From ed55168fe403c0b94e81f2c833cd17971f254faf Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 18 Apr 2017 16:19:06 -0700 Subject: [PATCH] fixed note --- .../introducing-managed-installer-for-device-guard.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/keep-secure/introducing-managed-installer-for-device-guard.md b/windows/keep-secure/introducing-managed-installer-for-device-guard.md index 0f12f54975..fb223989c9 100644 --- a/windows/keep-secure/introducing-managed-installer-for-device-guard.md +++ b/windows/keep-secure/introducing-managed-installer-for-device-guard.md @@ -24,11 +24,11 @@ Specifying an executable as a managed installer will cause Windows to tag files Once the IT administrator adds the Allow: Managed Installer option to a configurable CI policy for Device Guard, the configurable CI component will subsequently check for the presence of the origin information when evaluating other application execution control rules specified in the policy. If there are no deny rules present for the file, it will be authorized based on the managed installer origin information. ->![NOTE] ->Admins needs to ensure that there is a CI policy in place to allow the system to boot and run any other authorized applications that may not be deployed through a managed installer. +> ![NOTE] +> Admins needs to ensure that there is a CI policy in place to allow the system to boot and run any other authorized applications that may not be deployed through a managed installer. > ->Examples of CI policies available in C:\Windows\schemas\CodeIntegrity\ExamplePolicies help authorize Windows OS components, WHQL signed drivers and all Store apps. ->Admins can reference and customize them as needed for their Device Guard deployment. +> Examples of CI policies available in C:\Windows\schemas\CodeIntegrity\ExamplePolicies help authorize Windows OS components, WHQL signed drivers and all Store apps. +> Admins can reference and customize them as needed for their Device Guard deployment. ## Configuring a managed installer with AppLocker and configurable code integrity policy