From b4295544c7e8ccac5962e8725e34e804ec3faaac Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Thu, 14 Jun 2018 17:07:02 -0700
Subject: [PATCH] update allowed blocked lists

---
 ...ced-hunting-windows-defender-advanced-threat-protection.md | 4 +++-
 ...locked-list-windows-defender-advanced-threat-protection.md | 4 +---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
index c5a0aa9147..c8d4b355cc 100644
--- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 04/24/2018
+ms.date: 06/13/2018
 ---
 
 # Query data using Advanced hunting in Windows Defender ATP
@@ -54,6 +54,8 @@ We then add a filter on the _FileName_  to contain only instances of _powershell
 Afterwards, we add a filter on the _ProcessCommandLine_
 Finally, we  project only the columns we're interested in exploring and limit the results to 100 and click **Run query**.
 
+You have the option of expanding the screen view so you can focus on your hunting query and related results.
+
 ### Use operators
 The query language is very powerful and has a lot of available operators, some of them are - 
 
diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md
index f1e3dbc4a5..824dbb804b 100644
--- a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md
@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 06/11/2018
+ms.date: 06/14/2018
 ---
 
 # Manage automation allowed/blocked lists
@@ -43,8 +43,6 @@ You can define the conditions for when entities are identified as malicious or s
    - Certificate
    - IP address
    - DNS
-   - Email
-   - Process memory
 
 3. Click **Add system exclusion**.