Updated -Fallback levels to SignedVersion,Publisher,Hash

windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md

@@ -59,7 +59,7 @@ To familiarize yourself with creating WDAC rules from audit events, follow these
 4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new WDAC policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**.
 
    ```powershell
-   New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback Hash –UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
+   New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash –UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
    ```
 
    > [!NOTE]

windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md

@@ -126,13 +126,13 @@ Deny rules and policies can be created using the PowerShell cmdlets or the [WDAC
 ### Software Publisher Based Deny Rule
 
 ```Powershell
-$DenyRules += New-CIPolicyRule -Level FilePublisher -DriverFilePath <binary_to_block> -Deny -Fallback FileName,Hash
+$DenyRules += New-CIPolicyRule -Level FilePublisher -DriverFilePath <binary_to_block> -Fallback SignedVersion,Publisher,Hash -Deny
 ```
 
 ### Software Attributes Based Deny Rule
 
 ```Powershell
-$DenyRules += New-CIPolicyRule -Level FileName -DriverFilePath <binary_to_block> -Deny -Fallback Hash
+$DenyRules += New-CIPolicyRule -Level FileName -DriverFilePath <binary_to_block> -Fallback Hash -Deny
 ```
 
 ### Hash Based Deny Rule