diff --git a/.github/workflows/Stale.yml b/.github/workflows/Stale.yml
index 101ee8ba9c..82b6875e28 100644
--- a/.github/workflows/Stale.yml
+++ b/.github/workflows/Stale.yml
@@ -13,7 +13,7 @@ jobs:
   stale:
     uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-Stale.yml@workflows-prod
     with:
-      RunDebug: true
+      RunDebug: false
       RepoVisibility: ${{ github.repository_visibility }}
     secrets:
       AccessToken: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json
index 0015a87b88..ca6ed75b69 100644
--- a/.openpublishing.publish.config.json
+++ b/.openpublishing.publish.config.json
@@ -251,7 +251,6 @@
     ".openpublishing.redirection.browsers.json",
     ".openpublishing.redirection.education.json",
     ".openpublishing.redirection.json",
-    ".openpublishing.redirection.store-for-business.json",
     ".openpublishing.redirection.windows-application-management.json",
     ".openpublishing.redirection.windows-client-management.json",
     ".openpublishing.redirection.windows-configuration.json",
diff --git a/.openpublishing.redirection.store-for-business.json b/.openpublishing.redirection.store-for-business.json
deleted file mode 100644
index f825112907..0000000000
--- a/.openpublishing.redirection.store-for-business.json
+++ /dev/null
@@ -1,299 +0,0 @@
-{
-  "redirections": [
-    {
-      "source_path": "store-for-business/acquire-apps-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/acquire-apps-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/add-unsigned-app-to-code-integrity-policy.md",
-      "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/app-inventory-managemement-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/app-inventory-management-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/app-inventory-management-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/app-inventory-management-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/apps-in-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/apps-in-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/configure-mdm-provider-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/configure-mdm-provider-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/device-guard-signing-portal.md",
-      "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/distribute-apps-to-your-employees-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/distribute-apps-to-your-employees-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-apps-windows-store-for-business-overview.md",
-      "redirect_url": "/microsoft-store/manage-apps-microsoft-store-for-business-overview",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-mpsa-software-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-store/index",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-orders-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/manage-orders-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-settings-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/manage-settings-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-users-and-groups-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/manage-users-and-groups-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/prerequisites-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/prerequisites-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/roles-and-permissions-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/roles-and-permissions-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/settings-reference-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/settings-reference-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sign-code-integrity-policy-with-device-guard-signing.md",
-      "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sign-up-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-store",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sign-up-windows-store-for-business-overview.md",
-      "redirect_url": "/microsoft-store/sign-up-microsoft-store-for-business-overview",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sign-up-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/index",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/troubleshoot-windows-store-for-business.md",
-      "redirect_url": "/microsoft-store/troubleshoot-microsoft-store-for-business",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/update-windows-store-for-business-account-settings.md",
-      "redirect_url": "/microsoft-store/update-microsoft-store-for-business-account-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/windows-store-for-business-overview.md",
-      "redirect_url": "/microsoft-store/microsoft-store-for-business-overview",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/work-with-partner-microsoft-store-business.md",
-      "redirect_url": "/microsoft-365/commerce/manage-partners",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/acquire-apps-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/add-profile-to-devices.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/app-inventory-management-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/apps-in-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/assign-apps-to-employees.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/billing-payments-overview.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/billing-profile.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/billing-understand-your-invoice-msfb.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/configure-mdm-provider-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/distribute-apps-from-your-private-store.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/distribute-apps-to-your-employees-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/distribute-apps-with-management-tool.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/distribute-offline-apps.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/find-and-acquire-apps-overview.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/index.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-access-to-private-store.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-apps-microsoft-store-for-business-overview.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-orders-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-private-store-settings.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-settings-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/manage-users-and-groups-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/microsoft-store-for-business-education-powershell-module.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/microsoft-store-for-business-overview.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/notifications-microsoft-store-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/payment-methods.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/prerequisites-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/release-history-microsoft-store-business-education.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/roles-and-permissions-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/settings-reference-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sfb-change-history.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/sign-up-microsoft-store-for-business-overview.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/troubleshoot-microsoft-store-for-business.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/update-microsoft-store-for-business-account-settings.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/whats-new-microsoft-store-business-education.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "store-for-business/working-with-line-of-business-apps.md",
-      "redirect_url": "/microsoft-365/admin/",
-      "redirect_document_id": false
-    }
-  ]
-}
diff --git a/.openpublishing.redirection.windows-deployment.json b/.openpublishing.redirection.windows-deployment.json
index 09479f4eca..a563d3fa34 100644
--- a/.openpublishing.redirection.windows-deployment.json
+++ b/.openpublishing.redirection.windows-deployment.json
@@ -125,6 +125,21 @@
       "redirect_url": "/windows/deployment/do/waas-microsoft-connected-cache",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/deployment/do/mcc-ent-configure-provision-linux.md",
+      "redirect_url": "/windows/deployment/do/mcc-ent-deploy-to-linux",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/deployment/do/mcc-ent-configure-provision-windows.md",
+      "redirect_url": "/windows/deployment/do/mcc-ent-deploy-to-windows",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/deployment/do/mcc-ent-update-cache.md",
+      "redirect_url": "/windows/deployment/do/mcc-ent-uninstall-cache-node",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/deployment/planning/act-technical-reference.md",
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/compatibility/compatibility-administrator-users-guide",
diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json
index fc3a796e95..25701bb0a1 100644
--- a/.openpublishing.redirection.windows-security.json
+++ b/.openpublishing.redirection.windows-security.json
@@ -1,115 +1,825 @@
 {
   "redirections": [
     {
-      "source_path": "windows/security//information-protection/kernel-dma-protection-for-thunderbolt.md",
+      "source_path": "windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md",
       "redirect_url": "/windows/security/hardware-security/kernel-dma-protection-for-thunderbolt",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md",
+      "source_path": "windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md",
       "redirect_url": "/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md",
+      "source_path": "windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md",
       "redirect_url": "/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md",
-      "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md",
-      "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md",
-      "redirect_url": "/windows/security/operating-system-security/device-management/use-windows-event-forwarding-to-assist-in-intrusion-detection",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security//threat-protection/mbsa-removal-and-guidance.md",
+      "source_path": "windows/security/threat-protection/mbsa-removal-and-guidance.md",
       "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/mbsa-removal-and-guidance",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/configure-md-app-guard",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/faq-md-app-guard",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/install-md-app-guard.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/install-md-app-guard",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-browser-extension.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md",
-      "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/reqs-md-app-guard",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md",
+      "source_path": "windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md",
       "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/test-scenarios-md-app-guard",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md",
+      "source_path": "windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md",
       "redirect_url": "/windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md",
+      "source_path": "windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md",
       "redirect_url": "/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md",
+      "source_path": "windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md",
       "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/get-support-for-security-baselines",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md",
+      "source_path": "windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md",
       "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10",
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security//threat-protection/windows-security-configuration-framework/windows-security-baselines.md",
+      "source_path": "windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md",
       "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md",
+      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules#enforcement-modes",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md",
