Merge branch 'main' into metasecurity5

windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md

@@ -1,7 +1,7 @@
 ---
 title: How Windows Hello for Business works (Windows)
 description: Learn about registration, authentication, key material, and infrastructure for Windows Hello for Business.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.localizationpriority: high
 author: paolomatarazzo
 ms.author: paoloma

windows/security/threat-protection/auditing/event-4908.md

@@ -2,7 +2,7 @@
 title: 4908(S) Special Groups Logon table modified. (Windows 10)
 description: Describes security event 4908(S) Special Groups Logon table modified. This event is generated when the Special Groups Logon table is modified.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4908(S): Special Groups Logon table modified.
@@ -70,7 +70,7 @@ For more information about Special Groups auditing, see [4908(S): Special Groups
 
 ***Field Descriptions:***
 
-**Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event.
+**Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID can't be resolved, you'll see the source data in the event.
 
 > [!NOTE]
 > A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers).
@@ -83,7 +83,7 @@ For more information about Special Groups auditing, see [4908(S): Special Groups
 
 For 4908(S): Special Groups Logon table modified.
 
--   If you use the Special Groups feature, then this event should be always monitored, especially on high value assets or computers. If this change was not planned, investigate the reason for the change.
+-   If you use the Special Groups feature, then this event should be always monitored, especially on high value assets or computers. If this change wasn't planned, investigate the reason for the change.
 
 -   If you don’t use the Special Groups feature, then this event should be always monitored because it indicates use of the Special Groups feature outside of your standard procedures.
 

windows/security/threat-protection/auditing/event-4909.md

@@ -2,7 +2,7 @@
 title: 4909(-) The local policy settings for the TBS were changed. (Windows 10)
 description: Describes security event 4909(-) The local policy settings for the TBS were changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4909(-): The local policy settings for the TBS were changed.

windows/security/threat-protection/auditing/event-4910.md

@@ -2,7 +2,7 @@
 title: 4910(-) The group policy settings for the TBS were changed. (Windows 10)
 description: Describes security event 4910(-) The group policy settings for the TBS were changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4910(-): The group policy settings for the TBS were changed.

windows/security/threat-protection/auditing/event-4911.md

@@ -2,7 +2,7 @@
 title: 4911(S) Resource attributes of the object were changed. (Windows 10)
 description: Describes security event 4911(S) Resource attributes of the object were changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4911(S): Resource attributes of the object were changed.

windows/security/threat-protection/auditing/event-4912.md

@@ -2,7 +2,7 @@
 title: 4912(S) Per User Audit Policy was changed. (Windows 10)
 description: Describes security event 4912(S) Per User Audit Policy was changed. This event is generated every time Per User Audit Policy is changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4912(S): Per User Audit Policy was changed.

windows/security/threat-protection/auditing/event-4913.md

@@ -2,7 +2,7 @@
 title: 4913(S) Central Access Policy on the object was changed. (Windows 10)
 description: Describes security event 4913(S) Central Access Policy on the object was changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4913(S): Central Access Policy on the object was changed.

windows/security/threat-protection/auditing/event-4928.md

@@ -2,7 +2,7 @@
 title: 4928(S, F) An Active Directory replica source naming context was established. (Windows 10)
 description: Describes security event 4928(S, F) An Active Directory replica source naming context was established.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4928(S, F): An Active Directory replica source naming context was established.

windows/security/threat-protection/auditing/event-4929.md

@@ -2,7 +2,7 @@
 title: 4929(S, F) An Active Directory replica source naming context was removed. (Windows 10)
 description: Describes security event 4929(S, F) An Active Directory replica source naming context was removed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4929(S, F): An Active Directory replica source naming context was removed.

windows/security/threat-protection/auditing/event-4930.md

@@ -2,7 +2,7 @@
 title: 4930(S, F) An Active Directory replica source naming context was modified. (Windows 10)
 description: Describes security event 4930(S, F) An Active Directory replica source naming context was modified.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4930(S, F): An Active Directory replica source naming context was modified.

windows/security/threat-protection/auditing/event-4931.md

@@ -2,7 +2,7 @@
 title: 4931(S, F) An Active Directory replica destination naming context was modified. (Windows 10)
 description: Describes security event 4931(S, F) An Active Directory replica destination naming context was modified.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4931(S, F): An Active Directory replica destination naming context was modified.

