From ba109ae5ce8aaa5567957b5ed44adcbdb7c2ce78 Mon Sep 17 00:00:00 2001
From: Iaan D'Souza-Wiltshire <iaan.wiltshire@microsoft.com>
Date: Thu, 9 Mar 2017 15:00:43 -0800
Subject: [PATCH] cloud edits

---
 ...-first-sight-windows-defender-antivirus.md |  38 ++++++++++++--
 ...meout-period-windows-defender-antivirus.md |   2 +-
 ...-connections-windows-defender-antivirus.md |   2 +-
 ...d-protection-windows-defender-antivirus.md |   4 +-
 .../images/defender/bafs-block-wdav.png       | Bin 0 -> 80747 bytes
 .../images/defender/bafs-edge.png             | Bin 0 -> 199090 bytes
 ...ection-level-windows-defender-antivirus.md |   4 +-
 ...d-protection-windows-defender-antivirus.md |  47 ++----------------
 8 files changed, 44 insertions(+), 53 deletions(-)
 create mode 100644 windows/keep-secure/WDAV-working/images/defender/bafs-block-wdav.png
 create mode 100644 windows/keep-secure/WDAV-working/images/defender/bafs-edge.png

diff --git a/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md
index 956997e964..211f0e8e3e 100644
--- a/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md
@@ -1,7 +1,7 @@
 ---
 title: Enable Block at First Sight to detect malware in seconds
-description: In Windows 10 the Block at First Sight feature determines and blocks new malware variants in seconds. You can enable the feature with Group Policy.
-keywords: scan, BAFS, malware, first seen, first sight, cloud, MAPS, defender
+description: Enable the Block at First sight feature to detect and block malware within seconds, and validate that it is configured correctly.
+keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
@@ -16,7 +16,7 @@ author: iaanw
 
 
 
-# Configure the Block at First Sight feature
+# Enable and validate the Block at First Sight feature
 
 **Applies to**
 
@@ -56,7 +56,7 @@ In many cases this process can reduce the response time to new malware from hour
 > Suspicious file downloads requiring additional backend processing to reach a determination will be locked by Windows Defender on the first machine where the file is encountered, until it is finished uploading to the backend. Users will see a longer "Running security scan" message in the browser while the file is being uploaded. This might result in what appear to be slower download times for some files.
 
 
-## Confirm Block at First Sight is enabled
+## Confirm and validate Block at First Sight is enabled
 
 Block at First Sight requires a number of Group Policy settings to be configured correctly or it will not work. Usually, these settings are already enabled in most default Windows Defender deployments in enterprise networks.
 
@@ -112,6 +112,36 @@ You can confirm that Block at First Sight is enabled in Windows Settings. The fe
 
 2.	Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**.
 
+### Validate Block at First Sight is working
+
+Tthere are two scenarios that fall into the Block at First Sight feature:
+•	Scenario 1: Windows Defender AV cloud-based protection is able to determine the file is malware or clean based on data sent from the endpoint 
+•	Scenario 2: Windows Defender AV needs to process the file in the cloud-based protection back-end to reach a verdict
+ 
+You can validate Scenario 1 by downloading and attempting to save a sample test file from http://aka.ms/ioavtest.
+
+If BLock at First Sight is configured correctly, you wil lreceive a notification from Windows Defender AV and, depending on your browser, a notice that says the file contained a virus and was deleted.
+
+The Windows Defender AV notification:
+malware-detected
+
+The notification in Edge:
+bafs-edge
+
+
+The notification in Internet Explorer:
+bafs-ie
+
+
+
+The notification in Chrome: 
+chrome-ie
+
+
+
+ - if everything is configured correctly Windows Defender Cloud Protection will determine the file is malware (without needing a copy of the file) and block it based purely on metadata sent to the cloud. 
+
+
 ## Disable Block at First Sight
 
 > [!WARNING]
diff --git a/windows/keep-secure/WDAV-working/configure-cloud-block-timeout-period-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/configure-cloud-block-timeout-period-windows-defender-antivirus.md
index 39fa246f6c..878c5afd45 100644
--- a/windows/keep-secure/WDAV-working/configure-cloud-block-timeout-period-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/configure-cloud-block-timeout-period-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Configure the cloud block timeout period
-description: You can configure how long Windows Defender Antivirus will block a file from running while waiting for a cloud determination
+description: You can configure how long Windows Defender Antivirus will block a file from running while waiting for a cloud determination.
 keywords: windows defender antivirus, antimalware, security, defender, cloud, timeout, block, period, seconds
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
diff --git a/windows/keep-secure/WDAV-working/configure-network-connections-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/configure-network-connections-windows-defender-antivirus.md
index 3c3af607dd..97e231b6af 100644
--- a/windows/keep-secure/WDAV-working/configure-network-connections-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/configure-network-connections-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Configure and test Windows Defender Antivirus network connections
-description: Configure and test your connection to the Windows Defender Antivirus cloud
+description: Configure and test your connection to the Windows Defender Antivirus cloud-delivered protection service.
 keywords: windows defender antivirus, antimalware, security, defender, cloud, aggressiveness, protection level
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
diff --git a/windows/keep-secure/WDAV-working/enable-cloud-protection-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/enable-cloud-protection-windows-defender-antivirus.md
index 7d51c280ca..9d1cd1adbf 100644
--- a/windows/keep-secure/WDAV-working/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/enable-cloud-protection-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
-title: Enable cloud-delivered antivirus protection in Windows Defender Antivirus (Windows 10)
-description: Enable cloud-delivered protection in Windows Defender Antivirus
+title: Enable cloud-delivered protection in Windows Defender Antivirus
+description: Enable cloud-delivered protection to benefit from fast and advanced protection features.
 keywords: windows defender antivirus, antimalware, security, defender, cloud, block at first sight
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
diff --git a/windows/keep-secure/WDAV-working/images/defender/bafs-block-wdav.png b/windows/keep-secure/WDAV-working/images/defender/bafs-block-wdav.png
new file mode 100644
index 0000000000000000000000000000000000000000..0724086ba6312b40c57c410494b2225542c603eb
GIT binary patch
literal 80747
zcmeI5e{7q@8OPtSfmo{sw1S}7icBh`{lKvu$4P9GAeNN28=+a!LOZmrZ|paTM`F9S
z)1=*0Rh=e{b?OjEQ@2$@(}XmwYbT^J!3LTHl!`wP0w!($uy%B`><0{rroj+oU;9ZO
zU+#V1iyP9oULT8@yXT&J?zzuB_uQRPyZZ+2+^}jz(+bP7R&CnYH)vT6qbPS@c^SSx
zeC*a4{Oc3BjoS;BwQ_aoe+|};4_|Lt@i)?2wiUPa-;qdWCtB=OcGzi|p2$Jlvbt`a
z&e_R(onm0v8BJ%poB#E@-!})+sqW^xWBuX&T(2{h-nb|44DGpdOLEV>$#|;y)}9qz
z(+L=uaEf+ddSX0NNKAJ(m+dA{E{Q|UfwD^R-tOkxN&^PA^$!Gkvw0^FYiSQABhk)4
zN4zBxi+8rR-5h8QN7_T-cqq~q3`Y{-cp@AL%zm1CR-n|CPmLr7`);2d4z=#)v0^co
z2!*Dmrdp<=E!q5NC=!pyL*dp?Yikf1!NTrL(Vh-w3hT(ooSi<Wkj$rZ#dJ0kDA~1#
zvy;W{=H}8s{F$BCM2-i_6lU3hVrbgVg(5BCkWZ)nesi~p3D2H|;`&|iWOinr0~WUI
z&N-n$r;we@C!O`XoJ?_@mlLTZ+sRGl$IE<D$&fSdOrT2v&PP05$c<%-*}_=XXWrcG
zJNsgKq_Q~krci3}?dD9UeY%xes9QM{Xob2Ee~I3_V;8geE!pgN4@KF)ocDp=-cnR`
z1U_?jI+Myy6+YV)(z{gFyJF4hvx`nosb?@84Td|nL|PNkNFowLIS~#kMo3e$(T~_q
z*+sh=EAw=9JK0ovWOr3oDw^|c^!Fz=WeP<*lXN!q^<eHT>2xaLIFXngZched$>G*u
zs<Uk*XpeMu1UqA?;nucTB-s&l%9EVm-DSEjo182K5=_&^Pi2!Z&*719T05NfND>>m
zEt(2OB2GteI2CIT#yjG%WH>w$cI?>PK#DQfK%4Vv<RyDt(J9R(g~3wMXlvYVbApi(
zr!-DmI2a#}rGg!HbYwWyIoy#<Mdya_Fyk6(W4eH7+O0$xVy&EchMb-ArE?AA>2e0i
z+4+J~+L+zVb32n$4ri27pYjGz*vV4v=}DHt*GYAS=1D7VanIRqY4>tghk)!W-TlXy
z8gnwH@F!DcEq^10>_~CS&O5h_B0{R!nPhc-H{E<!sFbV6(-&YN3ihs#whYzns{e~+
zs6=sc%+8EDsh-eW0M7}kTRB?K`8#WFx4L&?S1Oqp$>t~QVo!R)9(6*w%xG7rBCL$r
zRmnlU+3{??KbvxTkO#cPO0Ux4lt7k1#M<TE8R-hSWV-&g(rzE0EbDi)hVcnSO5d|x
