From 6abae3e201cb408631273b80718698706907a450 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Fri, 3 Dec 2021 09:09:53 -0800
Subject: [PATCH] Update create-wdac-deny-policy.md

---
 .../create-wdac-deny-policy.md                               | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
index 86be7817a7..b88a95b439 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
@@ -111,10 +111,9 @@ Policy 1 is an allowlist of Windows and Microsoft-signed applications. Policy 2
 
 2. **Recommended Deny Rules Types** - signer and file attribute rules are recommended from a security, manageability, and performance perspective. Hash rules should only be utilized where otherwise impossible. The hash of an application is updated for every new version released by the publisher that quickly becomes impractical to manage and protect against new threats where the attacker is quickly iterating on the payload. Additionally, WDAC has optimized parsing of hash rules, but devices may see performance impacts at runtime evaluation when policies have tens of thousands or more hash rules. 
 
-<<<<<<< HEAD
 ## Creating a Deny Policy Tutorial
-Deny rules and policies can be created using the PowerShell cmdlets or the WDAC Wizard [Microsoft WDAC Wizard (webapp-wdac-wizard.azurewebsites.net](https://webapp-wdac-wizard.azurewebsites.net/) We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash. 
-=======
+Deny rules and policies can be created using the PowerShell cmdlets or the WDAC Wizard [Microsoft WDAC Wizard (webapp-wdac-wizard.azurewebsites.net](https://webapp-wdac-wizard.azurewebsites.net) We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash. 
+
 ## Tutorial 
 
 ### Creating a Deny Policy