+      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/feature-availability",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/index.yml",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/index",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/known-issues",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/wdac.md",
+      "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-browser-extension.md",
+      "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/apps.md",
       "redirect_url": "/windows/security/application-security",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/cloud-security/index.md",
+      "redirect_url": "/windows/security/cloud-services",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/cloud.md",
       "redirect_url": "/windows/security",
@@ -260,36 +970,221 @@
       "redirect_url": "/windows/security/operating-system-security/data-protection/configure-s-mime",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-considerations.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-known-issues.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-manage.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/configure",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md",
       "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard-protection-limits",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-requirements.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard/index",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/credential-guard/credential-guard-scripts.md",
       "redirect_url": "/windows/security",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/credential-guard/credential-guard.md",
+      "redirect_url": "/windows/security/identity-protection/credential-guard",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/credential-guard/dg-readiness-tool.md",
       "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust-enroll.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/deploy/requirements.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md",
+      "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-and-password-changes.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-guide.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-event-300.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-faq.yml",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/faq",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/dual-enrollment",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/pin-reset",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-authentication",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md",
       "redirect_url": "/azure/active-directory/devices/device-registration-how-it-works",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-provisioning",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso",
@@ -310,11 +1205,31 @@
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust",
@@ -335,6 +1250,16 @@
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust",
@@ -360,6 +1285,21 @@
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust",
@@ -390,16 +1330,76 @@
       "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/policy-settings",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/hello-overview.md",
       "redirect_url": "/windows/security/identity-protection/hello-for-business",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-planning-guide.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/prepare-users",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-videos.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md",
+      "redirect_url": "/windows/security/identity-protection/hello-for-business/",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md",
       "redirect_url": "/azure/active-directory/authentication/howto-authentication-passwordless-security-key",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/identity-protection/hello-for-business/passwordless-strategy.md",
+      "redirect_url": "/windows/security/identity-protection/passwordless-strategy/",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/identity-protection/hello-for-business/reset-security-key.md",
       "redirect_url": "/azure/active-directory/authentication/howto-authentication-passwordless-security-key",
@@ -850,11 +1850,41 @@
       "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-top-node",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/collect-wip-audit-event-logs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md",
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md",
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure",
@@ -865,16 +1895,86 @@
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune.md",
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/how-to-disable-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/how-to-disable-wip",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md",
       "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/limitations-with-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/limitations-with-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/mandatory-settings-for-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/testing-scenarios-for-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/using-owa-with-wip.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/using-owa-with-wip",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-app-enterprise-context",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/information-protection/windows-information-protection/wip-learning.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-learning",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/introduction/index.md",
       "redirect_url": "/windows/security/introduction",
@@ -895,21 +1995,61 @@
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/countermeasures",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#bitlocker-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#$bitlocker-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/install-server",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/network-unlock",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
@@ -920,6 +2060,11 @@
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-security-faq.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
@@ -935,16 +2080,636 @@
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/operations-guide",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-process#bitlocker-recovery-password-viewer",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml",
       "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/plan",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/csv-san",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system-security/data-protection/index.md",
       "redirect_url": "/windows/security/operating-system-security/#data-protection",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall-with-advanced-security-administration-with-windows-powershell.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717262(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717263(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770289(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717260(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721530(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770729(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725978(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771822(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731463(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717237(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947845(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947794(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947848(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947836(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947800(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947783(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947791(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947799(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947827(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947819(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717261(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717238(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717284(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717277(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717279(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717293(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717253(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717249(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717270(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717275(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717278(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717245(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717246(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717247(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717274(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717243(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717283(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717288(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753540(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753825(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732933(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725818(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717281(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717259(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770426(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753367(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717292(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732202(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771233(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731164(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771366(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770899(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc726039(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771791(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731454(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770565(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754085(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731123(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770836(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731908(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732023(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717256(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731447(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731788(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717264(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721532(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717265(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717290(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717269(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717266(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717254(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730835(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771044(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771733(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732752(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725693(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771664(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732615(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754986(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771716(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947826(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730841(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc772556(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770865(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753064(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725659(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717267(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831807(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732486(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732413(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721528(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717251(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731951(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717273(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717241(v=ws.11)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732024(v=ws.10)",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/operating-system.md",
