From 846d7f630f1a7ad8057e7bf1ab34eb8dc47da597 Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Fri, 11 Aug 2017 18:08:04 -0700 Subject: [PATCH] test link to xml --- .../evaluate-controlled-folder-access.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md index 97eefc24c9..d06826fae9 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md +++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md @@ -62,7 +62,7 @@ You can enable Controlled Folder Access, run the tool, and see what the experien 8. You can also review the Windows Event log to see the events there were created: 1. Type **Event viewer** in the Start menu to open the Windows Event Viewer. 2. On the left panel, under **Actions**, click **Import custom view...** - 3. Navigate to the Exploit Guard Evaluation Package, and select the file *cfa-events.xml*. + 3. Navigate to the Exploit Guard Evaluation Package, and select the file *cfa-events.xml*. Alternatively, [download the XML directly](scripts/cfa-events.xml). 4. Click **OK**. 5. This will create a custom view that filters to only show the following events related to Controlled Folder Access: