Merge branch 'master' into pr/10

2025-06-22 05:43:41 +00:00 · 2020-01-22 14:56:51 -08:00
parent c0fae4f9ca eeac6857a3
commit 85223cb274
5 changed files with 13 additions and 7 deletions
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@ -1,11 +1,13 @@
 ---
 title: ApplicationControl CSP
 description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from a MDM server.
+keywords: whitelisting, security, malware
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: ManikaDhiman
+ms.reviewer: jsuther1974
 ms.date: 05/21/2019
 ---

@ -62,6 +64,7 @@ This node specifies whether a policy is actually loaded by the enforcement engin
 Scope is dynamic. Supported operation is Get.

 Value type is bool. Supported values are as follows:
+
 - True — Indicates that the policy is actually loaded by the enforcement engine and is in effect on a system.
 - False — Indicates that the policy is not loaded by the enforcement engine and is not in effect on a system. This is the default.

@ -71,6 +74,7 @@ This node specifies whether a policy is deployed on the system and is present on
 Scope is dynamic. Supported operation is Get.

 Value type is bool. Supported values are as follows:
+
 - True — Indicates that the policy is deployed on the system and is present on the physical machine.
 - False — Indicates that the policy is not deployed on the system and is not present on the physical machine. This is the default.

@ -80,6 +84,7 @@ This node specifies whether the policy is authorized to be loaded by the enforce
 Scope is dynamic. Supported operation is Get.

 Value type is bool. Supported values are as follows:
+
 - True — Indicates that the policy is authorized to be loaded by the enforcement engine on the system.
 - False — Indicates that the policy is not authorized to be loaded by the enforcement engine on the system. This is the default.

@ -215,6 +220,7 @@ The following table displays the result of Get operation on different nodes:
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/FriendlyName|Friendly name per the policy|

 The following is an example of Get command:
+
 ```xml
 <Get>
    <CmdID>1</CmdID>
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@ -24,8 +24,8 @@ ms.date: 05/17/2018

 **Applies to:**

-   Windows 10
-   Windows Server 2016
+- Windows 10
+- Windows Server 2016

 You can use Microsoft Endpoint Manager (MEM) Intune to configure Windows Defender Application Control (WDAC). Intune includes native support for WDAC, which allows you to configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or to also allow reputable apps as defined by the Intelligent Security Graph (ISG). Using the built-in policies can be a helpful starting point, but many customers may find the available circle-of-trust options to be too limited. 

--- a/windows/security/threat-protection/windows-defender-application-control/images/policy-id.png
+++ b/windows/security/threat-protection/windows-defender-application-control/images/policy-id.png
--- a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-assignments.png
+++ b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-assignments.png
--- a/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-create-profile-name.png
+++ b/windows/security/threat-protection/windows-defender-application-control/images/wdac-intune-custom-create-profile-name.png