       "redirect_url": "/windows/security/operating-system-security",
@@ -955,6 +2720,11 @@
       "redirect_url": "/windows/security/security-foundations/index",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/security-foundations/msft-security-dev-lifecycle.md",
+      "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md",
       "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set",
@@ -1385,6 +3155,11 @@
       "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md",
+      "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/change-history-for-threat-protection.md",
       "redirect_url": "/windows/security/threat-protection",
@@ -4100,6 +5875,11 @@
       "redirect_url": "/windows/security/security-foundations/msft-security-dev-lifecycle",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md",
+      "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md",
       "redirect_url": "/windows/security/operating-system-security/system-security/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices",
@@ -4110,16 +5890,751 @@
       "redirect_url": "/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-this-computer-from-the-network",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-duration.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-duration",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-threshold",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/account-policies.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-administrator-account-status",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-guest-account-status",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-administrator-account",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-guest-account",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/add-workstations-to-domain",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/administer-security-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-locally",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/audit-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/back-up-files-and-directories",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/bypass-traverse-checking",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/change-the-system-time.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-system-time",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/change-the-time-zone.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-time-zone",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/create-a-pagefile.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-pagefile",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/create-a-token-object.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-token-object",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/create-global-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-global-objects",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-permanent-shared-objects",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/create-symbolic-links.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-symbolic-links",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/debug-programs.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/debug-programs",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-service",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-locally",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/enforce-password-history.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-password-history",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/generate-security-audits.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/generate-security-audits",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-a-process-working-set",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-scheduling-priority",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/kerberos-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/kerberos-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/load-and-unload-device-drivers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/lock-pages-in-memory",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-batch-job",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-service",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/manage-auditing-and-security-log",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-password-age.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-password-age",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md",
       "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-if-client-agress.md",
       "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-age.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-age",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-length.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-length",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/modify-an-object-label.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-an-object-label",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-firmware-environment-values",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-list-manager-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/password-policy.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/profile-single-process.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-single-process",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/profile-system-performance.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-system-performance",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/remove-computer-from-docking-station",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/replace-a-process-level-token",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/restore-files-and-directories",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/security-options.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-options",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings-reference",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/shut-down-the-system.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shut-down-the-system",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md",
       "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always",
@@ -4140,6 +6655,111 @@
       "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/synchronize-directory-service-data",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-optional-subsystems",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/security-policy-settings/user-rights-assignment.md",
+      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-rights-assignment",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md",
+      "redirect_url": "/windows/security/operating-system-security/device-management/use-windows-event-forwarding-to-assist-in-intrusion-detection",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md",
       "redirect_url": "https://www.microsoft.com/security/blog/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/",
@@ -4580,11 +7200,6 @@
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings",
       "redirect_document_id": false
     },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md",
-      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview",
-      "redirect_document_id": false
-    },
     {
       "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference",
@@ -4685,11 +7300,6 @@
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives",
       "redirect_document_id": false
     },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives.md",
-      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview",
-      "redirect_document_id": false
-    },
     {
       "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application",
@@ -4860,11 +7470,6 @@
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings",
       "redirect_document_id": false
     },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md",
-      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#enforcement-modes",
-      "redirect_document_id": false
-    },
     {
       "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions",
@@ -4935,11 +7540,6 @@
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain",
       "redirect_document_id": false
     },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md",
-      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac",
-      "redirect_document_id": false
-    },
     {
       "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets",
@@ -4955,11 +7555,6 @@
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies",
       "redirect_document_id": false
     },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md",
-      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac",
-      "redirect_document_id": false
-    },
     {
       "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker",
@@ -6975,6 +9570,11 @@
       "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md",
+      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md",
       "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices",
@@ -7381,1914 +9981,9 @@
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-considerations.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-known-issues.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-manage.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/credential-guard/credential-guard-requirements.md",
-      "redirect_url": "/windows/security/identity-protection/credential-guard/index",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#$bitlocker-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#bitlocker-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/countermeasures",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-process#bitlocker-recovery-password-viewer",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/network-unlock",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/plan",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/operations-guide",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/csv-san",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/install-server",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md",
-      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721530(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725978(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770729(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731463(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771822(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753825(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725818(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732933(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753367(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770426(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732202(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771233(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731164(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770565(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754085(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731123(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770836(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731908(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731788(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731447(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721532(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730835(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771044(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771733(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732752(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725693(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771664(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732615(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754986(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771716(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947826(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730841(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732486(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721528(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732413(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770289(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947845(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947794(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947848(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947836(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947800(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947783(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947791(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947799(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947827(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947819(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717261(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717238(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717284(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717277(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732023(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717256(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc772556(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770865(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753064(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725659(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731951(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717241(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732024(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717262(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717263(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717260(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717237(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717279(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717293(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717253(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717249(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717270(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717275(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717278(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717245(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717246(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717247(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717274(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717243(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717283(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717288(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717281(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717259(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717292(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717264(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717265(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717290(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717269(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717266(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717254(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717267(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717251(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717273(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731454(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770899(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771366(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc726039(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771791(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753540(v=ws.10)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall-with-advanced-security-administration-with-windows-powershell.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831807(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md",
-      "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/security-foundations/msft-security-dev-lifecycle.md",
-      "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/pin-reset",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md",
-      "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-guide.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/requirements.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-and-password-changes.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-authentication",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-provisioning",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-planning-guide.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/prepare-users",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/passwordless-strategy.md",
-      "redirect_url": "/windows/security/identity-protection/passwordless-strategy/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust-enroll.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-videos.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-faq.yml",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/faq",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-pki.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-this-computer-from-the-network",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-duration.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-duration",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-policy",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-threshold",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/account-policies.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-policies",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-administrator-account-status",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-guest-account-status",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-administrator-account",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-guest-account",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/add-workstations-to-domain",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/administer-security-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-locally",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/audit-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-policy",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/back-up-files-and-directories",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/bypass-traverse-checking",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/change-the-system-time.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-system-time",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/change-the-time-zone.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-time-zone",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/create-a-pagefile.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-pagefile",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/create-a-token-object.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-token-object",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/create-global-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-global-objects",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-permanent-shared-objects",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/create-symbolic-links.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-symbolic-links",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/debug-programs.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/debug-programs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-service",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-locally",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/enforce-password-history.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-password-history",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/generate-security-audits.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/generate-security-audits",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-a-process-working-set",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-scheduling-priority",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/kerberos-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/kerberos-policy",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/load-and-unload-device-drivers",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/lock-pages-in-memory",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-batch-job",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-service",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/manage-auditing-and-security-log",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-password-age.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-password-age",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-age.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-age",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-length.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-length",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/modify-an-object-label.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-an-object-label",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-firmware-environment-values",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-list-manager-policies",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/password-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-policy",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/profile-single-process.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-single-process",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/profile-system-performance.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-system-performance",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/remove-computer-from-docking-station",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/replace-a-process-level-token",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/restore-files-and-directories",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/security-options.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-options",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings-reference",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/shut-down-the-system.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shut-down-the-system",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/synchronize-directory-service-data",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-optional-subsystems",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/threat-protection/security-policy-settings/user-rights-assignment.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-rights-assignment",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/cloud-security/index.md",
-      "redirect_url": "/windows/security/cloud-services",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md",
-      "redirect_url": "/windows/security/identity-protection/hello-for-business/dual-enrollment",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/collect-wip-audit-event-logs",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/how-to-disable-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/how-to-disable-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/limitations-with-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/limitations-with-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/mandatory-settings-for-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/testing-scenarios-for-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/using-owa-with-wip.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/using-owa-with-wip",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-app-enterprise-context",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/information-protection/windows-information-protection/wip-learning.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-learning",
-      "redirect_document_id": false
-    },
-    {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s.md",
-      "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps",
+      "source_path": "windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md",
+      "redirect_url": "/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md",
       "redirect_document_id": false
     }
   ]
-}
+}
\ No newline at end of file
diff --git a/education/windows/index.yml b/education/windows/index.yml
index 4bc8fe8393..981e1d8466 100644
--- a/education/windows/index.yml
+++ b/education/windows/index.yml
@@ -12,22 +12,16 @@ metadata:
   author: paolomatarazzo
   ms.author: paoloma
   manager: aaroncz
-  ms.date: 07/22/2024
+  ms.date: 10/10/2024
 
