From 9c2a9487052b4f918474c4500aded6b2d916a159 Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Wed, 23 Mar 2022 19:51:27 -0700
Subject: [PATCH] 38386504 Adding link from signed policy to 3099 rules

---
 ...-windows-defender-application-control-against-tampering.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
index 578058661d..d58d8b9a55 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
@@ -109,3 +109,7 @@ If you do not have a code signing certificate, see [Optional: Create a code sign
 
 > [!NOTE]
 > The device with the signed policy must be rebooted one time with Secure Boot enabled for the UEFI lock to be set. 
+
+## Disable unsigned Windows Defender Application Control policies
+
+For information regarding Event ID 3099 Options, see [Understanding Application Control events](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#event-id-3099-options).