z)n>ixc5_#?S?^luxiyn6_O#B9riqnar4uw!hB1W8p3~DFi$#%qb+O)KAU*AjZ|h4V
z&lgJhDjJK=cG6osdv34vYzNHpXyuMd!)!;21?65=-sB|3tq&K@5Z^dm`=8U~QWh#R
zT1u;$Eg3`uVy+4<Gas#0aA`oyRl#NEqqPby4T!laxXgUCR>7qKF;@kbnUB^gxHKT<
zs^Bv7(OLzU2E<$yTxLF6tKiarn5%-z%tvb#TpAE_RdAX4Xsv=v17fZUE;ApkRd8uQ
z%vHf<=A*R=E)9seD!9yiv{u2T0Wntvmzj^&D!4Qt=BnT_^U+!bmj=XK6<lUMTC3pF
zfS9X-%gje>6<it+b5(Ge`Dm?zO9NuA3NAArtyOSoK+ILaW#*%`3N8(ZxhlBKe6&`<
zr2#Qljks1+{tTy+!5`e5!k^F_T9JAdf4Vb}+&I{8S$l4>tbO0MtoQIIMECv8vL?fp
z_4gf?l{jQs*JU60`tjSX2J78TeYb6yZm?#c)G$-}mX8n+0z#l#0;NBOE*~Kv1cX5K
z1SD%z&q_3ffDkAVkgOqbAOwWK`4Nz;aell+TL=gN$r=&^LO=+d9|6f4=f_L5g@6!{
ztRXQV1cbo(5%_pD>d#)$P>q`C2mv8*DG-pm#-*^zGDjh>lmx1}YtVqfH_k2P$YM(f
z2!Z+}Aa{-WTsQGr2-J>%WR2Rfmyv})eG-tYQJ?E3UJHTR5s<7=JN7cN5U5WAk~Qjc
z-Nb7lP&)#WHEPFRMiv6~NkFnjeXg5$Ed**uK(a>d*vrU5pgsvm)~L^Q6R(9p?FdNL
zs2zJ5SqRi80m&Nmxo+aM5U3pi$r`m|FCz<q`XnG(qdwP7ycPnrBOqC$cI;(jAyA(L
zBx}^?x{239pmqc#Yt)Xtj4TA|lYnH6`dl~hS_ssRfMku@v6qpBKz$OZS=KoBn@3M=
z-}>_EM*Q>VJ2s+Pp8&;cA#lkNsOtYyp8k&VkN)?DQfher?3uTJb@YR`-@b15w;I3r
zB_N0VpFeyMg{!_iborVl6i9x_t%gik2-E|CWxZ?s<*VC~9p3xXA3yoE9XCCFf>Q$u
z&A)!^nr}>?2?|iVK<GlD(9xquVf_C4?{92uJay`ndmuCo4i38IOCrJO@L@?z!N`dd
zCoqepvUZW!!Hn|x{E|2WJ4<B>{vcZ58^U8rd|N6b9MVf=uo^q(@pqJ0V{SnmWCuST
z<PORsc(eHFER{T0{w&%WmTK?by+cDoi?(nHcEql0X=!=srI!MMfMNRQ&RwK`6+Ya)
zXniyAybw*xde=}V@b71y##4nPD4?pgN?8a9fs2+v&9cT7>(;%#Z!hu%{yFUof3T<%
z22Tm~3aZ}Nahar#=W|2V#M;n<1^U|afz-$jT}?@H^5jX|wjoEAmX>tzt@?u|mTQ)&
z7mo`yzWUNl7~iBrMtC6Ar88${(=KaLLDiub8NM+D8-bIIMfE`)RJBRnX)f%i+L49q
zEl->Vg#s=bXvH_0$T)mpH69K^vPK-#xv1``qpNaEjcoD+*)kVYo2uuez~iz$Y~q6|
zKL^MHVZlHssOw9usx@-SJr;D-iJ&9(f{-|P&IMx`48j6h;S!l5C#j5Yo&sh>M)1u5
zY3>UeuUXc>ub$WM+mFP7lyTkkH~BXXo?bPDd+xdC$tRy=%_B#Sq*5tV0sZmEAIE(X
zpI2Ua#dEc|7h3V$Amu}c4x!9V2M!z{IqubvV^QPrI3zdTc;iD4J%j?PPzGhHLIQty
zILP<!-%l2hW!Nkgux#85I<U_jHBGL<fejlr@YLKkp-DP$7&h?@9Z2w)f+v^`DI7k0
z_}H;yC}TwS0R`IFJRB7eb}&K)VUvVr=iwwY@xh>DV`J!o7a=U5Kz2}oS3NyFq=r@V
z+vMoZI<$4s*UxPzfIsOYHZV;nyFcz_Rdw(Z>Feuz?z!h!2s>N1ZsjT$9)9>?j720_
zs1<;e*Gp@n>QhfWMGk{MxUtR?PdtG#HKEK|0NcK|x0mFvzWOQ-Fz&(y@H~F}I8~_t
z+NdHaKp(+CX@ZPkjW%!IOv(#-OCi0iSz~29p}j=jf9<cAf9lh?ckqPY{lm*we(v*J
zH5V{{P#_}E<kdxt(td^z5f8WqJJ_yRS5iPP$~#o$fS^e7Jlhe$=)%8oz#5hx-62Qt
z!4opY1*&4%;O!%iJVI4`qZf5#iMxPs#~Sn0JoTXiIsJBkZ}^5}3R7?Z!3S2PK*r%M
z`+zAR8*+5==opa=lAQ&eXU7Hx2CzUBqim20m<2Pzo<wrj6sU?kP6g=DMncuoZOto8
z2mC#4F1W17I6MUa0TyPi8a#OLpjvg8Y2s_vtf3~Jud2z;PzW(A49fbP1!#46TrQ{v
zQNHDtTlh3Zm|+De2|oY)^TY&!!F_3s&}%_&Ii#00Ypm++d-G>Mr5V!01h)*jaiB`_
zw~qaC)%x41T+KJ{3T<^UL%L`o!gwXz2B}Gni5qUXK~=*UNOlmir%#_&o2ZPGgoPm;
zeDnE_GX%ls)+fo?vu6<&w6{qTjYd7s4b=j+R!2t%OPZQW|CL(%KnFgsKk$teuoLJs
zQv;Nq45aUN0DK@MeYUfp^XwQ+5c=F#Eg*%_xbVt7G->jdqXPWF2Tg9b-Cn79)p1ca
zFDvE?f9N#Ag@V^qGh(n$novM|!d1Q{X%?u;i-jt)TBjVPh)J3?A`ll1)d-?Utx}m{
z30*J+qzS|fq7hBFci?_UI%uVF;T|NYF6b>now_e;*0_4xSKj&UV|3m4&kHXgWvuM#
zrl-n(%SR0^8gCsvvf3G?iB<EBBZ$%}i16y-7RMJqB-(21xOE6C-=h5vE_B2YblIct
z7hinQZEZOvd?hA-_*9|Iti`(OIm%jsxNvS`Bk@Cq?|Rh_w`jMkTvqIMI-hY`;54q@
zF-;Tj;VMEDThx7zg9LJ3FRkyQt5{-$D{dB;0*)>migZnb8#EW3sYn*|TBMgFjb-+h
z{aMzmfdtWX-}le#-i4b5e#k(|AU_~SxpezTkF4G?j4J!LV1cd)$f-C~i3q|12L)gJ
z%+C|rLUgLoSd^7frt2Kv68)~wI0v|k>Mbnu+ftQN87C*4gsa?y;pp5Tm-x(4b#VTu
z?`^frb~GK9qk!KC5TFPhny-8Asxp;5bqvnCE%-^`1}6*8r=MR(PnV$V_6kF|ja0d;
zIE`>M!>-2mqY>SvSb}t{-j&?b!9jwf1t0E01w;sh6vOI5Yie9wyLPQQDGGINRSP)n
zU>uQ&dk5s01?4Q73*?v`l{wP5yPvll>dTrn;MUc5ZClwHKXum-KS{_}RPoCwe$lvg
zXOX?HvVc1q-s;-w(#D`{Vzz@*g?_Pv8p!hF8C5PLH>+WRoyo5iq$;REfkwfIv^<$i
z28oQyXkrCY!-8R4{uK&BT$J#bqE^fWGorG3xy8A`4=zLu>q8Sq77al<G=0b+q;P~C
zfI@(x7ta?ysK3CeW6|jNMp&ylFlct3J8A`YjB?iFOQP1ruj=VG?1LLm0e-4Wrke6w
zR#gX}&>hbc!!wihY1<Qj2zfdn&qB!6M+f)iBZocbCU=3JPHfZA1+Nn17aVnj9Z3Z1
zsJ?FaNaJ8w&|3<1g!FP}4S;Ama1g&-AaUS5LR?Tl^<#~VYkyREgu9XXN$7VnUR_|K
zK*vVH-b2~1Bgt_q!*W6yAIkkC#|j||Ne&6hY=?Fxny@)B9PW77ilm7RMwfh&BY;Tm
zzVcvPtRl7I8@Zof2e>F9vZ-lua+1e|0;WSxdSo0vt62dB=+N&M)Ez+yPY`EFVMt`8
zfcesYvw#oSf$W3!n+}=9Z3~044*jrVa9(vrE7NX=Dah$RSCLuIiD-S*s-N57hJ8Xd
zp^xFzUQ`Ajzh%{w(H*P6i=wq^RZM|nK%EW?u_%21<-VAR=R&iByPyUeV#D)y4fLX{
z$N3AZh9rnzNy#9_MLZBF{=FGZW^WNlm>O&@>z_kW5xn(_pTGW{{dkXD)_B!F9{9nv
znVqYXj;bJKAs_@UP69Q{8o+^9$!q!Shwr@8^xXqj-W<F*0f|>aKnQ3AYMC`OSEMQg
zgg{*osKM_Vb-_iP6aqrPkAP$iKQba00z$x>fMgACE+Q2ILcouJWDP$uA{PQez?*<%
z4R0<Y6#_!QkAP$iKQba00z$x>fMgACE+Q2ILcouJWDP$uA{PQez?*<%4R0<Y6#_!Q
zkAP$iKQba00z$x>fMgACE+Q2ILcouJWDP$uA{PQez?*<%4R0<Y6#_!QkAP$iKQba0
z0z$x>fMgACE+Q2ILcouJWDP$uA{PRSCvegV%q+flz4V-!X|SxBnQNYT^v$1q@0y(@
Pw>Pc7v+vj!cI^KjvUlV3

literal 0
HcmV?d00001

diff --git a/windows/keep-secure/WDAV-working/images/defender/bafs-edge.png b/windows/keep-secure/WDAV-working/images/defender/bafs-edge.png
new file mode 100644
index 0000000000000000000000000000000000000000..b2074435b1e86d75e2db360cf745710027c1b87f
GIT binary patch
literal 199090
zcmeI5dyL%Gb;rl#Aqv8YYN){lG%Q3a4ddCjy~}zHcmcbOjcc34E-GcbGiz^I@2q#%
zFIunx^^b@M5JfF5kx;1+v=j=c4Iu>zqy$k3EHEmS3V{OQQAo=}RU4wj{mh>A+3VlD
zezwQ6JKpao8P4zCbI(2ZbMMT2e|PSzzrA|Zr6--R;DkgXang$AeQOelFZ?TZ@A1d+
zeBt=Xf5v})Wn}q=u|(p;d4>PaN&LlkPfaA2t{PmoetiAPZ*=$Pw=B$L^BZ#ucWxQM
zJCW#Fx^pDce|2s=xiPnCaCk}6fB)k@H6;hLOPapbv9fvP$g<q#!R6PC=GI=bYF+;|
zSNC^io0j&T(6h6f09$h7ndHtbL&Ia;JC`&~#O=l|6sMb#6E5RdFKN24&|z}@%GJqb
z`O#dmV_|2izol()a#7d9mX5B)t?lO}Tbo-t)6HG!miAP0OLucucXLZ}^3l|L0#?sx
zcA$Gr-zAgXakZpr^Z58kcRIae$Bu<N+7{+VH>F#;y1LTMt?Aa*6dtLuUBly<ovGom
zvn|MhIDNUX{?Wma@xlCXvJf}3F~4nmNmEmyBY#YeYs-jtG(0xR4vOiWnUQqM!sc|T
zM%jLEGqP=TXd<<2e>yjm+mag|AERAM$#x)Jxzd}K>~71Jk}b!^FW$}wCW(}6Iks-s
zNG`o5H<sTv+Mm04JDHqaD*3VTHMuFcF+$;9GSJB8{CIwBbG{5fuP%#md~l#lB88f=
z&2l>j%QP$0ShI;WWmDY)_3mY(xy*QebX`6_)N9Li^?~e@%a#?E=c43qd~0wxo8K{Z
zZcjSeWNP6|Ma%VN#&f-emZ|2pRP*9>Ev?;co!za?*xk*|K@jtd#8}CTD4QA2l#bF?
zi0Dxc@{PvHX9ov%#fmcJ8N|r;cMs%8w`9h92e)K4<<cX=n|jhyg@Nb9>g`@JJT{&g
z?$530>!o1f;9$0UV4!_bTV`WtD$_R5k?P8}x2L)mb+n~g`xiGaZg0<R%yzX;;8?jb
zY+e+)FW<kd@B$*Vz1L*({e<_0)SYYZXlZXIa&voIF4fYKTa?<E?dYVpu8#iZ=7Hv1
zrsF_IL9n8ZE*l->tuQkb_!P#HrL&HK)|R%8)?6x=?QBmiYHc4#Wx84yr8--iGuh6z
zu9nuxsbwrB!W4D2d~l3)w<}nWtjdWuyS2Hk2bUhG7#f^-(;CT)j^zrk=_O4EUex|B
z=Wk+#HWTj+-I@Nv+g)#eVWH=;J?Vo=r_%D4lg$Q;r!yV`iyt&E-^Y&4x#3DL6bm)s
zRX)gAeqek@W;A!<CRRwC*RVxBxLGuOPrC5&Ff@1+CSokJ{m7<aAluQ}-qzKYYH#c4
zN@d&HyHZ{Ko!L}-%f?K5|KePG=RoIyX+DB!n0lv~zG;|R#r>Nz!<%y1-t>Wy9Vn>d
z%=PDox93I=<we9xHG?S1jgIvWjOMo_Gb1BIgZ-Jp3o^ZZI6J8-{CzAro=*mEw#Ge(
zQOB`nbEAWYvQC369aFNw#(d<j%vhgyHm!PP+9!^^(;obpci^MC_%pJgviN}Qv(<S?
z;Wbrwqptpu$fp`|wL75hA|>YAX{7l<uf@se$dUs(<<Mk<B^NX=6+M5X;>3C>5oW5l
z1LOn1!AD?^zf*ND%May8SLU<1-nO1}sp24JL9`b%5ueW!Z+*QjJ?WydsQ>zcwi((s
zp<NcCt(u$DErsXFreSro>4wTp!|G_$sg{=y503Y?PWBcl4q6rNEDXk4?xu6SogE!*
zNX=+*w8iSdow=d)eS@glv4T3|W_Yquw5DXs4O1;U4{8`xOg6OFS8(GyF`rh-Z8dlF
zX}_fprrPCT?Tx7s)jqaIR40xijv-ueD7lYtIf^)jaK)kIKEmZF;uyjehm!jUm!pVd
z2v;0R?ju}|B90+kaVWWua5;)NhH%B9<UYdXDB>8x6^D}h2$!RXV+dCqO70_Ejv|gB
zTyZG5k8nAPIEHY=q2xZo<tXA9!WD;-`v{k#h+_y>97^sZT#h1+AzX1NxsPx;ia3UF
z#i8Ur!sRI97{V2YlKTjkqljY&R~$<2BV3Lmjv-ueD7lYtIf^)jaK)kIKEmZF;uyje
zhm!jUm!pVdRK#_{)Q{wI!~8OS2S0)T`ZMn><>&Ls{^e^{CKA_tEs@xBV<Pdh{rvZX
zL}FWWBJrPBB@*3tBog!UxBdRJmn4pR{>Ll&E?l>BPGUb!bM_aW^$-CO5CIVo0TB=Z
z5fA|ps1t$0AI;K31VlgtL_h>YKm<fU1Vo^21SG-hhFTqofCz|y2#A0Ph=2%)K!JcH
zxYmIPh=2%)fCz|y2#A0P)RllFcwKR;GZ7F05fA|p5CIVo0TGY{*BTH35fA|p5CIVo
z0TB>^x)P8CuPbhKCITWL0wN#+A|L`HAOe!$S_2{=0wN#+A|L`HAOa##R{~#*)7y`}
zJSUEud_+J5L_h>YKm<fU1VlgtAkh7JrGI-zyWm<RA|L`HAOa#F0wN#+B2ZTXv39{N
zqts77t!rxPOaw$g1VlgtL_h>YKm;0%z`l8NtEQ}7@T!R9AOa#F0wN#+A|L`HAOf`{
zAPHVenu;X?A|L`HAOa#F0wN#+RS8IfS4AWT5fA|p5CIVo0TB=Z5vU~rN$^_IR4fq?
z0TB=Z5fA|p5CIXWN<b34Dk3?EfCz|y2#A0Ph=2%)KrIPKg4dF!Vu^qVh=2%)fCz|y
z2#7#c0+QfW5y?RWL_h>YKm<fU1VlgtYDqv6yp}W-O9Vtf1VlgtL_h>YKm@81kOZ%a
zNDd+(0wN#+A|L`HAOa##O9F@RuVdD-Tg4Iq5fA|p5CIVofn$Zh-o1N|m7z4`I9gg-
z8ZK|`f;ZfhDPa*10TB=Z5fA|p5P`-fAPL^s^EbP*pR?zeyJt56ja~#qKm<fU1Vo^5
z2}p-G?%XMJ5fA|p5CIVo0TB>^h9n>f-jLI#q(wjkL_h>YKm<fU1R9rsBzWV_oiY~z
z5fA|p5CIVo0TF0O0+QejIc-W>1VlgtL_h>YKm<gfaS2F*H}2dia}f{$5fA|p5CIVo
zfrca?3Eq&?rldtc1VlgtL_h>YKm;0>z_dy5PrvsMZ*I7J-@Li}@5kR*&Sm35ROTWe
z0wN#+A|L`HAOa!~pFmyziA>YkKY#DtPyX(KUwrb({9S*Py!U=`rTn8m{S*H8mET$W
zrPCHrGWWNBJN_8tDFPxO0wN#+A|L`HAOeR<;L}e(ojZ4KxmJ~H%e9JGUe{gl|M<NP
z=<J{U+pE8N<yBw%;d8FDF`EAV`zQaw7OHT-EoSzI>XuHYA9&yaTHSi<tq_0n%{Pl9
zP_<^wn&R@Bl+Zgl)Fc!^o_p@O3hSm;z0^4lBN`nYtx2cEsZ}WQVYQGO%cCZ_)hdWD
z=~@Lmq&NU!5msnY+XWwXG`#~4Gm$L<A|L`)32fW8?Uq|^iMZ|Cw{PjvrSHA>9#t5T
z+8SPN*s$TrC!efgz(^>PXDpGz!@E4%sYbFwVQ<>B>9yBhi<H|X<<#O+vi8Ue>ng!X
z7pcAArklU|&Gp5pBgCn~p}4B%B_ksvFij?thZk8N|A)cNBy7pso-i8oa`VkMhb1$_
zX0?zTD`$q}bIhbs+dHLW28#wF0wQoM5m>Qe#X}E06dBRuk3YV8_3G13J8kRMtxrGw
zbfi|7bs)e-(v3IXc<r^<7OQYdD5n;mqm)U#CAbgcfByN0oJg@t3@*J&h6sqjj3BUQ
z|Lz%)hmsHh5fFi6fWSo;UBoCN`_U-#zP`R=U~~;Vgmcb0r&x-+2&eYwjc(d>_?OQ<
z`~5xFp}_gy+qsRuIIPWnj*W!J4Z_nI+`8DK<k6DQ6S#Ib1^>uV5p%ORb_~Hv-gx7U
zOeRA)mo_)%!*iGqRbC#6Y^}Us-29kB@s=^Q-cgv+yYEik$XGOg4t?zO4bNc^l5{L#
z4(0Z#t+|cG^9&n$p$$1qz%s{S;lhQ~@=P2{l^iUlmrzcjMKcazs4%^-_pqFySxg_G
z^%XvcF~iKw$NTjr#N@%He+6O@3=17$g!5~)VKhsrxG#LdfzZ%eQD_`Wj)lG|1SA5r
zq-3EiNwazOAuu8f!m|Uku~!Xl4&H?YkJC2n)LIehyAux#=fl{oi;$`%Z{_Z3LG&yF
zA|L`Yp8&hwFTM1V=V@|0l}b^9%_$78vcoAH@!(;F7%ty2yqwx{$2TZ1v|qaP-h1!$
z$YyvIwVZ{aFcLF7J7Y&?@F5Q6JWoVjiX91SmjpBip2I;=>*bNQo=+szVh$yHJo3Vb
z3a^j;ChcjH;QaRT)IB$#!qMOJcmAOt4nHK6S6p$$6Hh$hP42({{%khOC7;lbJ@y!9
z2Y9^x`s<ZHu&KT7y6epOjyvwa_JB9tbd#08{PN3`qma6~x+pp8th4UA>n;o~aYh!{
zB_-tJ-BEtS4L4W>B)f+-13BWY@FBi8jClGb30!*Vr9QOcn0T5G2@{iNd?;DFb}gAO
z9CJYPJow;)*!1W*V3<nw?#w`G5yS!#(+VpmPm*}@pwrEpH`9be97MpdI2dHr+uLhy
z%vw3cOmp|4Q|rB4+Bm@9{8<|e)BGdP#nT!(aO#9@iRYhx-V2Fy`Q?}Ur5pF$a}RwP
zNiU2TAocl*RN3V-&pcxZ!yj($!?%>!R)y_)7gf4!*)l7C>#euA8}ue_!1LK>pS4Rf
zpv@&J8GjZ72A39uIlAn!%gniIw&9Xy_|}SN0)}l_%$~6OFgv(;rzWqtBwHRBcG8EH
zU<ZFFVWhq=;tbsTk|6>jAObUu0B>U9ffVF8qP#dsbSL|398TfEC!nd=P`;avw*%Pd
zU7T%;Jq$&w&dyE?^8WkphZ}b2;8m+uS=H{{yVtK@PY{dXhr0h|;$Z<_dF2()lVS?3
zEw<kkc-KTA;O)2HZa(DTDja$3<?p=nj;rl*sp1fF@Gg#$;VK*zVTVwT>i)NlqOKDB
z#IEkhsgs}o<ee}5`swV5JJbJrW#93?`E|dnY#=6(6ech5bg9H=xrt*6k&h^q3UQDN
zh$M5M6>7kpU0s<h3m38bAO~qeCRRc;v=lbwC^<hr?1s6aMacHyhadJhw6ca?Qf#0d
z5llX`lK%KmPQo<jncTQD!6pHe9IVX2f|IT1z!12#C{|AN=m9NG)#N=fUbjpT{?=Xi
z%qW}*0+&0bu-0vEip<8xR4JDw(~e}taLRqbS9MyE?>+>8fW?`6Vi;8quG_#l>}Rcf
zykQVe#+Hz?qEq*05=}|l?0CO!gaNV7KmUBcHD#GGgLX&p!V51L6BdTIwK<|y)ode6
z+9S~Rw%cwCS0;8S&@DKb_+S}Y_{zn>9;{DRf=3=69%j->Eat!ugwcORKm<f!#u12|
zMJag-1vN}LAJdjS@)Y5Lu0_6^{G}WRq&dnM`_)%pMdn6^YRZ^H=2q?om+0D17LyW}
zPd)V%RTvhN=BBwxhVmC*e9?AHuoo;?;F21ja8sXJ9(Uh;H@Vr?K9_WD`D4@2%ee>O
z#(=^Ksp3F)`0(&f?eZu+qq+IC<@1Z@I_PgkQCA6m(z3q)`m4V*c6R=R{cqa~=hDhQ
ze(-Nky7-d#d?95LGa{9c3-+Bga?NE;aagMg1=g8oo*BCNcj8Eax8Hs{tTG#YkG8PB
zc=nxXb~jOS#r{^p%0^?EP_~k`wl+jbIe#lhoh(|k$bEcudI<(T<ly;`o7W;MZJ#w%
zdu(31b8!Ojq0sz2PSxZ+F&m)0jJ>%V=q>A-tctrfH`lLbkPi>4iqkI6D#YuZno)UL
z887+RtsPR*=QI+eLVWYYf%QqMzJDKyV3*FHOJ{X<a9_%rv{ADH*%%Iku!_P<vu!QW
zgdw20Su?Cgs?hO#^I$&ITEC=6371u~WvP2}n&5AttT`_<9|*QrnPKB{2aJe=UGioP
zd3UqisERr8k}*{%0wN#+GlYQ4R-`8%lrBj<y^lWn2-^>AU|7|;=bp>kBX6Y0akTPz
z=beW#rV0_<+S=;P&G_Jh5AX>K{X-dD8}aAT)G&s}L~|1XeNPaiKfPPD(@#I$!=8HT
zsifqWX0W|YZebyDKK$@QE8zyfhQ{WawXKjUyXo9);O`%cVc4T#bN&R$#OD{!*hiy_
zNX)uQ@UO1_-OqmTecK5C-@SX$-zWAgu@fnuPi%s+1^)2^_s`31iey>glFd=u@Izj>
zRATk`_xs$?RA^qI$~1}}mMFKSN(8#Fuh;Fl_`a}0FGr)wPd->azNcs}!caNUdzd+P
zL~S39^eiT-)X%H<w-E8WJM6S$PAk&cc8<CAvi*SgxrLs<CsmdxveLG4!&*ux_xTE|
zj>Kk)S+4APGX(Afxx=(C5J<zu!VN0w)(!>P0U_(Ia<-LI;s!6A6yNanR@^Ow4%p$X
zue*_X#4WO7-BX4Lh=2$*76IPhkd@^8=%bIa6I?QRKB?^#hd-m#*@QAp%tkeTVTBUg
z6zBPZ3oa-b=THlY<1yJCM@J!MO!50(*rCP@{n^Pz;@hCuDG#ek+H{Ju9hIrWF1Vln
zW}mD0*O?_VJo3W2N^sQnf^UE4-Cf(+^XBk3`r8ITId)-Rd~jgiRU5gCKQQ|gXSa{L
z7LylfEH=_y0aQMPVxR7|-)WuNej&DfYww2v%AJ&8htivbX%pEF4}^tov$jZ*RK0}m
zY)8{l^4q@9hn>;zjB;puoQRK?W3cE^d+0D5Z}HeeXR}NCR7k!!Lb(#saOGWmCta=;
z<t0<1yf`bmD2@|zTDi4DQzDUh$Fv@cLwO1Bn9QbM77vFvGVarOxQ`jE5DIM#hZ7xf
z^UE{NI3paCEp@LA4Q?F?&dOv*oN`8CHvl#k${C&6zS6vTxojg#J$%&=s={g~a`EhV
zccB4EyITkgvEvUs(omNoAOa#Va|j@vd6#1gyqt7C`Q(%N1Sx)7W(e$3^X80-wLNJR
zxt-$R-8C}6`Sa(Sn6`4F`KJ<F*S6K|O}M0xOX65=w$)891VQmfcFnzENrSd_n#F4g
za>^;ESPp)`#`fLusgSBg;AQ|JPX0Dn4_jNq^|zfr;kiC4ysi=)Wc*q16Bl>A`OUR{
z^29iD$xkym1%Arb@k1rcEerD+kxHfyct)C64#<9|-;g0wLIvP9yN030LgxCR6m&ms
zI9M<AXj+G3taNQQRqkMJNEZ6_pTSYc7QTOd&scn=hG!Vq(Zt8J8qe-eb2d}03-htz
zTfgQ{96+J=XyxN2hwvwWVPBRf&uGNZhh8ct?+qhHvEcJt2><#b(xlvF$+U?NHy;9d
zhEo=XDmSg651?qyDU=GQiQL~bv`?`Q2l8Hsb9lDI+xq>RXYN(ShMkb{m=&6E_yn=e
zeWPJVku#6sAr@E6z8I=zYfIgiv^OMA?pVUrj*qWE8->kIxZpi`KW2j`B)JjwpI}mA
zZWRU&4Hm!kqGu5h0TGzt1dz_xUw=Jfw^%xpIfXd*+ao3XI@3nP0T1LXCq1ko%J|MZ
z@5H%yyvSBGtN-57zX`{a?PP*@mE8>Z9y8I1X`0)5dE}8tA_q%~y9-OMyz)v8nXq?m
zg(Oc*KW}5@Jlj_R_*6*M2X3Lz@nJ_bv?Kc4BG*TS*IR-!HvSPFPJ5%mId)=0#o+P_
zbLXD%=T+o#N$B=NJ(o&+*qdtPgBc-<U9y!IvO3X5IP<VwNvq;hA4zBBlwf-kletu(
zGw6=5^3k>CiCVR@99E7Rv-0B2c=|;WSuM}(N?JpDVGAFbXjS3g?!kfKaD;#=)Qs;U
zdtw;)5Q;RcISP+VkSQo6?h4F-@tVpZ2jr}I@{AY?Lz&I@0Ceg;b{M@v^2HIn#H2H!
zD6v02V_{1U#9I{`<<f>5qSIp1itdWr!l&G{Mx1HREcm2EY9p5n!Ph`I94};2{F@nX
z%Rov_v^x|V;bLQLlspSgE4zj8n*nBxI|_cLX#we%^<bd<2d`9B&X$G5(0obz4|%P-
zu!;p^w<Xq{Ju`fNq0zM`W6GWqyR~4O$0w0OUftF_=D@=qWs86ah`>xEU|OQwDHO6r
zx3HJ&$HD!lkO*0XwKqf=bLq8_VcvJ&eZ03@5M(im-yPUg_9|`$xb!Nb5z|k$pq{yO
z0qt%T44nD1CqqL+)-}y-KM_ICu8o!3Pc}VBg;X5^$59R`4G&(`;M`-mzklK?9G|Lj
z4$ooE{{8!_w*1kT=irn2X)TlZ_;2oe|Br9r*vWBozw+U2x12J(bzXn2Y9?|J0TB=Z
z5fA|p5P_LSVDH|&GcBcAl}}4c%i)a|h0S(Pxwe&S%eA6>-@HQ1?$0Y}>@QYme^jdq
zCsLO5{$w=&%g;Vb-t*VTpI7+n^m>SZ2#A0Ph=2%)fCz{{eF#+0-y~4E_6ReaHVIDN
z{OmG$Z{bf?>mdRnAOf?Fz@GiPXWf`JU=a`j5fFipz%(2P54)Ew0wN#+A|L`HAOa#F
z0<(>PB=~HbagA35L_h>YKm<fU1Vmt(2}puZ^8~1S5fA|p5CIVo0TB>^*+xJTe74QF
z#w!9MAOa#F0wN#+A~4MaB*CY70@S?-h=2%)fCz|y2#COJBOnPr+h$zj6#)?t0TB=Z
z5fA|pm}UZ!;L|(->RtpyKm<fU1VlgtL}0cNn9e^AKHFGpydoe1A|L`HAOgoEfy4eM
z8jndD8dMwt+69k8Nj@SV0wN#+A|L`HAOa##GXj#}HAAUDA|L`HAOa#F0wN#+A`pjw
zBzPQ3@(}?M5CIWrBmzHJaq;&WDPQF(0wORw2}p;}&Ux3UML+~ZKm<fU1Vlgtrj39k
z__U!{$08sCA|L`HAOa#F0<)8VB>3!{ca2&EL_h>YKm<fU1Vmuk2uOlY8+vst0wN#+
zA|L`HAOa#VI|)dF&(3+*s6{{oL_h>YKm<fU1g4FEB>1$USH~hC0wN#+A|L`HAOf?K
gz??*4|Ni`0?<D{I*RH;&fMCVNtNI?i=&Bq3AAXIZ6951J

literal 0
HcmV?d00001

diff --git a/windows/keep-secure/WDAV-working/specify-cloud-protection-level-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/specify-cloud-protection-level-windows-defender-antivirus.md
index 2023b2530e..923b49d30a 100644
--- a/windows/keep-secure/WDAV-working/specify-cloud-protection-level-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/specify-cloud-protection-level-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
-title: Specify cloud protection level in Windows Defender Antivirus
-description: Set the aggressiveness of cloud-delivered protection in Windows Defender Antivirus
+title: Specify cloud-delivered protection level in Windows Defender Antivirus
+description: Set the aggressiveness of cloud-delivered protection in Windows Defender Antivirus.
 keywords: windows defender antivirus, antimalware, security, defender, cloud, aggressiveness, protection level
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
diff --git a/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index de95dc2be2..d26c8b0e62 100644
--- a/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -24,10 +24,12 @@ author: iaanw
 
 Cloud-delivered protection for Windows Defender Antivirus, also referred to as Microsoft Advanced Protection Service (MAPS), provides you with strong, fast protection in addition to our standard real-time protection.
 
+
+
 >[!NOTE] 
 >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional signature updates.
 
-Enabling cloud-delivered protection helps detect and block new malware – even if the malware has never been seen before – without needing to wait for a traditionally delivered definition update to block it. Definition updates can take hours to prepare and deliver; our cloud service can deliver updated protection in seconds. 
+Enabling cloud-delivered protection helps detect and block new malware - even if the malware has never been seen before - without needing to wait for a traditionally delivered definition update to block it. Definition updates can take hours to prepare and deliver; our cloud service can deliver updated protection in seconds. 
 
 Cloud-delivered protecton is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies.
 
@@ -35,7 +37,7 @@ The following table describes the differences in cloud-based protection between
 
 
 Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | Configuration manager 2012 | Configuration manager (current branch) | Microsoft Intune
----|---|---|---|---|
+---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
 Block at first sight availability | No | Yes | Yes | Not configurable | Configurable | No
@@ -53,44 +55,3 @@ Cloud block timeout period | No | No | Configurable | Not configurable | Configu
 
 
 
-## Manage cloud-based protection
-
-Windows Defender offers improved cloud-based protection and threat intelligence for endpoint protection clients using the Microsoft Active Protection Service. Read more about the Microsoft Active Protection Service community in [Join the Microsoft Active Protection Service community](http://windows.microsoft.com/windows-8/join-maps-community).
-
-You can enable or disable the Microsoft Active Protection Service using *Group Policy* settings and administrative template files.
-
-More information on deploying administrative template files for Windows Defender is available in the article [Description of the Windows Defender Group Policy administrative template settings](https://support.microsoft.com/kb/927367).
-
-The Microsoft Active Protection Service can be configured with the following *Group Policy* settings:
-
-1.  Open the **Group Policy Editor**.
-2.  In the **Local Computer Policy** tree, expand **Computer Configuration**, then **Administrative Templates**, then **Windows Components**, then **Windows Defender**.
-3.  Click on **MAPS**.
-4.  Double-click on **Join Microsoft MAPS**.
-5.  Select your configuration option from the **Join Microsoft MAPS** list.
-
-    >**Note:**  Any settings modified on an endpoint will be overridden by the administrator's policy setting.
-     
-Use the Windowsdefender.adm *Group Policy* template file to control the policy settings for Windows Defender in Windows 10:
-
-Policy setting: **Configure Microsoft SpyNet Reporting**
-
-Registry key name: **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SpyNet\\SpyNetReporting**
-
-Policy description: **Adjusts membership in Microsoft Active Protection Service**
-
-You can also configure preferences using the following PowerShell parameters:
-
--   Turn Microsoft Active Protection Service off: *Set-MpPreference -MAPSReporting 0*
--   Turn Microsoft Active Protection Service on: *Set-MpPreference -MAPSReporting 2*
-
-Read more about this in:
-
--   [Scripting with Windows PowerShell](https://technet.microsoft.com/library/bb978526.aspx)
--   [Defender Cmdlets](https://technet.microsoft.com/library/dn433280.aspx)
-
->**Note:**  Any information that Windows Defender collects is encrypted in transit to our servers, and then stored in secure facilities. Microsoft takes several steps to avoid collecting any information that directly identifies you, such as your name, email address, or account ID.
- 
-Read more about how to manage your privacy settings in [Setting your preferences for Windows 10 services](http://windows.microsoft.com/windows-10/services-setting-preferences).
-
-