't apply the following rule because the rule referred to items not configured on this computer.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4964.md b/windows/security/threat-protection/auditing/event-4964.md
index 5567fdf5b4..12b5bf4a9b 100644
--- a/windows/security/threat-protection/auditing/event-4964.md
+++ b/windows/security/threat-protection/auditing/event-4964.md
@@ -2,7 +2,6 @@
title: 4964(S) Special groups have been assigned to a new logon.
description: Describes security event 4964(S) Special groups have been assigned to a new logon.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-4985.md b/windows/security/threat-protection/auditing/event-4985.md
index 4caca31a8e..843551f1d1 100644
--- a/windows/security/threat-protection/auditing/event-4985.md
+++ b/windows/security/threat-protection/auditing/event-4985.md
@@ -2,7 +2,6 @@
title: 4985(S) The state of a transaction has changed.
description: Describes security event 4985(S) The state of a transaction has changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5024.md b/windows/security/threat-protection/auditing/event-5024.md
index ff2c44088f..00353b46f9 100644
--- a/windows/security/threat-protection/auditing/event-5024.md
+++ b/windows/security/threat-protection/auditing/event-5024.md
@@ -2,7 +2,6 @@
title: 5024(S) The Windows Firewall Service has started successfully.
description: Describes security event 5024(S) The Windows Firewall Service has started successfully.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5025.md b/windows/security/threat-protection/auditing/event-5025.md
index 334431f02f..d13e773f3e 100644
--- a/windows/security/threat-protection/auditing/event-5025.md
+++ b/windows/security/threat-protection/auditing/event-5025.md
@@ -2,7 +2,6 @@
title: 5025(S) The Windows Firewall Service has been stopped.
description: Describes security event 5025(S) The Windows Firewall Service has been stopped.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5027.md b/windows/security/threat-protection/auditing/event-5027.md
index 1633648148..f9bd6770a1 100644
--- a/windows/security/threat-protection/auditing/event-5027.md
+++ b/windows/security/threat-protection/auditing/event-5027.md
@@ -2,7 +2,6 @@
title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.
description: Details on security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5028.md b/windows/security/threat-protection/auditing/event-5028.md
index c83b0a955a..8c49e63b2b 100644
--- a/windows/security/threat-protection/auditing/event-5028.md
+++ b/windows/security/threat-protection/auditing/event-5028.md
@@ -2,7 +2,6 @@
title: 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
description: Describes security event 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5029.md b/windows/security/threat-protection/auditing/event-5029.md
index 4050293075..dfa020140d 100644
--- a/windows/security/threat-protection/auditing/event-5029.md
+++ b/windows/security/threat-protection/auditing/event-5029.md
@@ -2,7 +2,6 @@
title: 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
description: Describes security event 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5030.md b/windows/security/threat-protection/auditing/event-5030.md
index 19faefd2f3..145336f252 100644
--- a/windows/security/threat-protection/auditing/event-5030.md
+++ b/windows/security/threat-protection/auditing/event-5030.md
@@ -2,7 +2,6 @@
title: 5030(F) The Windows Firewall Service failed to start.
description: Describes security event 5030(F) The Windows Firewall Service failed to start.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5031.md b/windows/security/threat-protection/auditing/event-5031.md
index 1187494a86..c569dbc016 100644
--- a/windows/security/threat-protection/auditing/event-5031.md
+++ b/windows/security/threat-protection/auditing/event-5031.md
@@ -5,13 +5,11 @@ manager: aaroncz
ms.author: vinpa
description: Describes security event 5031(F) The Windows Firewall Service blocked an application from accepting incoming connections on the network.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
author: vinaypamnani-msft
ms.date: 09/08/2021
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5032.md b/windows/security/threat-protection/auditing/event-5032.md
index 369d590db9..f982635697 100644
--- a/windows/security/threat-protection/auditing/event-5032.md
+++ b/windows/security/threat-protection/auditing/event-5032.md
@@ -2,7 +2,6 @@
title: 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
description: Describes security event 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5033.md b/windows/security/threat-protection/auditing/event-5033.md
index bd275a6463..65e7a2f819 100644
--- a/windows/security/threat-protection/auditing/event-5033.md
+++ b/windows/security/threat-protection/auditing/event-5033.md
@@ -2,7 +2,6 @@
title: 5033(S) The Windows Firewall Driver has started successfully.
description: Describes security event 5033(S) The Windows Firewall Driver has started successfully.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5034.md b/windows/security/threat-protection/auditing/event-5034.md
index bd017daa1f..604aaafc09 100644
--- a/windows/security/threat-protection/auditing/event-5034.md
+++ b/windows/security/threat-protection/auditing/event-5034.md
@@ -2,7 +2,6 @@
title: 5034(S) The Windows Firewall Driver was stopped.
description: Describes security event 5034(S) The Windows Firewall Driver was stopped.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5035.md b/windows/security/threat-protection/auditing/event-5035.md
index cda5f7ddc7..b0290be5fc 100644
--- a/windows/security/threat-protection/auditing/event-5035.md
+++ b/windows/security/threat-protection/auditing/event-5035.md
@@ -2,7 +2,6 @@
title: 5035(F) The Windows Firewall Driver failed to start.
description: Describes security event 5035(F) The Windows Firewall Driver failed to start.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5037.md b/windows/security/threat-protection/auditing/event-5037.md
index 6421be47c1..8f22210755 100644
--- a/windows/security/threat-protection/auditing/event-5037.md
+++ b/windows/security/threat-protection/auditing/event-5037.md
@@ -2,7 +2,6 @@
title: 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
description: Describes security event 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5038.md b/windows/security/threat-protection/auditing/event-5038.md
index 865a9e7de3..84ad591d34 100644
--- a/windows/security/threat-protection/auditing/event-5038.md
+++ b/windows/security/threat-protection/auditing/event-5038.md
@@ -2,7 +2,6 @@
title: 5038(F) Code integrity determined that the image hash of a file is not valid.
description: Describes security event 5038(F) Code integrity determined that the image hash of a file isn't valid.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5039.md b/windows/security/threat-protection/auditing/event-5039.md
index 3d9ba6fd9a..a1b4dc60e2 100644
--- a/windows/security/threat-protection/auditing/event-5039.md
+++ b/windows/security/threat-protection/auditing/event-5039.md
@@ -2,7 +2,6 @@
title: 5039(-) A registry key was virtualized.
description: Describes security event 5039(-) A registry key was virtualized. This event is generated when a registry key is virtualized using LUAFV.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5051.md b/windows/security/threat-protection/auditing/event-5051.md
index 706e02d603..6ced4325e8 100644
--- a/windows/security/threat-protection/auditing/event-5051.md
+++ b/windows/security/threat-protection/auditing/event-5051.md
@@ -2,7 +2,6 @@
title: 5051(-) A file was virtualized.
description: Describes security event 5051(-) A file was virtualized. This event is generated when a file is virtualized using LUAFV.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5056.md b/windows/security/threat-protection/auditing/event-5056.md
index d67c948bf7..5130521799 100644
--- a/windows/security/threat-protection/auditing/event-5056.md
+++ b/windows/security/threat-protection/auditing/event-5056.md
@@ -2,7 +2,6 @@
title: 5056(S) A cryptographic self-test was performed.
description: Describes security event 5056(S) A cryptographic self-test was performed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5057.md b/windows/security/threat-protection/auditing/event-5057.md
index 9c4c3bbbc7..b45863a7f8 100644
--- a/windows/security/threat-protection/auditing/event-5057.md
+++ b/windows/security/threat-protection/auditing/event-5057.md
@@ -2,7 +2,6 @@
title: 5057(F) A cryptographic primitive operation failed.
description: Describes security event 5057(F) A cryptographic primitive operation failed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5058.md b/windows/security/threat-protection/auditing/event-5058.md
index b8f43fd22c..52e292db53 100644
--- a/windows/security/threat-protection/auditing/event-5058.md
+++ b/windows/security/threat-protection/auditing/event-5058.md
@@ -2,7 +2,6 @@
title: 5058(S, F) Key file operation.
description: Describes security event 5058(S, F) Key file operation. This event is generated when an operation is performed on a file that contains a KSP key.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5059.md b/windows/security/threat-protection/auditing/event-5059.md
index 80656eb84c..0631adf2e0 100644
--- a/windows/security/threat-protection/auditing/event-5059.md
+++ b/windows/security/threat-protection/auditing/event-5059.md
@@ -2,7 +2,6 @@
title: 5059(S, F) Key migration operation.
description: Describes security event 5059(S, F) Key migration operation. This event is generated when a cryptographic key is exported/imported using a Key Storage Provider.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5060.md b/windows/security/threat-protection/auditing/event-5060.md
index 95c791073a..fda2a9d82d 100644
--- a/windows/security/threat-protection/auditing/event-5060.md
+++ b/windows/security/threat-protection/auditing/event-5060.md
@@ -2,7 +2,6 @@
title: 5060(F) Verification operation failed.
description: Describes security event 5060(F) Verification operation failed. This event is generated when the CNG verification operation fails.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5061.md b/windows/security/threat-protection/auditing/event-5061.md
index 37ce0fe43d..7d05fab9d4 100644
--- a/windows/security/threat-protection/auditing/event-5061.md
+++ b/windows/security/threat-protection/auditing/event-5061.md
@@ -2,7 +2,6 @@
title: 5061(S, F) Cryptographic operation.
description: Describes security event 5061(S, F) Cryptographic operation. This event is generated when a cryptographic operation is performed using a Key Storage Provider.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5062.md b/windows/security/threat-protection/auditing/event-5062.md
index 8273fa0b06..50bb1114e2 100644
--- a/windows/security/threat-protection/auditing/event-5062.md
+++ b/windows/security/threat-protection/auditing/event-5062.md
@@ -2,7 +2,6 @@
title: 5062(S) A kernel-mode cryptographic self-test was performed.
description: Describes security event 5062(S) A kernel-mode cryptographic self-test was performed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5063.md b/windows/security/threat-protection/auditing/event-5063.md
index 111a1bebce..1d05f6f799 100644
--- a/windows/security/threat-protection/auditing/event-5063.md
+++ b/windows/security/threat-protection/auditing/event-5063.md
@@ -2,7 +2,6 @@
title: 5063(S, F) A cryptographic provider operation was attempted.
description: Describes security event 5063(S, F) A cryptographic provider operation was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5064.md b/windows/security/threat-protection/auditing/event-5064.md
index 3414385e9f..f727a5f6af 100644
--- a/windows/security/threat-protection/auditing/event-5064.md
+++ b/windows/security/threat-protection/auditing/event-5064.md
@@ -2,7 +2,6 @@
title: 5064(S, F) A cryptographic context operation was attempted.
description: Describes security event 5064(S, F) A cryptographic context operation was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5065.md b/windows/security/threat-protection/auditing/event-5065.md
index 2543372fd8..e94042c052 100644
--- a/windows/security/threat-protection/auditing/event-5065.md
+++ b/windows/security/threat-protection/auditing/event-5065.md
@@ -2,7 +2,6 @@
title: 5065(S, F) A cryptographic context modification was attempted.
description: Describes security event 5065(S, F) A cryptographic context modification was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5066.md b/windows/security/threat-protection/auditing/event-5066.md
index 6385f0488a..4aabb3e542 100644
--- a/windows/security/threat-protection/auditing/event-5066.md
+++ b/windows/security/threat-protection/auditing/event-5066.md
@@ -2,7 +2,6 @@
title: 5066(S, F) A cryptographic function operation was attempted.
description: Describes security event 5066(S, F) A cryptographic function operation was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5067.md b/windows/security/threat-protection/auditing/event-5067.md
index 16a2775d06..d7a4d6a6b2 100644
--- a/windows/security/threat-protection/auditing/event-5067.md
+++ b/windows/security/threat-protection/auditing/event-5067.md
@@ -2,7 +2,6 @@
title: 5067(S, F) A cryptographic function modification was attempted.
description: Describes security event 5067(S, F) A cryptographic function modification was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5068.md b/windows/security/threat-protection/auditing/event-5068.md
index 49659e38f5..a86f4345b5 100644
--- a/windows/security/threat-protection/auditing/event-5068.md
+++ b/windows/security/threat-protection/auditing/event-5068.md
@@ -2,7 +2,6 @@
title: 5068(S, F) A cryptographic function provider operation was attempted.
description: Describes security event 5068(S, F) A cryptographic function provider operation was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5069.md b/windows/security/threat-protection/auditing/event-5069.md
index ffcfb92ca9..15b6f1bbe3 100644
--- a/windows/security/threat-protection/auditing/event-5069.md
+++ b/windows/security/threat-protection/auditing/event-5069.md
@@ -2,7 +2,6 @@
title: 5069(S, F) A cryptographic function property operation was attempted.
description: Describes security event 5069(S, F) A cryptographic function property operation was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5070.md b/windows/security/threat-protection/auditing/event-5070.md
index 079cb18504..afdb292917 100644
--- a/windows/security/threat-protection/auditing/event-5070.md
+++ b/windows/security/threat-protection/auditing/event-5070.md
@@ -2,7 +2,6 @@
title: 5070(S, F) A cryptographic function property modification was attempted.
description: Describes security event 5070(S, F) A cryptographic function property modification was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5136.md b/windows/security/threat-protection/auditing/event-5136.md
index e71aa708cc..c4d5e84029 100644
--- a/windows/security/threat-protection/auditing/event-5136.md
+++ b/windows/security/threat-protection/auditing/event-5136.md
@@ -2,7 +2,6 @@
title: 5136(S) A directory service object was modified.
description: Describes security event 5136(S) A directory service object was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5137.md b/windows/security/threat-protection/auditing/event-5137.md
index e7d10b0197..49ade1e081 100644
--- a/windows/security/threat-protection/auditing/event-5137.md
+++ b/windows/security/threat-protection/auditing/event-5137.md
@@ -2,7 +2,6 @@
title: 5137(S) A directory service object was created.
description: Describes security event 5137(S) A directory service object was created.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5138.md b/windows/security/threat-protection/auditing/event-5138.md
index 1120df1fc3..7dac9ef63f 100644
--- a/windows/security/threat-protection/auditing/event-5138.md
+++ b/windows/security/threat-protection/auditing/event-5138.md
@@ -2,7 +2,6 @@
title: 5138(S) A directory service object was undeleted.
description: Describes security event 5138(S) A directory service object was undeleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5139.md b/windows/security/threat-protection/auditing/event-5139.md
index 09ca54dca4..2b06e5309c 100644
--- a/windows/security/threat-protection/auditing/event-5139.md
+++ b/windows/security/threat-protection/auditing/event-5139.md
@@ -2,7 +2,6 @@
title: 5139(S) A directory service object was moved.
description: Describes security event 5139(S) A directory service object was moved.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5140.md b/windows/security/threat-protection/auditing/event-5140.md
index d79d99892e..e0afa21cd5 100644
--- a/windows/security/threat-protection/auditing/event-5140.md
+++ b/windows/security/threat-protection/auditing/event-5140.md
@@ -2,7 +2,6 @@
title: 5140(S, F) A network share object was accessed.
description: Describes security event 5140(S, F) A network share object was accessed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5141.md b/windows/security/threat-protection/auditing/event-5141.md
index e70a399593..dfdea7ca5f 100644
--- a/windows/security/threat-protection/auditing/event-5141.md
+++ b/windows/security/threat-protection/auditing/event-5141.md
@@ -2,7 +2,6 @@
title: 5141(S) A directory service object was deleted.
description: Describes security event 5141(S) A directory service object was deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5142.md b/windows/security/threat-protection/auditing/event-5142.md
index 790b6ea8f0..4620f55d07 100644
--- a/windows/security/threat-protection/auditing/event-5142.md
+++ b/windows/security/threat-protection/auditing/event-5142.md
@@ -2,7 +2,6 @@
title: 5142(S) A network share object was added.
description: Describes security event 5142(S) A network share object was added. This event is generated when a network share object is added.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5143.md b/windows/security/threat-protection/auditing/event-5143.md
index e26f69e294..f7f04d6cf0 100644
--- a/windows/security/threat-protection/auditing/event-5143.md
+++ b/windows/security/threat-protection/auditing/event-5143.md
@@ -2,7 +2,6 @@
title: 5143(S) A network share object was modified.
description: Describes security event 5143(S) A network share object was modified. This event is generated when a network share object is modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5144.md b/windows/security/threat-protection/auditing/event-5144.md
index 6d6a16e1af..df41963e27 100644
--- a/windows/security/threat-protection/auditing/event-5144.md
+++ b/windows/security/threat-protection/auditing/event-5144.md
@@ -2,7 +2,6 @@
title: 5144(S) A network share object was deleted.
description: Describes security event 5144(S) A network share object was deleted. This event is generated when a network share object is deleted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5145.md b/windows/security/threat-protection/auditing/event-5145.md
index 32fef4024d..783c17d59f 100644
--- a/windows/security/threat-protection/auditing/event-5145.md
+++ b/windows/security/threat-protection/auditing/event-5145.md
@@ -2,7 +2,6 @@
title: 5145(S, F) A network share object was checked to see whether client can be granted desired access.
description: Describes security event 5145(S, F) A network share object was checked to see whether client can be granted desired access.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5148.md b/windows/security/threat-protection/auditing/event-5148.md
index 291a541e11..9eb90940af 100644
--- a/windows/security/threat-protection/auditing/event-5148.md
+++ b/windows/security/threat-protection/auditing/event-5148.md
@@ -2,7 +2,6 @@
title: 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.
description: Details on Security event 5148(F), The Windows Filtering Platform has detected a DoS attack and entered a defensive mode.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5149.md b/windows/security/threat-protection/auditing/event-5149.md
index 0f37543acf..f1c753d3a9 100644
--- a/windows/security/threat-protection/auditing/event-5149.md
+++ b/windows/security/threat-protection/auditing/event-5149.md
@@ -2,7 +2,6 @@
title: 5149(F) The DoS attack has subsided and normal processing is being resumed.
description: Describes security event 5149(F) The DoS attack has subsided and normal processing is being resumed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5150.md b/windows/security/threat-protection/auditing/event-5150.md
index aa56f896dc..a5f3e3b184 100644
--- a/windows/security/threat-protection/auditing/event-5150.md
+++ b/windows/security/threat-protection/auditing/event-5150.md
@@ -2,7 +2,6 @@
title: 5150(-) The Windows Filtering Platform blocked a packet.
description: Describes security event 5150(-) The Windows Filtering Platform blocked a packet.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5151.md b/windows/security/threat-protection/auditing/event-5151.md
index 22dcd9a63e..92c88cdf47 100644
--- a/windows/security/threat-protection/auditing/event-5151.md
+++ b/windows/security/threat-protection/auditing/event-5151.md
@@ -2,7 +2,6 @@
title: 5151(-) A more restrictive Windows Filtering Platform filter has blocked a packet.
description: Describes security event 5151(-) A more restrictive Windows Filtering Platform filter has blocked a packet.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5152.md b/windows/security/threat-protection/auditing/event-5152.md
index 363a095741..0c38edef1f 100644
--- a/windows/security/threat-protection/auditing/event-5152.md
+++ b/windows/security/threat-protection/auditing/event-5152.md
@@ -2,7 +2,6 @@
title: 5152(F) The Windows Filtering Platform blocked a packet.
description: Describes security event 5152(F) The Windows Filtering Platform blocked a packet.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5153.md b/windows/security/threat-protection/auditing/event-5153.md
index a46227f056..0fe85f8e85 100644
--- a/windows/security/threat-protection/auditing/event-5153.md
+++ b/windows/security/threat-protection/auditing/event-5153.md
@@ -2,7 +2,6 @@
title: 5153(S) A more restrictive Windows Filtering Platform filter has blocked a packet.
description: Describes security event 5153(S) A more restrictive Windows Filtering Platform filter has blocked a packet.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5154.md b/windows/security/threat-protection/auditing/event-5154.md
index 76424d3ca5..d99a804e12 100644
--- a/windows/security/threat-protection/auditing/event-5154.md
+++ b/windows/security/threat-protection/auditing/event-5154.md
@@ -2,7 +2,6 @@
title: 5154(S) The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.
description: Describes security event 5154(S) The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 89e206fdbb..883e22bd27 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -2,7 +2,6 @@
title: 5155(F) The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.
description: Describes security event 5155(F) The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5156.md b/windows/security/threat-protection/auditing/event-5156.md
index 95b20ccfcf..5c4dd19d0c 100644
--- a/windows/security/threat-protection/auditing/event-5156.md
+++ b/windows/security/threat-protection/auditing/event-5156.md
@@ -2,7 +2,6 @@
title: 5156(S) The Windows Filtering Platform has permitted a connection.
description: Describes security event 5156(S) The Windows Filtering Platform has permitted a connection.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5157.md b/windows/security/threat-protection/auditing/event-5157.md
index cce391d0d8..2042aa3cb3 100644
--- a/windows/security/threat-protection/auditing/event-5157.md
+++ b/windows/security/threat-protection/auditing/event-5157.md
@@ -2,7 +2,6 @@
title: 5157(F) The Windows Filtering Platform has blocked a connection.
description: Describes security event 5157(F) The Windows Filtering Platform has blocked a connection.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5158.md b/windows/security/threat-protection/auditing/event-5158.md
index 7152b22478..42d2e97dd8 100644
--- a/windows/security/threat-protection/auditing/event-5158.md
+++ b/windows/security/threat-protection/auditing/event-5158.md
@@ -2,7 +2,6 @@
title: 5158(S) The Windows Filtering Platform has permitted a bind to a local port.
description: Describes security event 5158(S) The Windows Filtering Platform has permitted a bind to a local port.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5159.md b/windows/security/threat-protection/auditing/event-5159.md
index 1c163b30dc..e73c67f9da 100644
--- a/windows/security/threat-protection/auditing/event-5159.md
+++ b/windows/security/threat-protection/auditing/event-5159.md
@@ -2,7 +2,6 @@
title: 5159(F) The Windows Filtering Platform has blocked a bind to a local port.
description: Describes security event 5159(F) The Windows Filtering Platform has blocked a bind to a local port.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5168.md b/windows/security/threat-protection/auditing/event-5168.md
index f961f15bab..f29c101e31 100644
--- a/windows/security/threat-protection/auditing/event-5168.md
+++ b/windows/security/threat-protection/auditing/event-5168.md
@@ -2,7 +2,6 @@
title: 5168(F) SPN check for SMB/SMB2 failed.
description: Describes security event 5168(F) SPN check for SMB/SMB2 failed. This event is generated when an SMB SPN check fails.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5376.md b/windows/security/threat-protection/auditing/event-5376.md
index 0f2be5a04a..ea9979f965 100644
--- a/windows/security/threat-protection/auditing/event-5376.md
+++ b/windows/security/threat-protection/auditing/event-5376.md
@@ -2,7 +2,6 @@
title: 5376(S) Credential Manager credentials were backed up.
description: Describes security event 5376(S) Credential Manager credentials were backed up.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5377.md b/windows/security/threat-protection/auditing/event-5377.md
index d5a1660220..e5a9be7063 100644
--- a/windows/security/threat-protection/auditing/event-5377.md
+++ b/windows/security/threat-protection/auditing/event-5377.md
@@ -2,7 +2,6 @@
title: 5377(S) Credential Manager credentials were restored from a backup.
description: Describes security event 5377(S) Credential Manager credentials were restored from a backup.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5378.md b/windows/security/threat-protection/auditing/event-5378.md
index 25c68deee6..6d1ac9a70f 100644
--- a/windows/security/threat-protection/auditing/event-5378.md
+++ b/windows/security/threat-protection/auditing/event-5378.md
@@ -2,7 +2,6 @@
title: 5378(F) The requested credentials delegation was disallowed by policy.
description: Describes security event 5378(F) The requested credentials delegation was disallowed by policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5447.md b/windows/security/threat-protection/auditing/event-5447.md
index d1ffd6b03d..a3065a4f0a 100644
--- a/windows/security/threat-protection/auditing/event-5447.md
+++ b/windows/security/threat-protection/auditing/event-5447.md
@@ -2,7 +2,6 @@
title: 5447(S) A Windows Filtering Platform filter has been changed.
description: Describes security event 5447(S) A Windows Filtering Platform filter has been changed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5632.md b/windows/security/threat-protection/auditing/event-5632.md
index 0815f5d12f..8b751f272e 100644
--- a/windows/security/threat-protection/auditing/event-5632.md
+++ b/windows/security/threat-protection/auditing/event-5632.md
@@ -2,7 +2,6 @@
title: 5632(S, F) A request was made to authenticate to a wireless network.
description: Describes security event 5632(S, F) A request was made to authenticate to a wireless network.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5633.md b/windows/security/threat-protection/auditing/event-5633.md
index bf786c1d2d..5c2c68695a 100644
--- a/windows/security/threat-protection/auditing/event-5633.md
+++ b/windows/security/threat-protection/auditing/event-5633.md
@@ -2,7 +2,6 @@
title: 5633(S, F) A request was made to authenticate to a wired network.
description: Describes security event 5633(S, F) A request was made to authenticate to a wired network.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5712.md b/windows/security/threat-protection/auditing/event-5712.md
index a7ec0a5e10..8fe2ad8714 100644
--- a/windows/security/threat-protection/auditing/event-5712.md
+++ b/windows/security/threat-protection/auditing/event-5712.md
@@ -2,7 +2,6 @@
title: 5712(S) A Remote Procedure Call (RPC) was attempted.
description: Describes security event 5712(S) A Remote Procedure Call (RPC) was attempted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5888.md b/windows/security/threat-protection/auditing/event-5888.md
index 47bfb7e52c..7f06d1e907 100644
--- a/windows/security/threat-protection/auditing/event-5888.md
+++ b/windows/security/threat-protection/auditing/event-5888.md
@@ -2,7 +2,6 @@
title: 5888(S) An object in the COM+ Catalog was modified.
description: Describes security event 5888(S) An object in the COM+ Catalog was modified.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5889.md b/windows/security/threat-protection/auditing/event-5889.md
index 21bced3526..32bd5bffd8 100644
--- a/windows/security/threat-protection/auditing/event-5889.md
+++ b/windows/security/threat-protection/auditing/event-5889.md
@@ -2,7 +2,6 @@
title: 5889(S) An object was deleted from the COM+ Catalog.
description: Describes security event 5889(S) An object was deleted from the COM+ Catalog.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-5890.md b/windows/security/threat-protection/auditing/event-5890.md
index 652453190a..959e6fd3e4 100644
--- a/windows/security/threat-protection/auditing/event-5890.md
+++ b/windows/security/threat-protection/auditing/event-5890.md
@@ -2,7 +2,6 @@
title: 5890(S) An object was added to the COM+ Catalog.
description: Describes security event 5890(S) An object was added to the COM+ Catalog.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6144.md b/windows/security/threat-protection/auditing/event-6144.md
index b58495dff5..826d274d51 100644
--- a/windows/security/threat-protection/auditing/event-6144.md
+++ b/windows/security/threat-protection/auditing/event-6144.md
@@ -2,7 +2,6 @@
title: 6144(S) Security policy in the group policy objects has been applied successfully.
description: Describes security event 6144(S) Security policy in the group policy objects has been applied successfully.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6145.md b/windows/security/threat-protection/auditing/event-6145.md
index 690cca9856..a5e630ff72 100644
--- a/windows/security/threat-protection/auditing/event-6145.md
+++ b/windows/security/threat-protection/auditing/event-6145.md
@@ -2,7 +2,6 @@
title: 6145(F) One or more errors occurred while processing security policy in the group policy objects.
description: Describes security event 6145(F) One or more errors occurred while processing security policy in the group policy objects.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/08/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6281.md b/windows/security/threat-protection/auditing/event-6281.md
index b740282ddf..307122724f 100644
--- a/windows/security/threat-protection/auditing/event-6281.md
+++ b/windows/security/threat-protection/auditing/event-6281.md
@@ -2,7 +2,6 @@
title: 6281(F) Code Integrity determined that the page hashes of an image file aren't valid.
description: Describes security event 6281(F) Code Integrity determined that the page hashes of an image file aren't valid.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6400.md b/windows/security/threat-protection/auditing/event-6400.md
index 8ea567df22..0f1bdbe078 100644
--- a/windows/security/threat-protection/auditing/event-6400.md
+++ b/windows/security/threat-protection/auditing/event-6400.md
@@ -2,7 +2,6 @@
title: 6400(-) BranchCache Received an incorrectly formatted response while discovering availability of content.
description: Describes security event 6400(-) BranchCache Received an incorrectly formatted response while discovering availability of content.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6401.md b/windows/security/threat-protection/auditing/event-6401.md
index 6216a8ab19..56a4cdce4c 100644
--- a/windows/security/threat-protection/auditing/event-6401.md
+++ b/windows/security/threat-protection/auditing/event-6401.md
@@ -2,7 +2,6 @@
title: 6401(-) BranchCache Received invalid data from a peer. Data discarded.
description: Describes security event 6401(-) BranchCache Received invalid data from a peer. Data discarded.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6402.md b/windows/security/threat-protection/auditing/event-6402.md
index 6e00df66af..5e47ee6c4d 100644
--- a/windows/security/threat-protection/auditing/event-6402.md
+++ b/windows/security/threat-protection/auditing/event-6402.md
@@ -2,7 +2,6 @@
title: 6402(-) BranchCache The message to the hosted cache offering it data is incorrectly formatted.
description: Describes security event 6402(-) BranchCache The message to the hosted cache offering it data is incorrectly formatted.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6403.md b/windows/security/threat-protection/auditing/event-6403.md
index 92b228cf4a..f442562eb5 100644
--- a/windows/security/threat-protection/auditing/event-6403.md
+++ b/windows/security/threat-protection/auditing/event-6403.md
@@ -2,7 +2,6 @@
title: 6403(-) BranchCache The hosted cache sent an incorrectly formatted response to the client.
description: Describes security event 6403(-) BranchCache The hosted cache sent an incorrectly formatted response to the client.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6404.md b/windows/security/threat-protection/auditing/event-6404.md
index ef4073df30..387de30aa7 100644
--- a/windows/security/threat-protection/auditing/event-6404.md
+++ b/windows/security/threat-protection/auditing/event-6404.md
@@ -2,7 +2,6 @@
title: 6404(-) BranchCache Hosted cache could not be authenticated using the provisioned SSL certificate.
description: Describes security event 6404(-) BranchCache Hosted cache could not be authenticated using the provisioned SSL certificate.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6405.md b/windows/security/threat-protection/auditing/event-6405.md
index 63fc073a30..50bb5a679b 100644
--- a/windows/security/threat-protection/auditing/event-6405.md
+++ b/windows/security/threat-protection/auditing/event-6405.md
@@ -2,7 +2,6 @@
title: 6405(-) BranchCache %2 instance(s) of event id %1 occurred.
description: Describes security event 6405(-) BranchCache %2 instance(s) of event id %1 occurred.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6406.md b/windows/security/threat-protection/auditing/event-6406.md
index 057f4579b7..758b702bb1 100644
--- a/windows/security/threat-protection/auditing/event-6406.md
+++ b/windows/security/threat-protection/auditing/event-6406.md
@@ -2,7 +2,6 @@
title: 6406(-) %1 registered to Windows Firewall to control filtering for the following %2.
description: Describes security event 6406(-) %1 registered to Windows Firewall to control filtering for the following %2.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6407.md b/windows/security/threat-protection/auditing/event-6407.md
index 40c5e05deb..7c1f4a4e30 100644
--- a/windows/security/threat-protection/auditing/event-6407.md
+++ b/windows/security/threat-protection/auditing/event-6407.md
@@ -2,7 +2,6 @@
title: 6407(-) 1%.
description: Describes security event 6407(-) 1%. This event is a BranchCache event, which is outside the scope of this document.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6408.md b/windows/security/threat-protection/auditing/event-6408.md
index 6c5f475831..ccdc08387f 100644
--- a/windows/security/threat-protection/auditing/event-6408.md
+++ b/windows/security/threat-protection/auditing/event-6408.md
@@ -2,7 +2,6 @@
title: 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
description: Describes security event 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6409.md b/windows/security/threat-protection/auditing/event-6409.md
index c1fbba806a..8ad3091f3a 100644
--- a/windows/security/threat-protection/auditing/event-6409.md
+++ b/windows/security/threat-protection/auditing/event-6409.md
@@ -2,7 +2,6 @@
title: 6409(-) BranchCache A service connection point object could not be parsed.
description: Describes security event 6409(-) BranchCache A service connection point object could not be parsed.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6410.md b/windows/security/threat-protection/auditing/event-6410.md
index a2b8474480..c9dc6f669c 100644
--- a/windows/security/threat-protection/auditing/event-6410.md
+++ b/windows/security/threat-protection/auditing/event-6410.md
@@ -2,7 +2,6 @@
title: 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
description: Describes security event 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6416.md b/windows/security/threat-protection/auditing/event-6416.md
index 352f1eabbb..8629acdd90 100644
--- a/windows/security/threat-protection/auditing/event-6416.md
+++ b/windows/security/threat-protection/auditing/event-6416.md
@@ -2,7 +2,6 @@
title: 6416(S) A new external device was recognized by the System.
description: Describes security event 6416(S) A new external device was recognized by the System.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6419.md b/windows/security/threat-protection/auditing/event-6419.md
index e44f35c6ff..e5dfac4ae6 100644
--- a/windows/security/threat-protection/auditing/event-6419.md
+++ b/windows/security/threat-protection/auditing/event-6419.md
@@ -2,7 +2,6 @@
title: 6419(S) A request was made to disable a device.
description: Describes security event 6419(S) A request was made to disable a device.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6420.md b/windows/security/threat-protection/auditing/event-6420.md
index 951cd5e25d..068cc2db0e 100644
--- a/windows/security/threat-protection/auditing/event-6420.md
+++ b/windows/security/threat-protection/auditing/event-6420.md
@@ -2,7 +2,6 @@
title: 6420(S) A device was disabled.
description: Describes security event 6420(S) A device was disabled. This event is generated when a specific device is disabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6421.md b/windows/security/threat-protection/auditing/event-6421.md
index 866bdda53e..778380652b 100644
--- a/windows/security/threat-protection/auditing/event-6421.md
+++ b/windows/security/threat-protection/auditing/event-6421.md
@@ -2,7 +2,6 @@
title: 6421(S) A request was made to enable a device.
description: Describes security event 6421(S) A request was made to enable a device.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6422.md b/windows/security/threat-protection/auditing/event-6422.md
index 7411ffa42b..5ff3f69b78 100644
--- a/windows/security/threat-protection/auditing/event-6422.md
+++ b/windows/security/threat-protection/auditing/event-6422.md
@@ -2,7 +2,6 @@
title: 6422(S) A device was enabled.
description: Describes security event 6422(S) A device was enabled. This event is generated when a specific device is enabled.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6423.md b/windows/security/threat-protection/auditing/event-6423.md
index ebf46bad15..3aeaebb602 100644
--- a/windows/security/threat-protection/auditing/event-6423.md
+++ b/windows/security/threat-protection/auditing/event-6423.md
@@ -2,7 +2,6 @@
title: 6423(S) The installation of this device is forbidden by system policy.
description: Describes security event 6423(S) The installation of this device is forbidden by system policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/event-6424.md b/windows/security/threat-protection/auditing/event-6424.md
index ef8f789bd2..5d206fb5f9 100644
--- a/windows/security/threat-protection/auditing/event-6424.md
+++ b/windows/security/threat-protection/auditing/event-6424.md
@@ -2,7 +2,6 @@
title: 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
description: Describes security event 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: low
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
index 9e83c5b9cc..ccbd578203 100644
--- a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
+++ b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md
@@ -4,7 +4,6 @@ description: The policy setting, File System (Global Object Access Auditing), en
ms.assetid: 4f215d61-0e23-46e4-9e58-08511105d25b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# File System (Global Object Access Auditing)
diff --git a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
index ba9bfd059d..0c2a17c7e0 100644
--- a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
+++ b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
@@ -1,7 +1,6 @@
---
title: How to get a list of XML data name elements in
description: This reference article for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in .
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
index 2f42573827..2db4bc7e3a 100644
--- a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
+++ b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md
@@ -4,7 +4,6 @@ description: Learn how to use advanced security auditing options to monitor chan
ms.assetid: 553f98a6-7606-4518-a3c5-347a33105130
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor central access policy and rule definitions
diff --git a/windows/security/threat-protection/auditing/monitor-claim-types.md b/windows/security/threat-protection/auditing/monitor-claim-types.md
index 60d4da3a45..13bd276728 100644
--- a/windows/security/threat-protection/auditing/monitor-claim-types.md
+++ b/windows/security/threat-protection/auditing/monitor-claim-types.md
@@ -4,7 +4,6 @@ description: Learn how to monitor changes to claim types that are associated wit
ms.assetid: 426084da-4eef-44af-aeec-e7ab4d4e2439
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor claim types
diff --git a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
index 69a7d74967..0554f4f44d 100644
--- a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
+++ b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md
@@ -4,7 +4,6 @@ description: Learn how to monitor changes to resource attribute definitions when
ms.assetid: aace34b0-123a-4b83-9e09-f269220e79de
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor resource attribute definitions
diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
index 19e11f0da4..0086d38798 100644
--- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
+++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md
@@ -4,7 +4,6 @@ description: Monitor changes to central access policies associated with files an
ms.assetid: 2ea8fc23-b3ac-432f-87b0-6a16506e8eed
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor the central access policies associated with files and folders
diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
index 84de3a7b3a..01731d7b6e 100644
--- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
+++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md
@@ -4,7 +4,6 @@ description: Learn how to monitor changes to the central access policies that ap
ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor the central access policies that apply on a file server
diff --git a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
index 21f8121312..37a5df774a 100644
--- a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
+++ b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md
@@ -4,7 +4,6 @@ description: Learn how to use advanced security auditing options to monitor atte
ms.assetid: 4944097b-320f-44c7-88ed-bf55946a358b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor the resource attributes on files and folders
diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
index 26a826e404..4e187a67d2 100644
--- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
+++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
@@ -4,7 +4,6 @@ description: Learn how advanced security auditing options can be used to monitor
ms.assetid: b0a9e4a5-b7ff-41c6-96ff-0228d4ba5da8
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor the use of removable storage devices
diff --git a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
index 7fc2ba75cf..e4792764cf 100644
--- a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
+++ b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md
@@ -4,7 +4,6 @@ description: Learn how to monitor user and device claims that are associated wit
ms.assetid: 71796ea9-5fe4-4183-8475-805c3c1f319f
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Monitor user and device claims during sign-in
diff --git a/windows/security/threat-protection/auditing/other-events.md b/windows/security/threat-protection/auditing/other-events.md
index 86ef4c8957..c4bdc43d1f 100644
--- a/windows/security/threat-protection/auditing/other-events.md
+++ b/windows/security/threat-protection/auditing/other-events.md
@@ -2,7 +2,6 @@
title: Other Events
description: Describes the Other Events auditing subcategory, which includes events that are generated automatically and enabled by default.
ms.pagetype: security
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.localizationpriority: medium
@@ -11,7 +10,6 @@ ms.date: 09/09/2021
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
index 35b3eb2d9c..3d589a1ec4 100644
--- a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
+++ b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md
@@ -4,7 +4,6 @@ description: Learn to deploy an effective security audit policy in a network tha
ms.assetid: 7428e1db-aba8-407b-a39e-509671e5a442
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Plan and deploy advanced security audit policies
diff --git a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
index b82b7aa8de..e411afa653 100644
--- a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
+++ b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md
@@ -4,7 +4,6 @@ description: The Advanced Security Audit policy setting, Registry (Global Object
ms.assetid: 953bb1c1-3f76-43be-ba17-4aed2304f578
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Registry (Global Object Access Auditing)
diff --git a/windows/security/threat-protection/auditing/security-auditing-overview.md b/windows/security/threat-protection/auditing/security-auditing-overview.md
index a4e0800569..250f523977 100644
--- a/windows/security/threat-protection/auditing/security-auditing-overview.md
+++ b/windows/security/threat-protection/auditing/security-auditing-overview.md
@@ -4,7 +4,6 @@ description: Learn about security auditing features in Windows, and how your org
ms.assetid: 2d9b8142-49bd-4a33-b246-3f0c2a5f32d4
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Security auditing
diff --git a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
index 076763b3d8..bc12d22422 100644
--- a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
+++ b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md
@@ -4,7 +4,6 @@ description: Domain admins can set up advanced security audit options in Windows
ms.assetid: 0d2c28ea-bdaf-47fd-bca2-a07dce5fed37
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Using advanced security auditing options to monitor dynamic access control objects
diff --git a/windows/security/threat-protection/auditing/view-the-security-event-log.md b/windows/security/threat-protection/auditing/view-the-security-event-log.md
index 88b1438852..49c2f8a769 100644
--- a/windows/security/threat-protection/auditing/view-the-security-event-log.md
+++ b/windows/security/threat-protection/auditing/view-the-security-event-log.md
@@ -4,7 +4,6 @@ description: The security log records each event as defined by the audit policie
ms.assetid: 20DD2ACD-241A-45C5-A92F-4BE0D9F198B9
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# View the security event log
diff --git a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
index 2ede0f5748..543c3f0dbc 100644
--- a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
+++ b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md
@@ -4,7 +4,6 @@ description: This reference topic for the IT professional describes which versio
ms.assetid: 87c71cc5-522d-4771-ac78-34a2a0825f31
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/09/2021
-ms.technology: itpro-security
---
# Which editions of Windows support advanced audit policy configuration
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index aafae23e17..5dd0c7c3f0 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -1,12 +1,10 @@
---
title: Windows threat protection
description: Describes the security capabilities in Windows client focused on threat protection
-ms.prod: windows-client
author: aczechowski
ms.author: aaroncz
manager: aaroncz
ms.topic: conceptual
-ms.technology: itpro-security
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 365c09f330..61a3073fa1 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -1,12 +1,10 @@
---
title: Mitigate threats by using Windows 10 security features
description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
-ms.prod: windows-client
ms.localizationpriority: medium
author: aczechowski
ms.author: aaroncz
manager: aaroncz
-ms.technology: itpro-security
ms.date: 12/31/2017
ms.topic: article
---
diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
index 81f50b4fda..61b895b145 100644
--- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
+++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md
@@ -4,7 +4,6 @@ description: Describes best practices, security considerations, and more for the
ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Access Credential Manager as a trusted caller
diff --git a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
index f8a0e483fd..58ab435398 100644
--- a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
+++ b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: f6767bc2-83d1-45f1-847c-54f5362db022
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 06/11/2021
-ms.technology: itpro-security
---
# Access this computer from the network - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
index ab6ba1901c..23acbe9b1c 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: a4167bf4-27c3-4a9b-8ef0-04e3c6ec3aa4
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 08/16/2021
-ms.technology: itpro-security
---
# Account lockout duration
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
index 1872b25b41..25df645272 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
@@ -4,7 +4,6 @@ description: Describes the Account Lockout Policy settings and links to informat
ms.assetid: eb968c28-17c5-405f-b413-50728cb7b724
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 10/11/2018
-ms.technology: itpro-security
---
# Account Lockout Policy
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
index 2bae54f4e2..7902e5d1c9 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 4904bb40-a2bd-4fef-a102-260ba8d74e30
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 11/02/2018
-ms.technology: itpro-security
---
# Account lockout threshold
diff --git a/windows/security/threat-protection/security-policy-settings/account-policies.md b/windows/security/threat-protection/security-policy-settings/account-policies.md
index 4504d333df..979811c1da 100644
--- a/windows/security/threat-protection/security-policy-settings/account-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/account-policies.md
@@ -4,7 +4,6 @@ description: An overview of account policies in Windows and provides links to po
ms.assetid: 711b3797-b87a-4cd9-a2e3-1f8ef18688fb
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Account Policies
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
index 179f5ba556..2525359221 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 71a3bd48-1014-49e0-a936-bfe9433af23e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 08/01/2017
-ms.technology: itpro-security
---
# Accounts: Administrator account status
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
index 1ac6245b9b..63a3b327b9 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, management, and sec
ms.assetid: 94c76f45-057c-4d80-8d01-033cf28ef2f7
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 08/10/2017
-ms.technology: itpro-security
---
# Accounts: Block Microsoft accounts
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
index 6c768ad6d6..a61f1e0d49 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 07e53fc5-b495-4d02-ab42-5b245d10d0ce
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Accounts: Guest account status - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
index 947a4c0f6f..a04536f260 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
@@ -4,7 +4,6 @@ description: Learn best practices, security considerations, and more for the pol
ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Accounts: Limit local account use of blank passwords to console logon only
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
index 44905ab096..3740084b0b 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
@@ -4,7 +4,6 @@ description: This security policy reference topic for the IT professional descri
ms.assetid: d21308eb-7c60-4e48-8747-62b8109844f9
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Accounts: Rename administrator account
diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
index d034cdf835..1f3dd3b5f6 100644
--- a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
+++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 9b8052b4-bbb9-4cc1-bfee-ce25390db707
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Accounts: Rename guest account - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
index 1bdbf787f1..cf116b92be 100644
--- a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
+++ b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: c1b7e084-a9f7-4377-b678-07cc913c8b0c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Act as part of the operating system
diff --git a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md
index fb594e8748..f73cdd251d 100644
--- a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md
@@ -3,13 +3,11 @@ title: Add workstations to domain
description: Describes the best practices, location, values, policy management and security considerations for the Add workstations to domain security policy setting.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Add workstations to domain
diff --git a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
index 5c9b499b8b..6a963f20cf 100644
--- a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
+++ b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 6754a2c8-6d07-4567-9af3-335fd8dd7626
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Adjust memory quotas for a process
diff --git a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
index 3a11417c5b..be7eb4d379 100644
--- a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
@@ -4,7 +4,6 @@ description: This article discusses different methods to administer security pol
ms.assetid: 7617d885-9d28-437a-9371-171197407599
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Administer security policy settings
diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
index ec8dd1980d..0bb7fa0b5a 100644
--- a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
+++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: d9e5e1f3-3bff-4da7-a9a2-4bb3e0c79055
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Allow log on locally - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
index b76363e1b5..1d44efc4b3 100644
--- a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
+++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: 6267c376-8199-4f2b-ae56-9c5424e76798
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Allow log on through Remote Desktop Services
diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
index 25ef7bc3d6..179941bc1c 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 20d40a79-ce89-45e6-9bb4-148f83958460
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Audit: Audit the access of global system objects
diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md
index 011e035679..05c570e013 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md
@@ -4,7 +4,6 @@ description: "Describes the best practices, location, values, and security consi
ms.assetid: f656a2bb-e8d6-447b-8902-53df3a7756c5
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/01/2019
-ms.technology: itpro-security
---
# Audit: Audit the use of Backup and Restore privilege
diff --git a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
index 663cfb1d30..1d81955c37 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
@@ -4,7 +4,6 @@ description: Learn more about the security policy setting, Audit Force audit pol
ms.assetid: 8ddc06bc-b6d6-4bac-9051-e0d77035bd4e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings
diff --git a/windows/security/threat-protection/security-policy-settings/audit-policy.md b/windows/security/threat-protection/security-policy-settings/audit-policy.md
index bf27ff18aa..72c1169cf3 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-policy.md
@@ -4,7 +4,6 @@ description: Provides information about basic audit policies that are available
ms.assetid: 2e8ea400-e555-43e5-89d6-0898cb89da90
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Audit Policy
diff --git a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
index da06353caf..4d0ab7c979 100644
--- a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
+++ b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 2cd23cd9-0e44-4d0b-a1f1-39fc29303826
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Audit: Shut down system immediately if unable to log security audits
diff --git a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
index 3bd99b5590..1ba7777a2b 100644
--- a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
+++ b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md
@@ -4,7 +4,6 @@ description: Describes the recommended practices, location, values, policy manag
ms.assetid: 1cd6bdd5-1501-41f4-98b9-acf29ac173ae
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Back up files and directories - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
index f4a8745518..153da82af0 100644
--- a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
+++ b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 1c828655-68d3-4140-aa0f-caa903a7087e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Bypass traverse checking
diff --git a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
index d985a6eaf9..7c3ac55c23 100644
--- a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
+++ b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: f2f6637d-acbc-4352-8ca3-ec563f918e65
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Change the system time - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
index 3ac7b50a9c..0c3b2e17fd 100644
--- a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
+++ b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 3b1afae4-68bb-472f-a43e-49e300d73e50
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Change the time zone - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
index a28a19a33f..4b5f9a7ed6 100644
--- a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
+++ b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: dc087897-459d-414b-abe0-cd86c8dccdea
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Create a pagefile - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
index 6c50cc0ce0..e45a81f726 100644
--- a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
+++ b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: bfbf52fc-6ba4-442a-9df7-bd277e55729c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Create a token object
diff --git a/windows/security/threat-protection/security-policy-settings/create-global-objects.md b/windows/security/threat-protection/security-policy-settings/create-global-objects.md
index 18fb5d25ad..9c2e0740b7 100644
--- a/windows/security/threat-protection/security-policy-settings/create-global-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/create-global-objects.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 9cb6247b-44fc-4815-86f2-cb59b6f0221e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Create global objects
diff --git a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
index e5d58fc80d..8e28020f73 100644
--- a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 6a58438d-65ca-4c4a-a584-450eed976649
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Create permanent shared objects
diff --git a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
index 970e2ddfd7..d0a05e5cde 100644
--- a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
+++ b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 882922b9-0ff8-4ee9-8afc-4475515ee3fd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Create symbolic links
diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
index 6426a749bf..784e63d190 100644
--- a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
+++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the syntax policy setting,
ms.assetid: 0fe3521a-5252-44df-8a47-8d92cf936e7c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax
diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
index 5accd3bbbc..6f20c35a59 100644
--- a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
+++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, DCOM Machi
ms.assetid: 4b95d45f-dd62-4c34-ba32-43954528dabe
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax
diff --git a/windows/security/threat-protection/security-policy-settings/debug-programs.md b/windows/security/threat-protection/security-policy-settings/debug-programs.md
index c65db98a6f..f0d787d7a9 100644
--- a/windows/security/threat-protection/security-policy-settings/debug-programs.md
+++ b/windows/security/threat-protection/security-policy-settings/debug-programs.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 594d9f2c-8ffc-444b-9522-75615ec87786
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Debug programs
diff --git a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
index 09c0633dea..446fad10ca 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: 935e9f89-951b-4163-b186-fc325682bb0b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 05/19/2021
-ms.technology: itpro-security
---
# Deny access to this computer from the network
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
index c4bc52c008..49ad4d216d 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 0ac36ebd-5e28-4b6a-9b4e-8924c6ecf44b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Deny log on as a batch job
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
index 7bdd2075ca..d2a042c022 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: f1114964-df86-4278-9b11-e35c66949794
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Deny log on as a service
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
index 263496c85d..709c72bee4 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 00150e88-ec9c-43e1-a70d-33bfe10434db
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Deny log on locally
diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
index 24e896eb79..c6dfb97ab1 100644
--- a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
+++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: 84bbb807-287c-4acc-a094-cf0ffdcbca67
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Deny log on through Remote Desktop Services
diff --git a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
index abbf2b5679..a2514e41a3 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 1d403f5d-ad41-4bb4-9f4a-0779c1c14b8c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Devices: Allow undock without having to log on
diff --git a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
index c2b35adf67..515856c7f7 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: d1b42425-7244-4ab1-9d46-d68de823459c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Devices: Allowed to format and eject removable media
diff --git a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
index 9a909d447c..9590fbf54b 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: ab70a122-f7f9-47e0-ad8c-541f30a27ec3
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 01/05/2022
-ms.technology: itpro-security
---
# Devices: Prevent users from installing printer drivers
diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
index 30a9097f46..5ccf446d9e 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 8b8f44bb-84ce-4f18-af30-ab89910e234d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Devices: Restrict CD-ROM access to locally logged-on user only
diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
index 0a4d6c2250..b4a13d2337 100644
--- a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
+++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 92997910-da95-4c03-ae6f-832915423898
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Devices: Restrict floppy access to locally logged-on user only
diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md
index 8d5b95d46a..2757a09e31 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md
@@ -3,13 +3,11 @@ title: Domain controller Allow server operators to schedule tasks
description: Describes the best practices, location, values, and security considerations for the Domain controller Allow server operators to schedule tasks security policy setting.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain controller: Allow server operators to schedule tasks
diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
index af6812e273..ecf16ca65c 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md
@@ -3,13 +3,11 @@ title: Domain controller LDAP server channel binding token requirements
description: Describes the best practices, location, values, and security considerations for the Domain controller LDAP server channel binding token requirements security policy setting.