windows/security/threat-protection/auditing/event-4932.md

@@ -2,7 +2,7 @@
 title: 4932(S) Synchronization of a replica of an Active Directory naming context has begun. (Windows 10)
 description: Describes security event 4932(S) Synchronization of a replica of an Active Directory naming context has begun.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4932(S): Synchronization of a replica of an Active Directory naming context has begun.

windows/security/threat-protection/auditing/event-4933.md

@@ -2,7 +2,7 @@
 title: 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended. (Windows 10)
 description: Describes security event 4933(S, F) Synchronization of a replica of an Active Directory naming context has ended.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4933(S, F): Synchronization of a replica of an Active Directory naming context has ended.

windows/security/threat-protection/auditing/event-4934.md

@@ -2,7 +2,7 @@
 title: 4934(S) Attributes of an Active Directory object were replicated. (Windows 10)
 description: Describes security event 4934(S) Attributes of an Active Directory object were replicated.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4934(S): Attributes of an Active Directory object were replicated.

windows/security/threat-protection/auditing/event-4935.md

@@ -2,7 +2,7 @@
 title: 4935(F) Replication failure begins. (Windows 10)
 description: Describes security event 4935(F) Replication failure begins. This event is generated when Active Directory replication failure begins.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4935(F): Replication failure begins.

windows/security/threat-protection/auditing/event-4936.md

@@ -2,7 +2,7 @@
 title: 4936(S) Replication failure ends. (Windows 10)
 description: Describes security event 4936(S) Replication failure ends. This event is generated when Active Directory replication failure ends.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4936(S): Replication failure ends.

windows/security/threat-protection/auditing/event-4937.md

@@ -2,7 +2,7 @@
 title: 4937(S) A lingering object was removed from a replica. (Windows 10)
 description: Describes security event 4937(S) A lingering object was removed from a replica.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4937(S): A lingering object was removed from a replica.

windows/security/threat-protection/auditing/event-4944.md

@@ -2,7 +2,7 @@
 title: 4944(S) The following policy was active when the Windows Firewall started. (Windows 10)
 description: Describes security event 4944(S) The following policy was active when the Windows Firewall started.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4944(S): The following policy was active when the Windows Firewall started.

windows/security/threat-protection/auditing/event-4945.md

@@ -2,7 +2,7 @@
 title: 4945(S) A rule was listed when the Windows Firewall started. (Windows 10)
 description: Describes security event 4945(S) A rule was listed when the Windows Firewall started.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4945(S): A rule was listed when the Windows Firewall started.

windows/security/threat-protection/auditing/event-4946.md

@@ -2,7 +2,7 @@
 title: 4946(S) A change has been made to Windows Firewall exception list. A rule was added. (Windows 10)
 description: Describes security event 4946(S) A change has been made to Windows Firewall exception list. A rule was added.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4946(S): A change has been made to Windows Firewall exception list. A rule was added.

windows/security/threat-protection/auditing/event-4947.md

@@ -2,7 +2,7 @@
 title: 4947(S) A change has been made to Windows Firewall exception list. A rule was modified. (Windows 10)
 description: Describes security event 4947(S) A change has been made to Windows Firewall exception list. A rule was modified.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4947(S): A change has been made to Windows Firewall exception list. A rule was modified.

windows/security/threat-protection/auditing/event-4948.md

@@ -2,7 +2,7 @@
 title: 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted. (Windows 10)
 description: Describes security event 4948(S) A change has been made to Windows Firewall exception list. A rule was deleted.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4948(S): A change has been made to Windows Firewall exception list. A rule was deleted.

windows/security/threat-protection/auditing/event-4949.md

@@ -2,7 +2,7 @@
 title: 4949(S) Windows Firewall settings were restored to the default values. (Windows 10)
 description: Describes security event 4949(S) Windows Firewall settings were restored to the default values.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4949(S): Windows Firewall settings were restored to the default values.

windows/security/threat-protection/auditing/event-4950.md

@@ -2,7 +2,7 @@
 title: 4950(S) A Windows Firewall setting has changed. (Windows 10)
 description: Describes security event 4950(S) A Windows Firewall setting has changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4950(S): A Windows Firewall setting has changed.

windows/security/threat-protection/auditing/event-4951.md

@@ -2,7 +2,7 @@
 title: 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall. (Windows 10)
 description: Describes security event 4951(F) A rule has been ignored because its major version number wasn't recognized by Windows Firewall.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4951(F): A rule has been ignored because its major version number wasn't recognized by Windows Firewall.

windows/security/threat-protection/auditing/event-4952.md

@@ -2,7 +2,7 @@
 title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced. (Windows 10)
 description: Security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4952(F): Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.

windows/security/threat-protection/auditing/event-4953.md

@@ -2,7 +2,7 @@
 title: 4953(F) Windows Firewall ignored a rule because it couldn't be parsed. (Windows 10)
 description: Describes security event 4953(F) Windows Firewall ignored a rule because it couldn't be parsed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4953(F): Windows Firewall ignored a rule because it couldn't be parsed.

windows/security/threat-protection/auditing/event-4954.md

@@ -2,7 +2,7 @@
 title: 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied. (Windows 10)
 description: Describes security event 4954(S) Windows Firewall Group Policy settings have changed. The new settings have been applied.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4954(S): Windows Firewall Group Policy settings have changed. The new settings have been applied.

windows/security/threat-protection/auditing/event-4956.md

@@ -2,7 +2,7 @@
 title: 4956(S) Windows Firewall has changed the active profile. (Windows 10)
 description: Describes security event 4956(S) Windows Firewall has changed the active profile.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4956(S): Windows Firewall has changed the active profile.

windows/security/threat-protection/auditing/event-4957.md

@@ -2,7 +2,7 @@
 title: 4957(F) Windows Firewall did not apply the following rule. (Windows 10)
 description: Describes security event 4957(F) Windows Firewall didn't apply the following rule.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4957(F): Windows Firewall did not apply the following rule.

windows/security/threat-protection/auditing/event-4958.md

@@ -2,7 +2,7 @@
 title: 4958(F) Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer. (Windows 10)
 description: Describes security event 4958(F) Windows Firewall didn't apply the following rule because the rule referred to items not configured on this computer.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4958(F): Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer.

windows/security/threat-protection/auditing/event-4964.md

@@ -2,7 +2,7 @@
 title: 4964(S) Special groups have been assigned to a new logon. (Windows 10)
 description: Describes security event 4964(S) Special groups have been assigned to a new logon.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4964(S): Special groups have been assigned to a new logon.

windows/security/threat-protection/auditing/event-4985.md

@@ -2,7 +2,7 @@
 title: 4985(S) The state of a transaction has changed. (Windows 10)
 description: Describes security event 4985(S) The state of a transaction has changed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 4985(S): The state of a transaction has changed.

windows/security/threat-protection/auditing/event-5024.md

@@ -2,7 +2,7 @@
 title: 5024(S) The Windows Firewall Service has started successfully. (Windows 10)
 description: Describes security event 5024(S) The Windows Firewall Service has started successfully.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5024(S): The Windows Firewall Service has started successfully.

windows/security/threat-protection/auditing/event-5025.md

@@ -2,7 +2,7 @@
 title: 5025(S) The Windows Firewall Service has been stopped. (Windows 10)
 description: Describes security event 5025(S) The Windows Firewall Service has been stopped.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5025(S): The Windows Firewall Service has been stopped.

windows/security/threat-protection/auditing/event-5027.md

@@ -2,7 +2,7 @@
 title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. (Windows 10)
 description: Details on security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5027(F): The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.

windows/security/threat-protection/auditing/event-5028.md

@@ -2,7 +2,7 @@
 title: 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy. (Windows 10)
 description: Describes security event 5028(F) The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5028(F): The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.

windows/security/threat-protection/auditing/event-5029.md

@@ -2,7 +2,7 @@
 title: 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy. (Windows 10)
 description: Describes security event 5029(F) The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5029(F): The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.

windows/security/threat-protection/auditing/event-5030.md

@@ -2,7 +2,7 @@
 title: 5030(F) The Windows Firewall Service failed to start. (Windows 10)
 description: Describes security event 5030(F) The Windows Firewall Service failed to start.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5030(F): The Windows Firewall Service failed to start.

windows/security/threat-protection/auditing/event-5031.md

@@ -5,13 +5,13 @@ manager: aaroncz
 ms.author: vinpa
 description: Describes security event 5031(F) The Windows Firewall Service blocked an application from accepting incoming connections on the network.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: vinaypamnani-msft
 ms.date: 09/08/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5031(F): The Windows Firewall Service blocked an application from accepting incoming connections on the network.

windows/security/threat-protection/auditing/event-5032.md

@@ -2,7 +2,7 @@
 title: 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. (Windows 10)
 description: Describes security event 5032(F) Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5032(F): Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

windows/security/threat-protection/auditing/event-5033.md

@@ -2,7 +2,7 @@
 title: 5033(S) The Windows Firewall Driver has started successfully. (Windows 10)
 description: Describes security event 5033(S) The Windows Firewall Driver has started successfully.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5033(S): The Windows Firewall Driver has started successfully.

windows/security/threat-protection/auditing/event-5034.md

@@ -2,7 +2,7 @@
 title: 5034(S) The Windows Firewall Driver was stopped. (Windows 10)
 description: Describes security event 5034(S) The Windows Firewall Driver was stopped.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5034(S): The Windows Firewall Driver was stopped.

windows/security/threat-protection/auditing/event-5035.md

@@ -2,7 +2,7 @@
 title: 5035(F) The Windows Firewall Driver failed to start. (Windows 10)
 description: Describes security event 5035(F) The Windows Firewall Driver failed to start.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5035(F): The Windows Firewall Driver failed to start.

windows/security/threat-protection/auditing/event-5037.md

@@ -2,7 +2,7 @@
 title: 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating. (Windows 10)
 description: Describes security event 5037(F) The Windows Firewall Driver detected critical runtime error. Terminating.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5037(F): The Windows Firewall Driver detected critical runtime error. Terminating.

windows/security/threat-protection/auditing/event-5038.md

@@ -2,7 +2,7 @@
 title: 5038(F) Code integrity determined that the image hash of a file is not valid. (Windows 10)
 description: Describes security event 5038(F) Code integrity determined that the image hash of a file isn't valid.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5038(F): Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

windows/security/threat-protection/auditing/event-5039.md

@@ -2,7 +2,7 @@
 title: 5039(-) A registry key was virtualized. (Windows 10)
 description: Describes security event 5039(-) A registry key was virtualized. This event is generated when a registry key is virtualized using LUAFV.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5039(-): A registry key was virtualized.

windows/security/threat-protection/auditing/event-5051.md

@@ -2,7 +2,7 @@
 title: 5051(-) A file was virtualized. (Windows 10)
 description: Describes security event 5051(-) A file was virtualized. This event is generated when a file is virtualized using LUAFV.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5051(-): A file was virtualized.

windows/security/threat-protection/auditing/event-5056.md

@@ -2,7 +2,7 @@
 title: 5056(S) A cryptographic self-test was performed. (Windows 10)
 description: Describes security event 5056(S) A cryptographic self-test was performed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5056(S): A cryptographic self-test was performed.

windows/security/threat-protection/auditing/event-5057.md

@@ -2,7 +2,7 @@
 title: 5057(F) A cryptographic primitive operation failed. (Windows 10)
 description: Describes security event 5057(F) A cryptographic primitive operation failed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5057(F): A cryptographic primitive operation failed.

windows/security/threat-protection/auditing/event-5058.md

@@ -2,7 +2,7 @@
 title: 5058(S, F) Key file operation. (Windows 10)
 description: Describes security event 5058(S, F) Key file operation. This event is generated when an operation is performed on a file that contains a KSP key.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/08/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 5058(S, F): Key file operation.

windows/security/threat-protection/auditing/event-6407.md

@@ -2,7 +2,7 @@
 title: 6407(-) 1%. (Windows 10)
 description: Describes security event 6407(-) 1%. This event is a BranchCache event, which is outside the scope of this document.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6407(-): 1%.

windows/security/threat-protection/auditing/event-6408.md

@@ -2,7 +2,7 @@
 title: 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2. (Windows 10)
 description: Describes security event 6408(-) Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6408(-): Registered product %1 failed and Windows Firewall is now controlling the filtering for %2.

windows/security/threat-protection/auditing/event-6409.md

@@ -2,7 +2,7 @@
 title: 6409(-) BranchCache A service connection point object could not be parsed. (Windows 10)
 description: Describes security event 6409(-) BranchCache A service connection point object could not be parsed.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6409(-): BranchCache: A service connection point object could not be parsed.