 highlightedContent:
   items:
-  - title: Get started with Windows 11 SE
-    itemType: get-started
-    url: windows-11-se-overview.md
-  - title: Windows 11, version 23H2
+  - title: Windows 11, version 24H2
     itemType: whats-new
-    url: /windows/whats-new/whats-new-windows-11-version-23h2
+    url: /windows/whats-new/whats-new-windows-11-version-24h2
   - title: Explore all Windows trainings and learning paths for IT pros
     itemType: learn
     url: https://learn.microsoft.com/en-us/training/browse/?products=windows&roles=administrator
-  - title: Deploy applications to Windows 11 SE with Intune
-    itemType: how-to-guide
-    url: /education/windows/tutorial-deploy-apps-winse
 
 productDirectory:
   title: Get started
diff --git a/education/windows/windows-11-se-faq.yml b/education/windows/windows-11-se-faq.yml
index 4a9b022c07..c33dec8686 100644
--- a/education/windows/windows-11-se-faq.yml
+++ b/education/windows/windows-11-se-faq.yml
@@ -1,9 +1,9 @@
 ### YamlMime:FAQ
 metadata:
   title: Windows 11 SE Frequently Asked Questions (FAQ)
-  description: Use these frequently asked questions (FAQ) to learn important details about Windows 11 SE.   
+  description: Use these frequently asked questions (FAQ) to learn important details about Windows 11 SE.
   ms.topic: faq
-  ms.date: 01/16/2024
+  ms.date: 10/10/2024
   appliesto:
     - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
 