ms.reviewer: waynmc
ms.author: waynmc
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 04/26/2023
-ms.technology: itpro-security
---
# Domain controller: LDAP server channel binding token requirements
diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md
index 0745e54ec3..b46d83e1d6 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md
@@ -3,13 +3,11 @@ title: Domain controller LDAP server signing requirements
description: Describes the best practices, location, values, and security considerations for the Domain controller LDAP server signing requirements security policy setting.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain controller: LDAP server signing requirements
diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md
index dcc3e3be66..453dae2c04 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md
@@ -3,12 +3,10 @@ title: Refuse machine account password changes policy
description: Describes the best practices, location, values, and security considerations for the Domain controller Refuse machine account password changes security policy setting.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
-ms.technology: itpro-security
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
index 820c7facca..00874bb080 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, and security considerations for t
ms.assetid: 4480c7cb-adca-4f29-b4b8-06eb68d272bf
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain member: Digitally encrypt or sign secure channel data (always)
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
index 0086d01e2c..d66e753fe4 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 73e6023e-0af3-4531-8238-82f0f0e4965b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain member: Digitally encrypt secure channel data (when possible)
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
index cadfa2282e..07861eeed3 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, and security considerations for t
ms.assetid: a643e491-4f45-40ea-b12c-4dbe47e54f34
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain member: Digitally sign secure channel data (when possible)
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
index 324f36b008..83bc426b58 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 1f660300-a07a-4243-a09f-140aa1ab8867
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 06/27/2019
-ms.technology: itpro-security
---
# Domain member: Disable machine account password changes
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
index 278f2854fa..b5f6a01f3e 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 0ec6f7c1-4d82-4339-94c0-debb2d1ac109
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 05/29/2020
-ms.technology: itpro-security
---
# Domain member: Maximum machine account password age
diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
index 5f03addc62..e0b22d6cf2 100644
--- a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
+++ b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, and security considerations for t
ms.assetid: 5ab8993c-5086-4f09-bc88-1b27454526bd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Domain member: Require strong (Windows 2000 or later) session key
diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
index 2580f51ed8..ca2112846d 100644
--- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
+++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations and more for th
ms.assetid: 524062d4-1595-41f3-8ce1-9c85fd21497b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Enable computer and user accounts to be trusted for delegation
diff --git a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
index b2b87b7314..ed174c38a8 100644
--- a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
+++ b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 8b2ab871-3e52-4dd1-9776-68bb1e935442
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Enforce password history
diff --git a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
index faf39c7570..5879883e45 100644
--- a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
+++ b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 5891cb73-f1ec-48b9-b703-39249e48a29f
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Enforce user logon restrictions
diff --git a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
index fbf329985c..e2e2fbba6b 100644
--- a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
+++ b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 63129243-31ea-42a4-a598-c7064f48a3df
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Force shutdown from a remote system
diff --git a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
index 9b9ab36731..a9c54c538d 100644
--- a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
+++ b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: c0e1cd80-840e-4c74-917c-5c2349de885f
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Generate security audits
diff --git a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
index 918c634443..59a5523281 100644
--- a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 4cd241e2-c680-4b43-8ed0-3b391925cec5
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Impersonate a client after authentication
diff --git a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
index b383d4e733..f65a5700dd 100644
--- a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
+++ b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: b742ad96-37f3-4686-b8f7-f2b48367105b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Increase a process working set
diff --git a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
index e0afba5ecc..156b06d265 100644
--- a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
+++ b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: fbec5973-d35e-4797-9626-d0d56061527f
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 2/6/2020
-ms.technology: itpro-security
---
# Increase scheduling priority
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
index 6b6a223a3c..2f420b21cf 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 9146aa3d-9b2f-47ba-ac03-ff43efb10530
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Display user information when the session is locked
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
index 6d7880e8fe..66d276bacf 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md
@@ -1,7 +1,6 @@
---
title: Interactive logon Don't display last signed-in
description: Describes the best practices, location, values, and security considerations for the Interactive logon Don't display last user name security policy setting.
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -13,7 +12,6 @@ ms.topic: reference
ms.date: 04/19/2017
ms.reviewer:
ms.author: vinpa
-ms.technology: itpro-security
---
# Interactive logon: Don't display last signed-in
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
index a13d25cd15..ab27093a1c 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 04e2c000-2eb2-4d4b-8179-1e2cb4793e18
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Do not require CTRL+ALT+DEL
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
index 85cca7c7f1..05151970da 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 98b24b03-95fe-4edc-8e97-cbdaa8e314fd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Don't display username at sign-in
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
index a9c3a468db..fba7a86ac4 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, management, and security consider
ms.assetid: ebbd8e22-2611-4ebe-9db9-d49344e631e4
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Machine account lockout threshold
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
index 499c8ea921..93e24a9961 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, management, and sec
ms.assetid: 7065b4a9-0d52-41d5-afc4-5aedfc4162b5
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 09/18/2018
-ms.technology: itpro-security
---
# Interactive logon: Machine inactivity limit
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
index 9ea2643a8c..cc406c3e45 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations and more for th
ms.assetid: fcfe8a6d-ca65-4403-b9e6-2fa017a31c2e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Message text for users attempting to log on
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
index f97c4515e8..20776c7140 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: f2596470-4cc0-4ef1-849c-bef9dc3533c6
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Message title for users attempting to log on
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
index 60159d1dd5..3817c2a334 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, Interactiv
ms.assetid: 660e925e-cc3e-4098-a41e-eb8db8062d8d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 08/27/2018
-ms.technology: itpro-security
---
# Interactive logon: Number of previous logons to cache (in case domain controller is not available)
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
index 1c2bd90367..14eb3e7e3a 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md
@@ -4,7 +4,6 @@ description: Best practices and security considerations for an interactive log-o
ms.assetid: 8fe94781-40f7-4fbe-8cfd-5e116e6833e9
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive log on: Prompt the user to change passwords before expiration
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
index 12c079fced..2249b7889f 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md
@@ -4,7 +4,6 @@ description: Best practices security considerations, and more for the policy set
ms.assetid: 97618ed3-e946-47db-a212-b5e7a4fc6ffc
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Require Domain Controller authentication to unlock workstation
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md
index 7175af2912..fab0a761f3 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md
@@ -5,8 +5,6 @@ author: vinaypamnani-msft
ms.author: vinpa
manager: aaroncz
ms.reviewer:
-ms.prod: windows-client
-ms.technology: itpro-security
ms.localizationpriority: medium
ms.topic: reference
ms.date: 01/13/2023
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
index 4ae503eb5d..3101ddf604 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: 61487820-9d49-4979-b15d-c7e735999460
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Interactive logon: Smart card removal behavior
diff --git a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
index c8b07ad5e2..b2d778abd6 100644
--- a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md
@@ -4,7 +4,6 @@ description: Describes the Kerberos Policy settings and provides links to policy
ms.assetid: 94017dd9-b1a3-4624-af9f-b29161b4bf38
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Kerberos Policy
diff --git a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
index 7a97507fb3..f51292c134 100644
--- a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
+++ b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 66262532-c610-470c-9792-35ff4389430f
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Load and unload device drivers
diff --git a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
index 6be9e7a10f..8efc6d6d5e 100644
--- a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
+++ b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: cc724979-aec0-496d-be4e-7009aef660a3
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Lock pages in memory
diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
index cd62546d27..9be27bb7d6 100644
--- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
+++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 4eaddb51-0a18-470e-9d3d-5e7cd7970b41
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Log on as a batch job
diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
index f96d6aad98..b9d7dcc0af 100644
--- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
+++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: acc9a9e0-fd88-4cda-ab54-503120ba1f42
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Log on as a service
diff --git a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
index 180e73d52d..eae4a7c4b6 100644
--- a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
+++ b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 4b946c0d-f904-43db-b2d5-7f0917575347
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Manage auditing and security log
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
index a750dcb65c..e7ac39b82a 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 484bf05a-3858-47fc-bc02-6599ca860247
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Maximum lifetime for service ticket
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
index 6dc4d1607b..6d0137547d 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: f88cd819-3dd1-4e38-b560-13fe6881b609
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Maximum lifetime for user ticket renewal
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
index 238e860228..3cc212c913 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: bcb4ff59-334d-4c2f-99af-eca2b64011dc
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Maximum lifetime for user ticket
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
index a416e4543c..2bd4c4aa31 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 2d6e70e7-c8b0-44fb-8113-870c6120871d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Maximum password age
diff --git a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
index fd26c1fd58..164df232e6 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: ba2cf59e-d69d-469e-95e3-8e6a0ba643af
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Maximum tolerance for computer clock synchronization
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md
index 687a39281d..658dc72de2 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md
@@ -4,11 +4,9 @@ description: Best practices and security considerations for the Microsoft netwo
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
ms.date: 01/13/2023
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
index a3d215db1a..de1a65cacc 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the security policy setting
ms.assetid: 97a76b93-afa7-4dd9-bb52-7c9e289b6017
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
index e79a912300..7add3c22bb 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: 8227842a-569d-480f-b43c-43450bbaa722
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Microsoft network server: Amount of idle time required before suspending session
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
index 8fcc7102c7..e9667f8aeb 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md
@@ -4,7 +4,6 @@ description: Learn about the security policy setting, Microsoft network server A
ms.assetid: e4508387-35ed-4a3f-a47c-27f8396adbba
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Microsoft network server: Attempt S4U2Self to obtain claim information
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md
index 030123cf61..afe2dc3cac 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md
@@ -5,8 +5,6 @@ author: vinaypamnani-msft
ms.author: vinpa
ms.reviewer:
manager: aaroncz
-ms.prod: windows-client
-ms.technology: itpro-security
ms.localizationpriority: medium
ms.topic: reference
ms.date: 01/13/2023
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
index b7f738611b..f502ed6336 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, and security considerations for t
ms.assetid: 48b5c424-9ba8-416d-be7d-ccaabb3f49af
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Microsoft network server: Disconnect clients when sign-in hours expire
diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
index c10cf64969..2d618461c5 100644
--- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
+++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 18337f78-eb45-42fd-bdbd-f8cd02c3e154
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Microsoft network server: Server SPN target name validation level
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
index 67cf3aac2e..4922c645e8 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md
@@ -5,14 +5,12 @@ ms.assetid: 91915cb2-1b3f-4fb7-afa0-d03df95e8161
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: vinaypamnani-msft
ms.date: 11/13/2018
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
index d264ff4033..f6edea308a 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 3d22eb9a-859a-4b6f-82f5-c270c427e17e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 03/30/2022
-ms.technology: itpro-security
---
# Minimum password length
diff --git a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
index e3f1d6decd..dbd4f943f7 100644
--- a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
+++ b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 3e5a97dd-d363-43a8-ae80-452e866ebfd5
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Modify an object label
diff --git a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
index 5a2d90eb2c..58d6be0e68 100644
--- a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
+++ b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 80bad5c4-d9eb-4e3a-a5dc-dcb742b83fca
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Modify firmware environment values
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
index 16e357e6c1..e0d4fc62d5 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management and security co
ms.assetid: 0144477f-22a6-4d06-b70a-9c9c2196e99e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Allow anonymous SID/Name translation
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
index 9f3219cb41..50e1eddf2c 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the security policy setting
ms.assetid: 3686788d-4cc7-4222-9163-cbc7c3362d73
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Do not allow anonymous enumeration of SAM accounts and shares
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
index e737e440d1..4eb9c91bd1 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 6ee25b33-ad43-4097-b031-7be680f64c7c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Do not allow anonymous enumeration of SAM accounts
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
index 07e8b5d1cb..2787a6af79 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the security policy setting
ms.assetid: b9b64360-36ea-40fa-b795-2d6558c46563
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 07/01/2021
-ms.technology: itpro-security
---
# Network access: Do not allow storage of passwords and credentials for network authentication
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
index 65f3d3d7c6..eba40fa8db 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations and more for th
ms.assetid: cdbc5159-9173-497e-b46b-7325f4256353
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Let Everyone permissions apply to anonymous users
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
index 311f70c3ef..c43a8bc781 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md
@@ -4,7 +4,6 @@ description: Describes best practices, security considerations and more for the
ms.assetid: 8897d2a4-813e-4d2b-8518-fcee71e1cf2c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Named Pipes that can be accessed anonymously
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
index 12988a2e90..ca04da80eb 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md
@@ -4,7 +4,6 @@ description: Describes best practices, location, values, and security considerat
ms.assetid: 3fcbbf70-a002-4f85-8e86-8dabad21928e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Remotely accessible registry paths and subpaths
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
index 3a1924da9a..b7cd9c9122 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management and security co
ms.assetid: 977f86ea-864f-4f1b-9756-22220efce0bd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Remotely accessible registry paths
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
index e45ad66787..048ad3f0b8 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: e66cd708-7322-4d49-9b57-1bf8ec7a4c10
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Restrict anonymous access to Named Pipes and Shares
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
index 587ae7e3a5..cf13b74c2e 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
@@ -1,8 +1,6 @@
---
title: Network access - Restrict clients allowed to make remote calls to SAM
description: Security policy setting that controls which users can enumerate users and groups in the local Security Accounts Manager (SAM) database.
-ms.prod: windows-client
-ms.technology: itpro-security
ms.localizationpriority: medium
ms.date: 09/17/2018
author: vinaypamnani-msft
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
index 57882060a6..d4d2161114 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations, and more for t
ms.assetid: f3e4b919-8279-4972-b415-5f815e2f0a1a
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Shares that can be accessed anonymously
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
index 9665aaaaf7..3e5ed1f57e 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 0b3d703c-ea27-488f-8f59-b345af75b994
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network access: Sharing and security model for local accounts
diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
index 04167671df..36e4ff299e 100644
--- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
@@ -4,7 +4,6 @@ description: Network List Manager policies are security settings that configure
ms.assetid: bd8109d4-b07c-4beb-a9a6-affae2ba2fda
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network List Manager policies
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md
index 509602f606..9d920c4925 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md
@@ -4,7 +4,6 @@ description: Location, values, policy management, and security considerations fo
ms.assetid: c46a658d-b7a4-4139-b7ea-b9268c240053
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 10/04/2021
-ms.technology: itpro-security
---
# Network security: Allow Local System to use computer identity for NTLM
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
index 02d157f8db..db63f8cfbc 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 5b72edaa-bec7-4572-b6f0-648fc38f5395
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Allow LocalSystem NULL session fallback
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
index 202d37d4e5..9ebd32dab8 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md
@@ -4,7 +4,6 @@ description: Best practices for the Network Security Allow PKU2U authentication
ms.assetid: e04a854e-d94d-4306-9fb3-56e9bd7bb926
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 01/03/2022
-ms.technology: itpro-security
---
# Network security: Allow PKU2U authentication requests to this computer to use online identities
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
index 5e1c37d2b4..dddf04ec16 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
@@ -3,7 +3,6 @@ title: Network security Configure encryption types allowed for Kerberos
description: Best practices, location, values and security considerations for the policy setting, Network security Configure encryption types allowed for Kerberos Win7 only.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
@@ -12,7 +11,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Configure encryption types allowed for Kerberos
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
index c708a656d1..a421232bf4 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 6452b268-e5ba-4889-9d38-db28f919af51
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Do not store LAN Manager hash value on next password change
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
index 665eee915f..7af8f09acd 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: 64d5dde4-58e4-4217-b2c4-73bd554ec926
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Force logoff when logon hours expire
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
index 57246a6f27..806700542f 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management and security co
ms.assetid: bbe1a98c-420a-41e7-9d3c-3a2fe0f1843e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: LAN Manager authentication level
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
index 2199e96b47..1c8757c3f8 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management and security co
ms.assetid: 38b35489-eb5b-4035-bc87-df63de50509c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: LDAP client signing requirements
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
index 5bda79521f..5c12f9b876 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, Network se
ms.assetid: 89903de8-23d0-4e0f-9bef-c00cb7aebf00
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 07/27/2017
-ms.technology: itpro-security
---
# Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
index ebae59999d..952c7a8873 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md
@@ -4,7 +4,6 @@ description: Best practices and security considerations for the policy setting,
ms.assetid: c6a60c1b-bc8d-4d02-9481-f847a411b4fc
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
index b0e28dc0b1..bc6bb0004a 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: 9b017399-0a54-4580-bfae-614c2beda3a1
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
index b6aa571487..fe6fa9e00a 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 2f981b68-6aa7-4dd9-b53d-d88551277cc0
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Add server exceptions in this domain
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
index c81152a791..23ba1014a2 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations and more for the security p
ms.assetid: 37e380c2-22e1-44cd-9993-e12815b845cf
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Audit incoming NTLM traffic
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
index f79dd47f62..533e169c84 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
@@ -3,13 +3,11 @@ title: Network security Restrict NTLM Audit NTLM authentication in this domain
description: Best practices, security considerations, and more for the security policy setting, Network Security Restrict NTLM Audit NTLM authentication in this domain.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Audit NTLM authentication in this domain
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
index 5f964c33cc..9432404d9c 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: c0eff7d3-ed59-4004-908a-2205295fefb8
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Incoming NTLM traffic
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
index 8b9e4f8973..039bfedb88 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md
@@ -3,12 +3,10 @@ title: Network security Restrict NTLM in this domain
description: Learn about best practices, security considerations and more for the security policy setting, Network Security Restrict NTLM NTLM authentication in this domain.
