deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

add note

Browse Source 
https://github.com/MicrosoftDocs/windows-itpro-docs/issues/10344
This commit is contained in:
VLG17 2022-06-06 16:31:46 +03:00 committed by GitHub
parent b4e41f8b48
commit 7b6ee81e5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
View File

@ -45,6 +45,9 @@ To create effective WDAC deny policies, it's crucial to understand how WDAC pars
5. If no rule exists for the file and it's not allowed based on ISG or MI, then the file is blocked implicitly.
> [!NOTE]
> If your WDAC policy does not have an explicit rule to allow or deny a binary to run, then WDAC will make a call to the cloud to determine whether the binary is familiar and safe. However, if your policy already authorizes or denies the binary, then WDAC will not make a call to the cloud. More details can be found [here](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph?source=docs#how-does-the-integration-between-wdac-and-the-intelligent-security-graph-work).
## Interaction with Existing Policies
### Adding Allow Rules