From 6ab632525ccb2eaa7a141d11af9635dfb9434b83 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 7 Jun 2023 16:25:20 -0400
Subject: [PATCH] added H2 for AppLocker policies

---
 education/windows/tutorial-deploy-apps-winse/create-policies.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/education/windows/tutorial-deploy-apps-winse/create-policies.md b/education/windows/tutorial-deploy-apps-winse/create-policies.md
index 7445487c8c..78cc6dd729 100644
--- a/education/windows/tutorial-deploy-apps-winse/create-policies.md
+++ b/education/windows/tutorial-deploy-apps-winse/create-policies.md
@@ -166,6 +166,8 @@ Using a WDAC supplemental policy instead, allows you to have more control over w
 To allow apps to run by setting their installers as managed installers, follow the guidance here:
 -->
 
+## AppLocker policies
+
 Additional AppLocker policies work by configuring other apps to be *managed installers*. However, since anything downloaded or installed by a managed installer is trusted to run, it creates a significant security risk. For example, if the executable for a third-party browser is set as a managed installer, anything downloaded from that browser will be allowed to run.
 
 To allow apps to run by setting their installers as managed installers, follow the guidance here: