fix-suggestions

To fix suggestions
2025-05-20 17:27:23 +00:00 · 2021-01-13 17:52:16 +05:30 · 2021-01-13 17:52:16 +05:30 · b1ff74d359
commit b1ff74d359
parent 573509864c
4 changed files with 88 additions and 88 deletions
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
@ -66,39 +66,39 @@ Follow the steps below to onboard endpoints using Microsoft Endpoint Configurati
 1. In Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**.            
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-device-collections.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard1](images/configmgr-device-collections.png)
 2. Right Click **Device Collection** and select **Create Device Collection**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-create-device-collection.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard2](images/configmgr-create-device-collection.png)
 3. Provide a **Name** and **Limiting Collection**, then select **Next**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-limiting-collection.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard3](images/configmgr-limiting-collection.png)
 4. Select **Add Rule** and choose **Query Rule**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-query-rule.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard4](images/configmgr-query-rule.png)
 5.  Click **Next** on the **Direct Membership Wizard** and click on **Edit Query Statement**.
-     ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-direct-membership.png)
+     ![Image of Microsoft Endpoint Configuration Manager wizard5](images/configmgr-direct-membership.png)
 6. Select **Criteria** and then choose the star icon.
-     ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-criteria.png)
+     ![Image of Microsoft Endpoint Configuration Manager wizard6](images/configmgr-criteria.png)
 7. Keep criterion type as **simple value**, choose where as **Operating System - build number**, operator as **is greater than or equal to** and value **14393** and click on **OK**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-simple-value.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard7](images/configmgr-simple-value.png)
 8. Select **Next** and **Close**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-membership-rules.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard8](images/configmgr-membership-rules.png)
 9. Select **Next**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-confirm.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard9](images/configmgr-confirm.png)
 After completing this task, you now have a device collection with all the Windows 10 endpoints in the environment. 
@ -123,22 +123,22 @@ Manager and deploy that policy to Windows 10 devices.
 2. Under Deployment method select the supported version of **Microsoft Endpoint Configuration Manager**.
-    ![Image of Microsoft Defender for Endpoint onboarding wizard](images/mdatp-onboarding-wizard.png)
+    ![Image of Microsoft Defender for Endpoint onboarding wizard10](images/mdatp-onboarding-wizard.png)
 3. Select **Download package**.
-    ![Image of Microsoft Defender for Endpoint onboarding wizard](images/mdatp-download-package.png)
+    ![Image of Microsoft Defender for Endpoint onboarding wizard11](images/mdatp-download-package.png)
 4. Save the package to an accessible location.
 5. In  Microsoft Endpoint Configuration Manager, navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**.
 6. Right-click **Microsoft Defender ATP Policies** and select **Create Microsoft Defender ATP Policy**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-create-policy.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard12](images/configmgr-create-policy.png)
 7. Enter the name and description, verify **Onboarding** is selected, then select **Next**.
-    ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-policy-name.png)
+    ![Image of Microsoft Endpoint Configuration Manager wizard13](images/configmgr-policy-name.png)
 8. Click **Browse**.
@ -147,25 +147,25 @@ Manager and deploy that policy to Windows 10 devices.
 10. Click **Next**.
 11. Configure the Agent with the appropriate samples (**None** or **All file types**).
-    ![Image of configuration settings](images/configmgr-config-settings.png)
+    ![Image of configuration settings1](images/configmgr-config-settings.png)
 12. Select the appropriate telemetry (**Normal** or **Expedited**) then click **Next**.
-    ![Image of configuration settings](images/configmgr-telemetry.png)
+    ![Image of configuration settings2](images/configmgr-telemetry.png)
 14. Verify the configuration, then click **Next**.
-     ![Image of configuration settings](images/configmgr-verify-configuration.png)
+     ![Image of configuration settings3](images/configmgr-verify-configuration.png)
 15. Click **Close** when the Wizard completes.
 16.  In the Microsoft Endpoint Configuration Manager console, right-click the Defender for Endpoint policy you just created and select **Deploy**.
-     ![Image of configuration settings](images/configmgr-deploy.png)
+     ![Image of configuration settings4](images/configmgr-deploy.png)
 17. On the right panel, select the previously created collection and click **OK**.
-    ![Image of configuration settings](images/configmgr-select-collection.png)
+    ![Image of configuration settings5](images/configmgr-select-collection.png)
 #### Previous versions of Windows Client (Windows 7 and Windows 8.1)
@ -257,11 +257,11 @@ needs on how Antivirus is configured.
 3. Right-click on the newly created antimalware policy and select **Deploy**.
-    ![Image of next generation protection pane](images/f5508317cd8c7870627cb4726acd5f3d.png)
+    ![Image of next generation protection pane1](images/f5508317cd8c7870627cb4726acd5f3d.png)
 4. Target the new antimalware policy to your Windows 10 collection and click **OK**.
-     ![Image of next generation protection pane](images/configmgr-select-collection.png)
+     ![Image of next generation protection pane2](images/configmgr-select-collection.png)
 After completing this task, you now have successfully configured Windows
 Defender Antivirus.
@ -284,26 +284,26 @@ To set ASR rules in Audit mode:
 3. Set rules to **Audit** and click **Next**.
-    ![Image of Microsoft Endpoint Configuration Manager console](images/d18e40c9e60aecf1f9a93065cb7567bd.png)
+    ![Image of Microsoft Endpoint Configuration Manager console1](images/d18e40c9e60aecf1f9a93065cb7567bd.png)
 4. Confirm the new Exploit Guard policy by clicking on **Next**.
-    ![Image of Microsoft Endpoint Configuration Manager console](images/0a6536f2c4024c08709cac8fcf800060.png)
+    ![Image of Microsoft Endpoint Configuration Manager console2](images/0a6536f2c4024c08709cac8fcf800060.png)
 5. Once the policy is created click **Close**.
-    ![Image of Microsoft Endpoint Configuration Manager console](images/95d23a07c2c8bc79176788f28cef7557.png)
+    ![Image of Microsoft Endpoint Configuration Manager console3](images/95d23a07c2c8bc79176788f28cef7557.png)
 6.  Right-click on the newly created policy and choose **Deploy**.
-    ![Image of Microsoft Endpoint Configuration Manager console](images/8999dd697e3b495c04eb911f8b68a1ef.png)
+    ![Image of Microsoft Endpoint Configuration Manager console4](images/8999dd697e3b495c04eb911f8b68a1ef.png)
 7. Target the policy to the newly created Windows 10 collection and click **OK**.
-    ![Image of Microsoft Endpoint Configuration Manager console](images/0ccfe3e803be4b56c668b220b51da7f7.png)
+    ![Image of Microsoft Endpoint Configuration Manager console5](images/0ccfe3e803be4b56c668b220b51da7f7.png)
 After completing this task, you now have successfully configured ASR rules in audit mode.  
@ -321,11 +321,11 @@ endpoints. (This may take few minutes)
 4. Click **Configuration** tab in Attack surface reduction rules reports. It shows ASR rules configuration overview and ASR rules status on each devices.
-    ![A screenshot of attack surface reduction rules reports](images/f91f406e6e0aae197a947d3b0e8b2d0d.png)
+    ![A screenshot of attack surface reduction rules reports1](images/f91f406e6e0aae197a947d3b0e8b2d0d.png)
 5. Click each device shows configuration details of ASR rules.
-    ![A screenshot of attack surface reduction rules reports](images/24bfb16ed561cbb468bd8ce51130ca9d.png)
+    ![A screenshot of attack surface reduction rules reports2](images/24bfb16ed561cbb468bd8ce51130ca9d.png)
 See [Optimize ASR rule deployment and
 detections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr)   for more details.  
@ -334,29 +334,29 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros
 #### Set Network Protection rules in Audit mode:
 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and  Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
-    ![A screenshot System Center Configuration Manager](images/728c10ef26042bbdbcd270b6343f1a8a.png)
+    ![A screenshot System Center Configuration Manager1](images/728c10ef26042bbdbcd270b6343f1a8a.png)
 2. Select **Network protection**.
 3. Set the setting to **Audit** and click **Next**. 
-    ![A screenshot System Center Confirugatiom Manager](images/c039b2e05dba1ade6fb4512456380c9f.png)
+    ![A screenshot System Center Confirugatiom Manager2](images/c039b2e05dba1ade6fb4512456380c9f.png)
 4. Confirm the new Exploit Guard Policy by clicking **Next**.
-    ![A screenshot Exploit GUard policy](images/0a6536f2c4024c08709cac8fcf800060.png)
+    ![A screenshot Exploit GUard policy1](images/0a6536f2c4024c08709cac8fcf800060.png)
 5. Once the policy is created click on **Close**.
-    ![A screenshot Exploit GUard policy](images/95d23a07c2c8bc79176788f28cef7557.png)
+    ![A screenshot Exploit GUard policy2](images/95d23a07c2c8bc79176788f28cef7557.png)
 6. Right-click on the newly created policy and choose **Deploy**.
-    ![A screenshot Microsoft Endpoint Configuration Manager ](images/8999dd697e3b495c04eb911f8b68a1ef.png)
+    ![A screenshot Microsoft Endpoint Configuration Manager1](images/8999dd697e3b495c04eb911f8b68a1ef.png)
 7. Select the policy to the newly created Windows 10 collection and choose **OK**.
-    ![A screenshot Microsoft Endpoint Configuration Manager ](images/0ccfe3e803be4b56c668b220b51da7f7.png)
+    ![A screenshot Microsoft Endpoint Configuration Manager2](images/0ccfe3e803be4b56c668b220b51da7f7.png)
 After completing this task, you now have successfully configured Network
 Protection in audit mode.
@ -365,29 +365,29 @@ Protection in audit mode.
 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/728c10ef26042bbdbcd270b6343f1a8a.png)
+    ![A screenshot of Microsoft Endpoint Configuration Manager3](images/728c10ef26042bbdbcd270b6343f1a8a.png)
 2. Select **Controlled folder access**.
 3. Set the configuration to **Audit** and click **Next**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/a8b934dab2dbba289cf64fe30e0e8aa4.png)    
+    ![A screenshot of Microsoft Endpoint Configuration Manager4](images/a8b934dab2dbba289cf64fe30e0e8aa4.png)    
 4. Confirm the new Exploit Guard Policy by clicking on **Next**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/0a6536f2c4024c08709cac8fcf800060.png)
+    ![A screenshot of Microsoft Endpoint Configuration Manager5](images/0a6536f2c4024c08709cac8fcf800060.png)
 5. Once the policy is created click on **Close**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/95d23a07c2c8bc79176788f28cef7557.png)
+    ![A screenshot of Microsoft Endpoint Configuration Manager6](images/95d23a07c2c8bc79176788f28cef7557.png)
 6. Right-click on the newly created policy and choose **Deploy**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/8999dd697e3b495c04eb911f8b68a1ef.png)
+    ![A screenshot of Microsoft Endpoint Configuration Manager7](images/8999dd697e3b495c04eb911f8b68a1ef.png)
 7.  Target the policy to the newly created Windows 10 collection and click **OK**.
-    ![A screenshot of Microsoft Endpoint Configuration Manager ](images/0ccfe3e803be4b56c668b220b51da7f7.png)
+    ![A screenshot of Microsoft Endpoint Configuration Manager8](images/0ccfe3e803be4b56c668b220b51da7f7.png)
 You have now successfully configured Controlled folder access in audit mode.
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
@ -80,12 +80,12 @@ needs.<br>
 2.  Open **Groups > New Group**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/66f724598d9c3319cba27f79dd4617a4.png)
+    > ![Image of Microsoft Endpoint Manager portal1](images/66f724598d9c3319cba27f79dd4617a4.png)
 3.  Enter details and create a new group.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/b1e0206d675ad07db218b63cd9b9abc3.png)
+    > ![Image of Microsoft Endpoint Manager portal2](images/b1e0206d675ad07db218b63cd9b9abc3.png)
 4.  Add your test user or device.
@ -96,7 +96,7 @@ needs.<br>
 7.  Find your test user or device and select it.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/149cbfdf221cdbde8159d0ab72644cd0.png)
+    > ![Image of Microsoft Endpoint Manager portal3](images/149cbfdf221cdbde8159d0ab72644cd0.png)
 8.  Your testing group now has a member to test.
@ -122,7 +122,7 @@ different types of endpoint security policies:
    on **Create Profile**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/58dcd48811147feb4ddc17212b7fe840.png)
+    > ![Image of Microsoft Endpoint Manager portal4](images/58dcd48811147feb4ddc17212b7fe840.png)
 3.  Under **Platform, select Windows 10 and Later, Profile - Endpoint detection
    and response > Create**.
@ -130,39 +130,39 @@ different types of endpoint security policies:
 4.  Enter a name and description, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/a5b2d23bdd50b160fef4afd25dda28d4.png)
+    > ![Image of Microsoft Endpoint Manager portal5](images/a5b2d23bdd50b160fef4afd25dda28d4.png)
 5.  Select settings as required, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/cea7e288b5d42a9baf1aef0754ade910.png)
+    > ![Image of Microsoft Endpoint Manager portal6](images/cea7e288b5d42a9baf1aef0754ade910.png)
    > [!NOTE]
    > In this instance, this has been auto populated as Defender for Endpoint has already been integrated with Intune. For more information on the integration, see [Enable Microsoft Defender for Endpoint in Intune](https://docs.microsoft.com/mem/intune/protect/advanced-threat-protection-configure#to-enable-microsoft-defender-atp).
    > 
    > The following image is an example of what you'll see when Microsoft Defender for Endpoint is NOT integrated with Intune:
    >
-    > ![Image of Microsoft Endpoint Manager portal](images/2466460812371ffae2d19a10c347d6f4.png)
+    > ![Image of Microsoft Endpoint Manager portal7](images/2466460812371ffae2d19a10c347d6f4.png)
 6.  Add scope tags if necessary, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/ef844f52ec2c0d737ce793f68b5e8408.png)
+    > ![Image of Microsoft Endpoint Manager portal8](images/ef844f52ec2c0d737ce793f68b5e8408.png)
 7.  Add test group by clicking on **Select groups to include** and choose your group, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/fc3525e20752da026ec9f46ab4fec64f.png)
+    > ![Image of Microsoft Endpoint Manager portal9](images/fc3525e20752da026ec9f46ab4fec64f.png)
 8.  Review and accept, then select  **Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/289172dbd7bd34d55d24810d9d4d8158.png)
+    > ![Image of Microsoft Endpoint Manager portal10](images/289172dbd7bd34d55d24810d9d4d8158.png)
 9.  You can view your completed policy.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/5a568b6878be8243ea2b9d82d41ed297.png)
+    > ![Image of Microsoft Endpoint Manager portal11](images/5a568b6878be8243ea2b9d82d41ed297.png)
 ### Next-generation protection
@ -171,7 +171,7 @@ different types of endpoint security policies:
 2.  Navigate to **Endpoint security > Antivirus > Create Policy**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/6b728d6e0d71108d768e368b416ff8ba.png)
+    > ![Image of Microsoft Endpoint Manager portal12](images/6b728d6e0d71108d768e368b416ff8ba.png)
 3.  Select **Platform - Windows 10 and Later - Windows and Profile – Microsoft
    Defender Antivirus > Create**.
@ -179,34 +179,34 @@ different types of endpoint security policies:
 4.  Enter name and description, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/a7d738dd4509d65407b7d12beaa3e917.png)
+    > ![Image of Microsoft Endpoint Manager portal13](images/a7d738dd4509d65407b7d12beaa3e917.png)
 5.  In the **Configuration settings page**: Set the configurations you require for
    Microsoft Defender Antivirus (Cloud Protection, Exclusions, Real-Time
    Protection, and Remediation).
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/3840b1576d6f79a1d72eb14760ef5e8c.png)
+    > ![Image of Microsoft Endpoint Manager portal14](images/3840b1576d6f79a1d72eb14760ef5e8c.png)
 6.  Add scope tags if necessary, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/2055e4f9b9141525c0eb681e7ba19381.png)
+    > ![Image of Microsoft Endpoint Manager portal15](images/2055e4f9b9141525c0eb681e7ba19381.png)
 7.  Select groups to include, assign to your test group, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/48318a51adee06bff3908e8ad4944dc9.png)
+    > ![Image of Microsoft Endpoint Manager portal16](images/48318a51adee06bff3908e8ad4944dc9.png)
 8.  Review and create, then select  **Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/dfdadab79112d61bd3693d957084b0ec.png)
+    > ![Image of Microsoft Endpoint Manager portal17](images/dfdadab79112d61bd3693d957084b0ec.png)
 9.  You'll see the configuration policy you created.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/38180219e632d6e4ec7bd25a46398da8.png)
+    > ![Image of Microsoft Endpoint Manager portal18](images/38180219e632d6e4ec7bd25a46398da8.png)
 ### Attack Surface Reduction – Attack surface reduction rules
@ -220,12 +220,12 @@ different types of endpoint security policies:
    rules > Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/522d9bb4288dc9c1a957392b51384fdd.png)
+    > ![Image of Microsoft Endpoint Manager portal19](images/522d9bb4288dc9c1a957392b51384fdd.png)
 5.  Enter a name and description, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png)
+    > ![Image of Microsoft Endpoint Manager portal20](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png)
 6.  In the **Configuration settings page**: Set the configurations you require for
    Attack surface reduction rules, then select  **Next**.
@ -236,27 +236,27 @@ different types of endpoint security policies:
    > For more information, see [Attack surface reduction rules](attack-surface-reduction.md).
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/dd0c00efe615a64a4a368f54257777d0.png)
+    > ![Image of Microsoft Endpoint Manager portal21](images/dd0c00efe615a64a4a368f54257777d0.png)
 7.  Add Scope Tags as required, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
+    > ![Image of Microsoft Endpoint Manager portal22](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
 8.  Select groups to include and assign to test group, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
+    > ![Image of Microsoft Endpoint Manager portal23](images/45cefc8e4e474321b4d47b4626346597.png)
 9. Review the details, then select  **Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/2c2e87c5fedc87eba17be0cdeffdb17f.png)
+    > ![Image of Microsoft Endpoint Manager portal24](images/2c2e87c5fedc87eba17be0cdeffdb17f.png)
 10. View the policy.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/7a631d17cc42500dacad4e995823ffef.png)
+    > ![Image of Microsoft Endpoint Manager portal25](images/7a631d17cc42500dacad4e995823ffef.png)
 ### Attack Surface Reduction – Web Protection
@ -269,12 +269,12 @@ different types of endpoint security policies:
 4.  Select **Windows 10 and Later – Web protection > Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png)
+    > ![Image of Microsoft Endpoint Manager portal26](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png)
 5.  Enter a name and description, then select  **Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/5be573a60cd4fa56a86a6668b62dd808.png)
+    > ![Image of Microsoft Endpoint Manager portal27](images/5be573a60cd4fa56a86a6668b62dd808.png)
 6.  In the **Configuration settings page**: Set the configurations you require for
   Web Protection, then select  **Next**.
@ -285,27 +285,27 @@ different types of endpoint security policies:
    > For more information, see [Web Protection](web-protection-overview.md).
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/6104aa33a56fab750cf30ecabef9f5b6.png)
+    > ![Image of Microsoft Endpoint Manager portal28](images/6104aa33a56fab750cf30ecabef9f5b6.png)
 7.  Add **Scope Tags as required > Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
+    > ![Image of Microsoft Endpoint Manager portal29](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
 8.  Select **Assign to test group > Next**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
+    > ![Image of Microsoft Endpoint Manager portal30](images/45cefc8e4e474321b4d47b4626346597.png)
 9.  Select **Review and Create > Create**.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png)
+    > ![Image of Microsoft Endpoint Manager portal31](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png)
 10. View the policy.
    > [!div class="mx-imgBorder"]
-    > ![Image of Microsoft Endpoint Manager portal](images/e74f6f6c150d017a286e6ed3dffb7757.png)
+    > ![Image of Microsoft Endpoint Manager portal32](images/e74f6f6c150d017a286e6ed3dffb7757.png)
 ## Validate configuration settings
@ -323,22 +323,22 @@ To confirm that the configuration policy has been applied to your test device, f
    steps above. The following example shows the next generation protection settings.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Microsoft Endpoint Manager portal](images/43ab6aa74471ee2977e154a4a5ef2d39.png) ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox)
+    > [ ![Image of Microsoft Endpoint Manager portal33](images/43ab6aa74471ee2977e154a4a5ef2d39.png) ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox)
 2.  Select  the **Configuration Policy** to view the policy status.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Microsoft Endpoint Manager portal](images/55ecaca0e4a022f0e29d45aeed724e6c.png) ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox)
+    > [ ![Image of Microsoft Endpoint Manager portal34](images/55ecaca0e4a022f0e29d45aeed724e6c.png) ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox)
 3.  Select  **Device Status** to see the status.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Microsoft Endpoint Manager portal](images/18a50df62cc38749000dbfb48e9a4c9b.png) ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox)
+    > [ ![Image of Microsoft Endpoint Manager portal35](images/18a50df62cc38749000dbfb48e9a4c9b.png) ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox)
 4.  Select  **User Status** to see the status.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Microsoft Endpoint Manager portal](images/4e965749ff71178af8873bc91f9fe525.png) ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox)
+    > [ ![Image of Microsoft Endpoint Manager portal36](images/4e965749ff71178af8873bc91f9fe525.png) ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox)
 5.  Select  **Per-setting status** to see the status.
@ -346,7 +346,7 @@ To confirm that the configuration policy has been applied to your test device, f
    >This view is very useful to identify any settings that conflict with another policy.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Microsoft Endpoint Manager portal](images/42acc69d0128ed09804010bdbdf0a43c.png) ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox)
+    > [ ![Image of Microsoft Endpoint Manager portal37](images/42acc69d0128ed09804010bdbdf0a43c.png) ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox)
 ### Endpoint detection and response
@ -355,13 +355,13 @@ To confirm that the configuration policy has been applied to your test device, f
    Protection service should not be started.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Services panel](images/b418a232a12b3d0a65fc98248dbb0e31.png) ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox)
+    > [ ![Image of Services panel1](images/b418a232a12b3d0a65fc98248dbb0e31.png) ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox)
 2.  After the configuration has been applied, the Defender for Endpoint
    Protection Service should be started.
    > [!div class="mx-imgBorder"]
-    > [ ![Image of Services panel](images/a621b699899f1b41db211170074ea59e.png) ](images/a621b699899f1b41db211170074ea59e.png#lightbox)
+    > [ ![Image of Services panel2](images/a621b699899f1b41db211170074ea59e.png) ](images/a621b699899f1b41db211170074ea59e.png#lightbox)
 3.  After the services are running on the device, the device appears in Microsoft
    Defender Security Center.
@ -375,7 +375,7 @@ To confirm that the configuration policy has been applied to your test device, f
    manage the settings as shown below.
    > [!div class="mx-imgBorder"]
-    > ![Image of setting page](images/88efb4c3710493a53f2840c3eac3e3d3.png)
+    > ![Image of setting page1](images/88efb4c3710493a53f2840c3eac3e3d3.png)
 2.  After the policy has been applied, you should not be able to manually manage
    the settings.
@ -385,7 +385,7 @@ To confirm that the configuration policy has been applied to your test device, f
    > **Turn on real-time protection** are being shown as managed.
    > [!div class="mx-imgBorder"]
-    > ![Image of setting page](images/9341428b2d3164ca63d7d4eaa5cff642.png)
+    > ![Image of setting page2](images/9341428b2d3164ca63d7d4eaa5cff642.png)
 ### Attack Surface Reduction – Attack surface reduction rules
@ -400,13 +400,13 @@ To confirm that the configuration policy has been applied to your test device, f
    > 
    > AttackSurfaceReductionRules_Ids:
-    ![Image of command line](images/cb0260d4b2636814e37eee427211fe71.png)
+    ![Image of command line1](images/cb0260d4b2636814e37eee427211fe71.png)
 3.  After applying the policy on a test device, open a PowerShell Windows and type `Get-MpPreference`.
 4.  This should respond with the following lines with content as shown below:
-    ![Image of command line](images/619fb877791b1fc8bc7dfae1a579043d.png)
+    ![Image of command line2](images/619fb877791b1fc8bc7dfae1a579043d.png)
 ### Attack Surface Reduction – Web Protection
@ -415,11 +415,11 @@ To confirm that the configuration policy has been applied to your test device, f
 2.  This should respond with a 0 as shown below.
-    ![Image of command line](images/196a8e194ac99d84221f405d0f684f8c.png)
+    ![Image of command line3](images/196a8e194ac99d84221f405d0f684f8c.png)
 3.  After applying the policy, open a PowerShell Windows and type
    `(Get-MpPreference).EnableNetworkProtection`.
 4.  This should respond with a 1 as shown below.
-    ![Image of command line](images/c06fa3bbc2f70d59dfe1e106cd9a4683.png)
+    ![Image of command line4](images/c06fa3bbc2f70d59dfe1e106cd9a4683.png)
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
@ -181,8 +181,8 @@ You'll need to have access to:
 11. Under **Condition**, add the following expression: "length(body('Get_items')?['value'])" and set the condition to equal to 0.
    ![Image of apply to each condition](images/apply-to-each-value.png)  
-    ![Image of condition](images/conditions-2.png) 
+    ![Image of condition1](images/conditions-2.png) 
-    ![Image of condition](images/condition3.png)  
+    ![Image of condition2](images/condition3.png)  
    ![Image of send email](images/send-email.png)
 ## Alert notification
--- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
@ -81,7 +81,7 @@ Icon | Description
 ![Alert icon](images/alert-icon.png)| Alert – Indication of an activity correlated with advanced attacks.
 ![Detection icon](images/detection-icon.png)| Detection – Indication of a malware threat detection.
 ![Active threat icon](images/active-threat-icon.png)| Active threat – Threats actively executing at the time of detection.
-![Remediated icon](images/remediated-icon.png)| Remediated – Threat removed from the device.
+![Remediated icon1](images/remediated-icon.png)| Remediated – Threat removed from the device.
 ![Not remediated icon](images/not-remediated-icon.png)| Not remediated – Threat not removed from the device.
 ![Thunderbolt icon](images/atp-thunderbolt-icon.png)| Indicates events that triggered an alert in the **Alert process tree**.
 ![Device icon](images/atp-machine-icon.png)| Device icon
@ -116,7 +116,7 @@ Icon | Description
 ![Terminated by system](images/terminated-by-system.png) | Automated investigation - terminated by system
 ![Pending icon](images/pending.png) | Automated investigation - pending
 ![Running icon](images/running.png) | Automated investigation - running
-![Remediated icon](images/remediated.png) | Automated investigation - remediated
+![Remediated icon2](images/remediated.png) | Automated investigation - remediated
 ![Partially investigated icon](images/partially_remediated.png) | Automated investigation - partially remediated
 ![Threat insights icon](images/tvm_bug_icon.png) | Threat & Vulnerability Management - threat insights
 ![Possible active alert icon](images/tvm_alert_icon.png) | Threat & Vulnerability Management - possible active alert