diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
index 16e7db9ecf..26b9e17ce1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
@@ -30,7 +30,13 @@ ms.topic: article
 
 Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Microsoft Defender ATP with.
 
-Use the following advanced features to get better protected from potentially malicious files and gain better insight during security investigations:
+## Enable advanced features
+
+1. In the navigation pane, select **Preferences setup** > **Advanced features**.
+2. Select the advanced feature you want to configure and toggle the setting between **On** and **Off**.
+3. Click **Save preferences**.
+
+Use the following advanced features to get better protected from potentially malicious files and gain better insight during security investigations.
 
 ## Automated investigation
 
@@ -114,22 +120,6 @@ The integration with Azure Advanced Threat Protection allows you to pivot direct
 >[!NOTE]
 >You'll need to have the appropriate license to enable this feature.
 
-## Microsoft Secure Score
-
-Forwards Microsoft Defender ATP signals to Microsoft Secure Score in the Microsoft 365 security center. Turning on this feature gives Microsoft Secure Score visibility into the devices security posture. Forwarded data is stored and processed in the same location as the your Microsoft Secure Score data.
-
-### Enable the Microsoft Defender ATP integration from the Azure ATP portal
-
-To receive contextual device integration in Azure ATP, you'll also need to enable the feature in the Azure ATP portal.
-
-1. Log in to the [Azure portal](https://portal.atp.azure.com/) with a Global Administrator or Security Administrator role.
-
-2. Click **Create your instance**.
-
-3. Toggle the Integration setting to **On** and click **Save**.
-
-After completing the integration steps on both portals, you'll be able to see relevant alerts in the device details or user details page.
-
 ## Office 365 Threat Intelligence connection
 
 This feature is only available if you have an active Office 365 E5 or the Threat Intelligence add-on. For more information, see the Office 365 Enterprise E5 product page.
@@ -159,6 +149,22 @@ Enabling this setting forwards Microsoft Defender ATP signals to Microsoft Cloud
 
 Turning on this setting allows signals to be forwarded to Azure Information Protection. It gives data owners and administrators visibility into protected data on onboarded devices and device risk ratings.
 
+## Microsoft Secure Score
+
+Forwards Microsoft Defender ATP signals to Microsoft Secure Score in the Microsoft 365 security center. Turning on this feature gives Microsoft Secure Score visibility into the devices security posture. Forwarded data is stored and processed in the same location as the your Microsoft Secure Score data.
+
+### Enable the Microsoft Defender ATP integration from the Azure ATP portal
+
+To receive contextual device integration in Azure ATP, you'll also need to enable the feature in the Azure ATP portal.
+
+1. Log in to the [Azure portal](https://portal.atp.azure.com/) with a Global Administrator or Security Administrator role.
+
+2. Click **Create your instance**.
+
+3. Toggle the Integration setting to **On** and click **Save**.
+
+After completing the integration steps on both portals, you'll be able to see relevant alerts in the device details or user details page.
+
 ## Microsoft Intune connection
 
 Microsoft Defender ATP can be integrated with [Microsoft Intune](https://docs.microsoft.com/intune/what-is-intune) to [enable device risk-based conditional access](https://docs.microsoft.com/intune/advanced-threat-protection#enable-windows-defender-atp-in-intune). When you [turn on this feature](configure-conditional-access.md), you'll be able to share Microsoft Defender ATP device information with Intune, enhancing policy enforcement.
@@ -178,7 +184,6 @@ When you enable Intune integration, Intune will automatically create a classic C
 >[!NOTE]
 > The classic CA policy created by Intune is distinct from modern [Conditional Access policies](https://docs.microsoft.com/azure/active-directory/conditional-access/overview/), which are used for configuring endpoints.
 
-
 ## Preview features
 
 Learn about new features in the Microsoft Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience.
@@ -191,11 +196,9 @@ Forwards endpoint security alerts and their triage status to Microsoft Complianc
 
 After configuring the [Security policy violation indicators](https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-settings.md#indicators) in the insider risk management settings, Microsoft Defender ATP alerts will be shared with insider risk management for applicable users.
 
-## Enable advanced features
+## Download quarantined files
 
-1. In the navigation pane, select **Preferences setup** > **Advanced features**.
-2. Select the advanced feature you want to configure and toggle the setting between **On** and **Off**.
-3. Click **Save preferences**.
+You can turn on a setting to backup quarantined files in a secure and compliant location so they can be downloaded directly from quarantine. Once this setting is enabled, the **Download file** button will always be available. [Learn more about requirements](respond-file-alerts.md#download-quarantined-files)
 
 ## Related topics
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
index 5496856283..a5a70ec6b7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
@@ -142,10 +142,20 @@ By default, you will not be able to download files that are in quarantine.
 
 ### Download quarantined files
 
+>[!IMPORTANT]
+>
+>- This feature is available if your organization uses Microsoft Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md).
+>
+>- The Engine version must be 1.1.17300.4 or later.
+>- Supported on devices with Windows 10, version 1703 or later, Windows server 2016 and 2019.
+>- Microsoft Defender for Endpoint is in active mode
+
 You can turn on a setting to backup quarantined files in a secure and compliant location so they can be downloaded directly from quarantine. Once this setting is enabled, the **Download file** button will always be available.
 
 Go to **Settings** > **Advanced features** > **Download quarantined files** and switch the toggle to **On**.
 
+[Learn more about advanced features](advanced-features.md)
+
 ### Collect files
 
 If a file is not already stored by Microsoft Defender ATP, you can't download it. Instead, you'll see a **Collect file** button in the same location. If a file hasn't been seen in the organization in the past 30 days, **Collect file** will be disabled.