@@ -30,7 +30,7 @@ sections:
           - Express yourself and celebrate accomplishments with the *emoji and GIF panel* and *Stickers*
   - name: Deployment
     questions:
-      - question: Can I load Windows 11 SE on any hardware? 
+      - question: Can I load Windows 11 SE on any hardware?
         answer: |
           Windows 11 SE is only available on devices that are built for education. To learn more, see [Windows 11 SE Overview](/education/windows/windows-11-se-overview).
       - question: Can I PXE boot a Windows SE device?
diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md
index e5fd11df2b..3c0a5f8d93 100644
--- a/education/windows/windows-11-se-overview.md
+++ b/education/windows/windows-11-se-overview.md
@@ -2,7 +2,7 @@
 title: Windows 11 SE Overview
 description: Learn about Windows 11 SE, and the apps that are included with the operating system.
 ms.topic: overview
-ms.date: 01/09/2024
+ms.date: 10/10/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
 ms.collection:
@@ -96,9 +96,9 @@ The following applications can also run on Windows 11 SE, and can be deployed us
 | `CKAuthenticator`                         | 3.6+              | `Win32`    | `ContentKeeper`                           |
 | `Class Policy`                            | 116.0.0           | `Win32`    | `Class Policy`                            |
 | `Classroom.cloud`                         | 1.40.0004         | `Win32`    | `NetSupport`                              |
-| `Clipchamp`                               | 2.5.2.            | `Store`  | `Microsoft`                               | 
+| `Clipchamp`                               | 2.5.2.            | `Store`  | `Microsoft`                               |
 | `CoGat Secure Browser`                    | 11.0.0.19         | `Win32`    | `Riverside Insights`                      |
-| `ColorVeil`                               | 4.0.0.175         | `Win32`    | `East-Tec`                                | 
+| `ColorVeil`                               | 4.0.0.175         | `Win32`    | `East-Tec`                                |
 | `ContentKeeper Cloud`                     | 9.01.45           | `Win32`    | `ContentKeeper Technologies`              |
 | `DigiExam`                                | 14.1.0            | `Win32`    | `Digiexam`                                |
 | `Digital Secure testing browser`          | 15.0.0            | `Win32`    | `Digiexam`                                |
diff --git a/education/windows/windows-11-se-settings-list.md b/education/windows/windows-11-se-settings-list.md
index 1c973e2035..5e09c2f2d1 100644
--- a/education/windows/windows-11-se-settings-list.md
+++ b/education/windows/windows-11-se-settings-list.md
@@ -2,7 +2,7 @@
 title: Windows 11 SE settings list
 description: Windows 11 SE automatically configures settings in the operating system. Learn more about the settings you can control and manage, and the settings you can't change.
 ms.topic: reference
-ms.date: 05/06/2024
+ms.date: 10/10/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
 ms.collection:
diff --git a/includes/licensing/windows-defender-application-control-wdac.md b/includes/licensing/windows-defender-application-control-wdac.md
index 52264205ff..87446bab24 100644
--- a/includes/licensing/windows-defender-application-control-wdac.md
+++ b/includes/licensing/windows-defender-application-control-wdac.md
@@ -1,19 +1,19 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 09/18/2023
+ms.date: 09/23/2024
 ms.topic: include
 ---
 
 ## Windows edition and licensing requirements
 
-The following table lists the Windows editions that support Windows Defender Application Control (WDAC):
+The following table lists the Windows editions that support App Control for Business:
 
 |Windows Pro|Windows Enterprise|Windows Pro Education/SE|Windows Education|
 |:---:|:---:|:---:|:---:|
 |Yes|Yes|Yes|Yes|
 
-Windows Defender Application Control (WDAC) license entitlements are granted by the following licenses:
+App Control license entitlements are granted by the following licenses:
 
 |Windows Pro/Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5|
 |:---:|:---:|:---:|:---:|:---:|
diff --git a/store-for-business/breadcrumb/toc.yml b/store-for-business/breadcrumb/toc.yml
deleted file mode 100644
index 4b1853471b..0000000000
--- a/store-for-business/breadcrumb/toc.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: Docs
-  tocHref: /
-  topicHref: /
-  items:
-    - name: Microsoft Store for Business
-      tocHref: /microsoft-store
-      topicHref: /microsoft-store/index
\ No newline at end of file
diff --git a/store-for-business/docfx.json b/store-for-business/docfx.json
deleted file mode 100644
index e29e3bfdae..0000000000
--- a/store-for-business/docfx.json
+++ /dev/null
@@ -1,81 +0,0 @@
-{
-  "build": {
-    "content": [
-      {
-        "files": [
-          "**/*.md",
-          "**/**.yml"
-        ],
-        "exclude": [
-          "**/obj/**",
-          "**/includes/**",
-          "README.md",
-          "LICENSE",
-          "LICENSE-CODE",
-          "ThirdPartyNotices"
-        ]
-      }
-    ],
-    "resource": [
-      {
-        "files": [
-          "**/*.png",
-          "**/*.jpg"
-        ],
-        "exclude": [
-          "**/obj/**",
-          "**/includes/**"
-        ]
-      }
-    ],
-    "overwrite": [],
-    "externalReference": [],
-    "globalMetadata": {
-      "recommendations": true,
-      "adobe-target": true,
-      "ms.collection": [
-        "tier2"
-      ],
-      "breadcrumb_path": "/microsoft-store/breadcrumb/toc.json",
-      "uhfHeaderId": "MSDocsHeader-Archive",
-      "is_archived": true,
-      "is_retired": true,
-      "ROBOTS": "NOINDEX,NOFOLLOW",
-      "ms.author": "trudyha",
-      "audience": "ITPro",
-      "ms.service": "store-for-business",
-      "ms.topic": "article",
-      "ms.date": "05/09/2017",
-      "searchScope": [
-        "Store"
-      ],
-      "feedback_system": "None",
-      "hideEdit": true,
-      "_op_documentIdPathDepotMapping": {
-        "./": {
-          "depot_name": "MSDN.store-for-business",
-          "folder_relative_path_in_docset": "./"
-        }
-      },
-      "contributors_to_exclude": [
-        "dstrome2",
-        "rjagiewich",  
-        "American-Dipper",
-        "claydetels19", 
-        "jborsecnik",
-        "v-stchambers",
-        "shdyas",
-        "Stacyrch140",
-        "garycentric",
-        "dstrome",
-        "alekyaj",
-        "aditisrivastava07",
-        "padmagit77"
-      ]
-    },
-    "fileMetadata": {},
-    "template": [],
-    "dest": "store-for-business",
-    "markdownEngineName": "markdig"
-  }
-}
diff --git a/windows/application-management/index.yml b/windows/application-management/index.yml
index ae406114d7..2fe6bc1844 100644
--- a/windows/application-management/index.yml
+++ b/windows/application-management/index.yml
@@ -9,7 +9,7 @@ metadata:
   author: aczechowski
   ms.author: aaroncz
   manager: aaroncz
-  ms.date: 06/28/2024
+  ms.date: 09/27/2024
   ms.topic: landing-page
   ms.service: windows-client
   ms.subservice: itpro-apps
diff --git a/windows/application-management/per-user-services-in-windows.md b/windows/application-management/per-user-services-in-windows.md
index 9e6cefb8ae..f1cf07572c 100644
--- a/windows/application-management/per-user-services-in-windows.md
+++ b/windows/application-management/per-user-services-in-windows.md
@@ -4,7 +4,7 @@ description: Learn about per-user services, how to change the template service s
 author: aczechowski
 ms.author: aaroncz
 manager: aaroncz
-ms.date: 12/22/2023
+ms.date: 10/01/2024
 ms.topic: how-to
 ms.service: windows-client
 ms.subservice: itpro-apps
@@ -99,7 +99,7 @@ $services = Get-Service
 foreach ( $service in $services ) {
   # For each specific service, check if the service type property includes the 64 bit using the bitwise AND operator (-band).
   # If the result equals the flag value, then the service is a per-user service.
-  if ( ( $service.ServiceType -band $flag ) -eq $flag ) { 
+  if ( ( $service.ServiceType -band $flag ) -eq $flag ) {
     # When a per-user service is found, then add that service object to the results array.
     $serviceList += $service
   }
@@ -229,14 +229,14 @@ If you can't use group policy preferences to manage the per-user services, you c
 
 1. The following example includes multiple commands that disable the specified Windows services by changing their **Start** value in the Windows Registry to `4`:
 
-```cmd
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\CDPUserSvc /v Start /t REG_DWORD /d 4 /f
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\OneSyncSvc /v Start /t REG_DWORD /d 4 /f
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\PimIndexMaintenanceSvc /v Start /t REG_DWORD /d 4 /f
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\UnistoreSvc /v Start /t REG_DWORD /d 4 /f
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\UserDataSvc /v Start /t REG_DWORD /d 4 /f
-REG.EXE ADD HKLM\System\CurrentControlSet\Services\WpnUserService /v Start /t REG_DWORD /d 4 /f
-```
+    ```cmd
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\CDPUserSvc /v Start /t REG_DWORD /d 4 /f
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\OneSyncSvc /v Start /t REG_DWORD /d 4 /f
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\PimIndexMaintenanceSvc /v Start /t REG_DWORD /d 4 /f
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\UnistoreSvc /v Start /t REG_DWORD /d 4 /f
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\UserDataSvc /v Start /t REG_DWORD /d 4 /f
+    REG.EXE ADD HKLM\System\CurrentControlSet\Services\WpnUserService /v Start /t REG_DWORD /d 4 /f
+    ```
 
 #### Example 2: Use the Registry Editor user interface to edit the registry
 
@@ -248,7 +248,7 @@ REG.EXE ADD HKLM\System\CurrentControlSet\Services\WpnUserService /v Start /t RE
 
 1. Change the **Value data** to `4`.
 
-:::image type="content" source="media/regedit-change-service-startup-type.png" alt-text="Screenshot of the Registry Editor open to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDPSvc and highlighting the Start value set to 4.":::
+    :::image type="content" source="media/regedit-change-service-startup-type.png" alt-text="Screenshot of the Registry Editor open to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDPSvc and highlighting the Start value set to 4.":::
 
