linted and cleaned audit windows defender

2025-06-21 05:13:40 +00:00 · 2019-07-30 12:24:06 -04:00
parent 911cd037e9
commit bc1ff0b0bf
1 changed files with 13 additions and 16 deletions
--- a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender.md
@ -16,12 +16,11 @@ ms.reviewer:
 manager: dansimp
 ---
 # Use audit mode
 **Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 You can enable attack surface reduction rules, exploit protection, network protection, and controlled folder access in audit mode. This lets you see a record of what *would* have happened if you had enabled the feature.
@ -40,18 +39,16 @@ You can use Group Policy, PowerShell, and configuration service providers (CSPs)
 >[!TIP]
 >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
-
+ Audit options | How to enable audit mode | How to view events
-|Audit options | How to enable audit mode | How to view events |
+-|-|-
-|- | - | - |
+Audit applies to all events | [Enable controlled folder access](enable-controlled-folders.md) | [Controlled folder access events](evaluate-controlled-folder-access.md#review-controlled-folder-access-events-in-windows-event-viewer)
-|Audit applies to all events | [Enable controlled folder access](enable-controlled-folders-exploit-guard.md) | [Controlled folder access events](evaluate-controlled-folder-access.md#review-controlled-folder-access-events-in-windows-event-viewer) |
+Audit applies to individual rules | [Enable attack surface reduction rules](enable-attack-surface-reduction.md) | [Attack surface reduction rule events](evaluate-attack-surface-reduction.md#review-attack-surface-reduction-events-in-windows-event-viewer)
-|Audit applies to individual rules | [Enable attack surface reduction rules](enable-attack-surface-reduction.md) | [Attack surface reduction rule events](evaluate-attack-surface-reduction.md#review-attack-surface-reduction-events-in-windows-event-viewer) |
+Audit applies to all events | [Enable network protection](enable-network-protection.md) | [Network protection events](evaluate-network-protection.md#review-network-protection-events-in-windows-event-viewer)
-|Audit applies to all events | [Enable network protection](enable-network-protection.md) | [Network protection events](evaluate-network-protection.md#review-network-protection-events-in-windows-event-viewer) |
+|Audit applies to individual mitigations | [Enable exploit protection](enable-exploit-protection.md) | [Exploit protection events](exploit-protection-exploit-guard.md#review-exploit-protection-events-in-windows-event-viewer)
 |Audit applies to individual mitigations | [Enable exploit protection](enable-exploit-protection.md) | [Exploit protection events](exploit-protection-exploit-guard.md#review-exploit-protection-events-in-windows-event-viewer) |
 ## Related topics
- [Protect devices from exploits](exploit-protection-exploit-guard.md) 
+* [Protect devices from exploits](exploit-protection.md)
- [Reduce attack surfaces with attack surface reduction rules](attack-surface-reduction-exploit-guard.md) 
+* [Reduce attack surfaces with attack surface reduction rules](attack-surface-reduction.md)
- [Protect your network](network-protection-exploit-guard.md) 
+* [Protect your network](network-protection.md)
- [Protect important folders](controlled-folders-exploit-guard.md)
+* [Protect important folders](controlled-folders.md)