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
-ms.technology: itpro-security
ms.date: 12/31/2017
---
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
index 4869db61ec..fe152c8d75 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations and more for th
ms.assetid: 63437a90-764b-4f06-aed8-a4a26cf81bd1
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 06/15/2022
-ms.technology: itpro-security
---
# Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers
diff --git a/windows/security/threat-protection/security-policy-settings/password-policy.md b/windows/security/threat-protection/security-policy-settings/password-policy.md
index 1d6e578b5c..c9050c5e21 100644
--- a/windows/security/threat-protection/security-policy-settings/password-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/password-policy.md
@@ -4,7 +4,6 @@ description: An overview of password policies for Windows and links to informati
ms.assetid: aec1220d-a875-4575-9050-f02f9c54a3b6
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Password Policy
diff --git a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
index 15ffdec99c..5f1bb7b6cd 100644
--- a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
+++ b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: b6990813-3898-43e2-8221-c9c06d893244
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Perform volume maintenance tasks
diff --git a/windows/security/threat-protection/security-policy-settings/profile-single-process.md b/windows/security/threat-protection/security-policy-settings/profile-single-process.md
index 2bdc87455f..565b612a6f 100644
--- a/windows/security/threat-protection/security-policy-settings/profile-single-process.md
+++ b/windows/security/threat-protection/security-policy-settings/profile-single-process.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: c0963de4-4f5e-430e-bfcd-dfd68e66a075
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Profile single process
diff --git a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
index 6be8f9269b..f0af56ab38 100644
--- a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
+++ b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: ffabc3c5-9206-4105-94ea-84f597a54b2e
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Profile system performance
diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
index 590b49f09b..55d2e7660d 100644
--- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
+++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md
@@ -4,7 +4,6 @@ description: Best practices, location, values, policy management, and security c
ms.assetid: be2498fc-48f4-43f3-ad09-74664e45e596
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Recovery console: Allow automatic administrative logon
diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
index 08ca6beb3f..10304c2de7 100644
--- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
+++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: a5b4ac0c-f33d-42b5-a866-72afa7cbd0bd
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Recovery console: Allow floppy copy and access to all drives and folders
diff --git a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
index 253213f2c1..d7f19e7b40 100644
--- a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
+++ b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 229a385a-a862-4973-899a-413b1b5b6c30
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Remove computer from docking station - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
index d180d2acea..139239d715 100644
--- a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
+++ b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 5add02db-6339-489e-ba21-ccc3ccbe8745
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Replace a process level token
diff --git a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
index 44c6716d50..83a1004c87 100644
--- a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
+++ b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: d5ccf6dd-5ba7-44a9-8e0b-c478d8b1442c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 11/02/2018
-ms.technology: itpro-security
---
# Reset account lockout counter after
diff --git a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
index f970ac8154..85b208bd22 100644
--- a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
+++ b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: c673c0fa-6f49-4edd-8c1f-c5e8513f701d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Restore files and directories - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
index 78ea3fcb09..ebfd260fab 100644
--- a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md
@@ -4,7 +4,6 @@ description: Provides information about the advanced security audit policy setti
ms.assetid: 6BF9A642-DBC3-4101-94A3-B2316C553CE3
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Advanced security audit policy settings for Windows 10
diff --git a/windows/security/threat-protection/security-policy-settings/security-options.md b/windows/security/threat-protection/security-policy-settings/security-options.md
index de522cb6d3..2872bdad4b 100644
--- a/windows/security/threat-protection/security-policy-settings/security-options.md
+++ b/windows/security/threat-protection/security-policy-settings/security-options.md
@@ -4,11 +4,9 @@ description: Introduction to the Security Options settings of the local security
ms.reviewer:
manager: aaroncz
ms.author: vinpa
-ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
ms.date: 01/13/2023
-ms.technology: itpro-security
ms.topic: reference
---
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
index 9db7d59a20..a6167efac3 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
@@ -4,7 +4,6 @@ description: This reference of security settings provides information about how
ms.assetid: ef5a4579-15a8-4507-9a43-b7ccddcb0ed1
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Security policy settings reference
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
index 062aa06d3d..7c394d7e01 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
@@ -4,7 +4,6 @@ description: This reference topic describes the common scenarios, architecture,
ms.assetid: e7ac5204-7f6c-4708-a9f6-6af712ca43b9
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Security policy settings
diff --git a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
index def26ab7ef..24628a2de8 100644
--- a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
+++ b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: c8e8f890-153a-401e-a957-ba6a130304bf
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Shut down the system - security policy setting
diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
index 672e91297b..86b9b4dfd8 100644
--- a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
+++ b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: f3964767-5377-4416-8eb3-e14d553a7315
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Shutdown: Allow system to be shut down without having to log on
diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
index b40140dc0f..da640b385d 100644
--- a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
+++ b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management a
ms.assetid: 31400078-6c56-4891-a6df-6dfb403c4bc9
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 08/01/2017
-ms.technology: itpro-security
---
# Shutdown: Clear virtual memory pagefile
diff --git a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
index 6b4584688f..30ba31a152 100644
--- a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
+++ b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, and security consid
ms.assetid: 57f958c2-f1e9-48bf-871b-0a9b3299e238
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Store passwords using reversible encryption
diff --git a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
index 6744567fe3..b5cbe5f54e 100644
--- a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
+++ b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 97b0aaa4-674f-40f4-8974-b4bfb12c232c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Synchronize directory service data
diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
index 597b9027a0..b72384f5df 100644
--- a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
+++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: 8cbff267-881e-4bf6-920d-b583a5ff7de0
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# System cryptography: Force strong key protection for user keys stored on the computer
diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
index d660ac1952..2c4c5679ce 100644
--- a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
+++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: 83988865-dc0f-45eb-90d1-ee33495eb045
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 11/16/2018
-ms.technology: itpro-security
---
# System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
index 3694fe2434..1f8e7eadab 100644
--- a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
+++ b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations and more for the security p
ms.assetid: 340d6769-8f33-4067-8470-1458978d1522
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# System objects: Require case insensitivity for non-Windows subsystems
diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
index 8358279b2d..2045194c25 100644
--- a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, System obj
ms.assetid: 3a592097-9cf5-4fd0-a504-7cbfab050bb6
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# System objects: Strengthen default permissions of internal system objects (for example, Symbolic Links)
diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
index ef7ca4315a..b33abc4d19 100644
--- a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
+++ b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: 5cb6519a-4f84-4b45-8072-e2aa8a72fb78
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# System settings: Optional subsystems
diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
index fee999b57a..61df619542 100644
--- a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
+++ b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, System set
ms.assetid: 2380d93b-b553-4e56-a0c0-d1ef740d089c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# System settings: Use certificate rules on Windows executables for Software Restriction Policies
diff --git a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
index 39152767a9..1563e3d995 100644
--- a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
+++ b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md
@@ -4,7 +4,6 @@ description: Describes the best practices, location, values, policy management,
ms.assetid: cb8595d1-74cc-4176-bb15-d97663eebb2d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# Take ownership of files or other objects
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
index 58989112e3..1dbf68c41d 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: d465fc27-1cd2-498b-9cf6-7ad2276e5998
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/08/2017
-ms.technology: itpro-security
---
# User Account Control: Admin Approval Mode for the Built-in Administrator account
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
index eb9a42ffeb..4452ee2e72 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md
@@ -4,7 +4,6 @@ description: Best practices and more for the policy setting, User Account Contro
ms.assetid: fce20472-3c93-449d-b520-13c4c74a9892
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
index 8acd28314d..ba2ac6f92a 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md
@@ -4,7 +4,6 @@ description: Best practices and more for the security policy setting, User Accou
ms.assetid: 46a3c3a2-1d2e-4a6f-b5e6-29f9592f535d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 09/08/2017
-ms.technology: itpro-security
---
# User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
index 6a471c51bb..f4ef816fc7 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md
@@ -2,12 +2,10 @@
title: Behavior of the elevation prompt for standard users
description: Learn about best practices, security considerations, and more for the policy setting, User Account Control Behavior of the elevation prompt for standard users.
ms.author: vinpa
-ms.prod: windows-client
author: vinaypamnani-msft
manager: aaroncz
ms.topic: reference
ms.date: 01/18/2023
-ms.technology: itpro-security
---
# User Account Control: Behavior of the elevation prompt for standard users
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
index ea22f7f177..4456c3de17 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the security policy setting
ms.assetid: 3f8cb170-ba77-4c9f-abb3-c3ed1ef264fc
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Detect application installations and prompt for elevation
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
index 92d124a4f7..ace44a281a 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the security
ms.assetid: 64950a95-6985-4db6-9905-1db18557352d
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Only elevate executables that are signed and validated
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
index 4aad366985..68167d5fe5 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md
@@ -4,7 +4,6 @@ description: Learn about best practices and more for the policy setting, User Ac
ms.assetid: 4333409e-a5be-4f2f-8808-618f53abd22c
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Only elevate UIAccess applications that are installed in secure locations
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
index 97d8752204..f8aa1b8eec 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md
@@ -4,7 +4,6 @@ description: Learn about best practices, security considerations and more for th
ms.assetid: b838c561-7bfc-41ef-a7a5-55857259c7bf
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Run all administrators in Admin Approval Mode
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
index 9059607fe2..97f904064a 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations, and more for the policy se
ms.assetid: 77a067db-c70d-4b02-9861-027503311b8b
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Switch to the secure desktop when prompting for elevation
diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
index adb9f83c7e..eb289356c6 100644
--- a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
+++ b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md
@@ -4,7 +4,6 @@ description: Best practices, security considerations and more for the policy set
ms.assetid: a7b47420-cc41-4b1c-b03e-f67a05221261
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -14,7 +13,6 @@ manager: aaroncz
audience: ITPro
ms.topic: reference
ms.date: 04/19/2017
-ms.technology: itpro-security
---
# User Account Control: Virtualize file and registry write failures to per-user locations
diff --git a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
index 3ca31c4fe8..0ce9074142 100644
--- a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
+++ b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
@@ -4,7 +4,6 @@ description: Provides an overview and links to information about the User Rights
ms.assetid: 99340252-60be-4c79-b0a5-56fbe1a9b0c5
ms.reviewer:
ms.author: vinpa
-ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
@@ -17,7 +16,6 @@ ms.collection:
- tier3
ms.topic: reference
ms.date: 12/16/2021
-ms.technology: itpro-security
---
# User Rights Assignment
diff --git a/windows/whats-new/windows-licensing.md b/windows/whats-new/windows-licensing.md
index d6f384c4f5..d4ac767421 100644
--- a/windows/whats-new/windows-licensing.md
+++ b/windows/whats-new/windows-licensing.md
@@ -1,7 +1,7 @@
---
title: Windows commercial licensing overview
description: Learn about products and use rights available through Windows commercial licensing.
-ms.prod: windows-client
+ms.subservice: itpro-security
author: paolomatarazzo
ms.author: paoloma
manager: aaroncz
@@ -11,7 +11,7 @@ ms.topic: overview
ms.date: 05/04/2023
appliesto:
- ✅ Windows 11
-ms.technology: itpro-security
+ms.service: windows-client
---
# Windows Commercial Licensing overview