From e15c96e8a47aea5210cfe25cd449702b90ae9adf Mon Sep 17 00:00:00 2001 From: jsuther1974 Date: Thu, 21 Nov 2019 10:15:50 -0800 Subject: [PATCH] Minor update to intro paragraph --- .../create-initial-default-policy.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md index 04f8c31125..3d827d4672 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md @@ -27,7 +27,8 @@ ms.date: 05/03/2018 - Windows 10 - Windows Server 2016 and above -This section outlines the process to create a WDAC policy with Windows PowerShell. +This section outlines the process to create a WDAC policy for fixed-workload devices within an organization. Fixed-workload devices tend to be dedicated to a specific functional purpose and share common configuration attributes with other devices servicing the same functional role. Examples of fixed-workload devices may include Active Directory Domain Controllers, Secure Admin Workstations, pharmaceutical drug-mixing equipment, manufacturing devices, cash registers, ATMs, etc... + For this example, you must initiate variables to be used during the creation process or use the full file paths in the command. Then create the WDAC policy by scanning the system for installed applications. The policy file is converted to binary format when it gets created so that Windows can interpret it.