windows/security/threat-protection/auditing/event-6410.md

@@ -2,7 +2,7 @@
 title: 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process. (Windows 10)
 description: Describes security event 6410(F) Code integrity determined that a file doesn't meet the security requirements to load into a process.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6410(F): Code integrity determined that a file does not meet the security requirements to load into a process.

windows/security/threat-protection/auditing/event-6416.md

@@ -2,7 +2,7 @@
 title: 6416(S) A new external device was recognized by the System. (Windows 10)
 description: Describes security event 6416(S) A new external device was recognized by the System.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6416(S): A new external device was recognized by the System.

windows/security/threat-protection/auditing/event-6419.md

@@ -2,7 +2,7 @@
 title: 6419(S) A request was made to disable a device. (Windows 10)
 description: Describes security event 6419(S) A request was made to disable a device.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6419(S): A request was made to disable a device.

windows/security/threat-protection/auditing/event-6420.md

@@ -2,7 +2,7 @@
 title: 6420(S) A device was disabled. (Windows 10)
 description: Describes security event 6420(S) A device was disabled. This event is generated when a specific device is disabled.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6420(S): A device was disabled.

windows/security/threat-protection/auditing/event-6421.md

@@ -2,7 +2,7 @@
 title: 6421(S) A request was made to enable a device. (Windows 10)
 description: Describes security event 6421(S) A request was made to enable a device.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6421(S): A request was made to enable a device.

windows/security/threat-protection/auditing/event-6422.md

@@ -2,7 +2,7 @@
 title: 6422(S) A device was enabled. (Windows 10)
 description: Describes security event 6422(S) A device was enabled. This event is generated when a specific device is enabled.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6422(S): A device was enabled.

windows/security/threat-protection/auditing/event-6423.md

@@ -2,7 +2,7 @@
 title: 6423(S) The installation of this device is forbidden by system policy. (Windows 10)
 description: Describes security event 6423(S) The installation of this device is forbidden by system policy.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6423(S): The installation of this device is forbidden by system policy.

windows/security/threat-protection/auditing/event-6424.md

@@ -2,7 +2,7 @@
 title: 6424(S) The installation of this device was allowed, after having previously been forbidden by policy. (Windows 10)
 description: Describes security event 6424(S) The installation of this device was allowed, after having previously been forbidden by policy.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # 6424(S): The installation of this device was allowed, after having previously been forbidden by policy.

windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md

@@ -4,7 +4,7 @@ description: The policy setting, File System (Global Object Access Auditing), en
 ms.assetid: 4f215d61-0e23-46e4-9e58-08511105d25b
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # File System (Global Object Access Auditing)

windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md

@@ -1,7 +1,7 @@
 ---
 title: How to get a list of XML data name elements in <EventData> (Windows 10)
 description: This reference article for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in <EventData>.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # How to get a list of XML data name elements in EventData

windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md

@@ -4,7 +4,7 @@ description: Learn how to use advanced security auditing options to monitor chan
 ms.assetid: 553f98a6-7606-4518-a3c5-347a33105130
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor central access policy and rule definitions

windows/security/threat-protection/auditing/monitor-claim-types.md

@@ -4,7 +4,7 @@ description: Learn how to monitor changes to claim types that are associated wit
 ms.assetid: 426084da-4eef-44af-aeec-e7ab4d4e2439
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor claim types

windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md

@@ -4,7 +4,7 @@ description: Learn how to monitor changes to resource attribute definitions when
 ms.assetid: aace34b0-123a-4b83-9e09-f269220e79de
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor resource attribute definitions

windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md

@@ -4,7 +4,7 @@ description: Monitor changes to central access policies associated with files an
 ms.assetid: 2ea8fc23-b3ac-432f-87b0-6a16506e8eed
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor the central access policies associated with files and folders

windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md

@@ -4,7 +4,7 @@ description: Learn how to monitor changes to the central access policies that ap
 ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor the central access policies that apply on a file server

windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md

@@ -4,7 +4,7 @@ description: Learn how to use advanced security auditing options to monitor atte
 ms.assetid: 4944097b-320f-44c7-88ed-bf55946a358b
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor the resource attributes on files and folders

windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md

@@ -4,7 +4,7 @@ description: Learn how advanced security auditing options can be used to monitor
 ms.assetid: b0a9e4a5-b7ff-41c6-96ff-0228d4ba5da8
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor the use of removable storage devices

windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md

@@ -4,7 +4,7 @@ description: Learn how to monitor user and device claims that are associated wit
 ms.assetid: 71796ea9-5fe4-4183-8475-805c3c1f319f
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Monitor user and device claims during sign-in

windows/security/threat-protection/auditing/other-events.md

@@ -2,7 +2,7 @@
 title: Other Events (Windows 10)
 description: Describes the Other Events auditing subcategory, which includes events that are generated automatically and enabled by default.
 ms.pagetype: security
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: medium
@@ -11,7 +11,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Other Events

windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md

@@ -4,7 +4,7 @@ description: Learn to deploy an effective security audit policy in a network tha
 ms.assetid: 7428e1db-aba8-407b-a39e-509671e5a442
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Plan and deploy advanced security audit policies

windows/security/threat-protection/auditing/registry-global-object-access-auditing.md

@@ -4,7 +4,7 @@ description: The Advanced Security Audit policy setting, Registry (Global Object
 ms.assetid: 953bb1c1-3f76-43be-ba17-4aed2304f578
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Registry (Global Object Access Auditing)

windows/security/threat-protection/auditing/security-auditing-overview.md

@@ -4,7 +4,7 @@ description: Learn about security auditing features in Windows, and how your org
 ms.assetid: 2d9b8142-49bd-4a33-b246-3f0c2a5f32d4
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Security auditing

windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md

@@ -4,7 +4,7 @@ description: Domain admins can set up advanced security audit options in Windows
 ms.assetid: 0d2c28ea-bdaf-47fd-bca2-a07dce5fed37
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Using advanced security auditing options to monitor dynamic access control objects

windows/security/threat-protection/auditing/view-the-security-event-log.md

@@ -4,7 +4,7 @@ description: The security log records each event as defined by the audit policie
 ms.assetid: 20DD2ACD-241A-45C5-A92F-4BE0D9F198B9
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # View the security event log

windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md

@@ -4,7 +4,7 @@ description: This reference topic for the IT professional describes which versio
 ms.assetid: 87c71cc5-522d-4771-ac78-34a2a0825f31
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/09/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Which editions of Windows support advanced audit policy configuration

windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md

@@ -1,7 +1,7 @@
 ---
 title: Enable virtualization-based protection of code integrity
 description: This article explains the steps to opt in to using HVCI on Windows devices.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: vinpa
@@ -12,7 +12,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 12/16/2021
 ms.reviewer: 
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Enable virtualization-based protection of code integrity

windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md

@@ -1,14 +1,14 @@
 ---
 title: Windows Defender Application Control and virtualization-based code integrity
 description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with Windows Defender Application Control (WDAC).
-ms.prod: m365-security
+ms.prod: windows-client
 ms.localizationpriority: medium
 author: vinaypamnani-msft
 ms.author: vinpa
 ms.reviewer: 
 manager: aaroncz
 ms.custom: asr
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Windows Defender Application Control and virtualization-based protection of code integrity

windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md

@@ -2,7 +2,7 @@
 title: Deployment guidelines for Windows Defender Device Guard (Windows 10)
 description: Plan your deployment of Hypervisor-Protected Code Integrity (also known as Memory Integrity). Learn about hardware requirements, deployment approaches, code signing and code integrity policies.
 keywords: virtualization, security, malware
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 author: vinaypamnani-msft
@@ -13,7 +13,7 @@ ms.topic: conceptual
 ms.date: 10/20/2017
 ms.reviewer: 
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Baseline protections and other qualifications for virtualization-based protection of code integrity

windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md

@@ -1,7 +1,7 @@
 ---
 title: Configure the Group Policy settings for Microsoft Defender Application Guard (Windows)
 description: Learn about the available Group Policy settings for Microsoft Defender Application Guard.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
@@ -12,7 +12,7 @@ ms.date: 08/22/2022
 ms.reviewer: 
 manager: aaroncz
 ms.custom: sasr
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Configure Microsoft Defender Application Guard policy settings

windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md

@@ -1,7 +1,7 @@
 ---
 title: Enable hardware-based isolation for Microsoft Edge (Windows)
 description: Learn about the Microsoft Defender Application Guard modes (Standalone or Enterprise-managed), and how to install Application Guard in your enterprise.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
@@ -12,7 +12,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.custom: asr
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Prepare to install Microsoft Defender Application Guard

windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender Application Guard Extension
 description: Learn about the Microsoft Defender Application Guard browser extension, which extends Application Guard's protection to more web browsers.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.localizationpriority: medium
 author: vinaypamnani-msft
 ms.author: vinpa
@@ -9,7 +9,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.custom: asr
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Microsoft Defender Application Guard Extension

windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender Application Guard (Windows 10 or Windows 11)
 description: Learn about Microsoft Defender Application Guard and how it helps to combat malicious content and malware out on the Internet.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
@@ -12,7 +12,7 @@ ms.date: 09/09/2021
 ms.reviewer: 
 manager: aaroncz
 ms.custom: asr
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Microsoft Defender Application Guard overview

windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md

@@ -1,7 +1,7 @@
 ---
 title: Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows)
 description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: explore
 ms.sitesec: library
 ms.pagetype: security
@@ -11,7 +11,7 @@ ms.date: 09/28/2020
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 # Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
 **Applies to:**

windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md

@@ -1,13 +1,13 @@
 ---
 title: Microsoft Defender SmartScreen overview
 description: Learn how Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
-ms.prod: m365-security
+ms.prod: windows-client
 author: vinaypamnani-msft
 ms.author: vinpa
 ms.localizationpriority: high
 ms.reviewer: 
 manager: aaroncz
-ms.technology: windows-sec
+ms.technology: itpro-security
 adobe-target: true
 ---
 

windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device.md

@@ -1,7 +1,7 @@
 ---
 title: Set up and use Microsoft Defender SmartScreen on individual devices (Windows)
 description: Learn how employees can use Windows Security to set up Microsoft Defender SmartScreen. Microsoft Defender SmartScreen protects users from running malicious apps.
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: explore
 ms.sitesec: library
 ms.pagetype: security
@@ -11,7 +11,7 @@ ms.date: 10/13/2017
 ms.reviewer: 
 manager: aaroncz
 ms.author: vinpa
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Set up and use Microsoft Defender SmartScreen on individual devices

windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md

@@ -4,7 +4,7 @@ description: Describes best practices, security considerations, and more for the
 ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/19/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Access Credential Manager as a trusted caller

windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, policy management,
 ms.assetid: f6767bc2-83d1-45f1-847c-54f5362db022
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 06/11/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Access this computer from the network - security policy setting

windows/security/threat-protection/security-policy-settings/account-lockout-duration.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
 ms.assetid: a4167bf4-27c3-4a9b-8ef0-04e3c6ec3aa4
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 08/16/2021
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Account lockout duration

windows/security/threat-protection/security-policy-settings/account-lockout-policy.md

@@ -4,7 +4,7 @@ description: Describes the Account Lockout Policy settings and links to informat
 ms.assetid: eb968c28-17c5-405f-b413-50728cb7b724
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 10/11/2018
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Account Lockout Policy

windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
 ms.assetid: 4904bb40-a2bd-4fef-a102-260ba8d74e30
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 11/02/2018
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Account lockout threshold

windows/security/threat-protection/security-policy-settings/account-policies.md

@@ -4,7 +4,7 @@ description: An overview of account policies in Windows and provides links to po
 ms.assetid: 711b3797-b87a-4cd9-a2e3-1f8ef18688fb
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/19/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Account Policies

windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
 ms.assetid: 71a3bd48-1014-49e0-a936-bfe9433af23e
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 08/01/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Accounts: Administrator account status

windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, management, and sec
 ms.assetid: 94c76f45-057c-4d80-8d01-033cf28ef2f7
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 08/10/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Accounts: Block Microsoft accounts

windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, and security consid
 ms.assetid: 07e53fc5-b495-4d02-ab42-5b245d10d0ce
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/19/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Accounts: Guest account status - security policy setting

windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md

@@ -4,7 +4,7 @@ description: Learn best practices, security considerations, and more for the pol
 ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/19/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Accounts: Limit local account use of blank passwords to console logon only

windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md

@@ -4,7 +4,7 @@ description: This security policy reference topic for the IT professional descri
 ms.assetid: d21308eb-7c60-4e48-8747-62b8109844f9
 ms.reviewer: 
 ms.author: vinpa
-ms.prod: m365-security
+ms.prod: windows-client
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
@@ -15,7 +15,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/19/2017
-ms.technology: windows-sec
+ms.technology: itpro-security
 ---
 
 # Accounts: Rename administrator account