Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into URupdates

windows/client-management/mdm/policy-csp-deviceguard.md

@@ -180,9 +180,3 @@ Footnote:
 
 <!--EndPolicies-->
 
-<!--StartSurfaceHub-->
-## <a href="" id="surfacehubpolicies"></a>DeviceGuard policies supported by Microsoft Surface Hub  
-
--   [DeviceGuard/AllowKernelControlFlowGuard](#deviceguard-allowkernelcontrolflowguard)  
-<!--EndSurfaceHub-->
-

windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md

@@ -53,7 +53,7 @@ This is especially useful in helping to protect your documents and information f
 
 A notification will appear on the machine where the app attempted to make changes to a protected folder. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors.
 
-The protected folders include common system folders, and you can [add additional folders](customize-controlled-folders-exploit-guard.md#protect-additional-folders). You can also [allow or whitelist apps](customize-controlled-folders-exploit-guard.md#allow-specifc-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders.
+The protected folders include common system folders, and you can [add additional folders](customize-controlled-folders-exploit-guard.md#protect-additional-folders). You can also [allow or whitelist apps](customize-controlled-folders-exploit-guard.md#allow-specific-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders.
 
 As with other features of Windows Defender Exploit Guard, you can use [audit mode](audit-windows-defender-exploit-guard.md) to evaluate how Controlled folder access would impact your organization if it were enabled.
 

windows/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md

@@ -119,7 +119,7 @@ Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersList](https://docs.m
 
 
 
- ## Allow specifc apps to make changes to controlled folders
+ ## Allow specific apps to make changes to controlled folders
 
 You can specify if certain apps should always be considered safe and given write access to files in protected folders. Allowing apps can be useful if you're finding a particular app that you know and trust is being blocked by the Controlled folder access feature. 
 

windows/threat-protection/windows-defender-security-center/wdsc-app-browser-control.md

@@ -74,3 +74,8 @@ This can only be done in Group Policy.
 6.  Open the **Hide the App and browser protection area** setting and set it to **Enabled**. Click **OK**.
 
 7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
+
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)

windows/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md

@@ -53,3 +53,7 @@ This can only be done in Group Policy.
 
 7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
 
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)

windows/threat-protection/windows-defender-security-center/wdsc-family-options.md

@@ -51,3 +51,8 @@ This can only be done in Group Policy.
 6.  Open the **Hide the Family options area** setting and set it to **Enabled**. Click **OK**.
 
 7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
+
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)

windows/threat-protection/windows-defender-security-center/wdsc-firewall-network-protection.md

@@ -50,3 +50,8 @@ This can only be done in Group Policy.
 
 7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
 
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)
+

windows/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection.md

@@ -54,3 +54,8 @@ This can only be done in Group Policy.
 6.  Open the **Hide the Virus and threat protection area** setting and set it to **Enabled**. Click **OK**.
 
 7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
+
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)

windows/threat-protection/windows-defender-security-center/windows-defender-security-center.md

@@ -55,7 +55,10 @@ You can find more information about each section, including options for configur
 - [Family options](wdsc-family-options.md), which includes access to parental controls along with tips and information for keeping kids safe online
 
 
-
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)