 #### Example 3: Prevent the creation of per-user services
 
diff --git a/windows/application-management/sideload-apps-in-windows.md b/windows/application-management/sideload-apps-in-windows.md
index 3779938afc..8daf6b4e76 100644
--- a/windows/application-management/sideload-apps-in-windows.md
+++ b/windows/application-management/sideload-apps-in-windows.md
@@ -4,7 +4,7 @@ description: Learn how to sideload line-of-business (LOB) apps in Windows client
 author: aczechowski
 ms.author: aaroncz
 manager: aaroncz
-ms.date: 12/22/2023
+ms.date: 09/27/2024
 ms.topic: how-to
 ms.service: windows-client
 ms.subservice: itpro-apps
diff --git a/windows/client-management/manage-windows-copilot.md b/windows/client-management/manage-windows-copilot.md
index d48ca50d9a..d2904f504a 100644
--- a/windows/client-management/manage-windows-copilot.md
+++ b/windows/client-management/manage-windows-copilot.md
@@ -16,7 +16,7 @@ appliesto:
 # Updated Windows and Microsoft Copilot experience
 <!--8445848, 9294806-->
 
->**Looking for consumer information?** See [Welcome to Copilot in Windows](https://support.microsoft.com/topic/675708af-8c16-4675-afeb-85a5a476ccb0).
+>**Looking for consumer information?** See [Welcome to Copilot in Windows](https://support.microsoft.com/topic/675708af-8c16-4675-afeb-85a5a476ccb0). **Looking for more information on Microsoft Copilot experiences?** See [Understanding the different Microsoft Copilot experiences](https://support.microsoft.com/topic/cfff4791-694a-4d90-9c9c-1eb3fb28e842).
 
 ## Enhanced data protection with enterprise data protection
 
diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index dd8f2e1b6b..7d20bc1c4c 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -11,9 +11,9 @@ ms.date: 01/31/2024
 
 <!-- ApplicationControl-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-Windows Defender Application Control (WDAC) policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot.
+App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot.
 
-Existing Windows Defender Application Control (WDAC) policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although WDAC policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only.
+Existing App Control for Business policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although App Control policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only.
 <!-- ApplicationControl-Editable-End -->
 
 <!-- ApplicationControl-Tree-Begin -->
@@ -861,7 +861,7 @@ The following table provides the result of this policy based on different values
 
 ## Microsoft Intune Usage Guidance
 
-For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune).
+For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy App Control for Business policies by using Microsoft Intune](/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune).
 
 ## Generic MDM Server Usage Guidance
 
@@ -1014,7 +1014,7 @@ The ApplicationControl CSP can also be managed locally from PowerShell or via Co
 
 ### Setup for using the WMI Bridge
 
-1. Convert your WDAC policy to Base64.
+1. Convert your App Control policy to Base64.
 2. Open PowerShell in Local System context (through PSExec or something similar).
 3. Use WMI Interface:
 
diff --git a/windows/client-management/mdm/clouddesktop-ddf-file.md b/windows/client-management/mdm/clouddesktop-ddf-file.md
index 07c68d9f04..1cf28badea 100644
--- a/windows/client-management/mdm/clouddesktop-ddf-file.md
+++ b/windows/client-management/mdm/clouddesktop-ddf-file.md
@@ -1,7 +1,7 @@
 ---
 title: CloudDesktop DDF file
 description: View the XML file containing the device description framework (DDF) for the CloudDesktop configuration service provider.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the C
       <MSFT:Applicability>
         <MSFT:OsBuildVersion>99.9.99999</MSFT:OsBuildVersion>
         <MSFT:CspVersion>2.0</MSFT:CspVersion>
-        <MSFT:EditionAllowList>0x4;0x30;0x31;0x7E;0x87;0x88;0x88*;0xA1;0xA2;0xA4;0xA5;0xB4;0xBC;0xBD;0xBF;</MSFT:EditionAllowList>
+        <MSFT:EditionAllowList>0x4;0x30;0x31;0x7E;0x88;0xA1;0xA2;0xA4;0xA5;0xBC;0xBF;0xCD;</MSFT:EditionAllowList>
       </MSFT:Applicability>
     </DFProperties>
     <Node>
@@ -139,7 +139,7 @@ The following XML file contains the device description framework (DDF) for the C
       <MSFT:Applicability>
         <MSFT:OsBuildVersion>10.0.22621.3374</MSFT:OsBuildVersion>
         <MSFT:CspVersion>1.0</MSFT:CspVersion>
-        <MSFT:EditionAllowList>0x4;0x30;0x31;0x7E;0x87;0x88;0x88*;0xA1;0xA2;0xA4;0xA5;0xB4;0xBC;0xBD;0xBF;</MSFT:EditionAllowList>
+        <MSFT:EditionAllowList>0x4;0x30;0x31;0x7E;0x88;0xA1;0xA2;0xA4;0xA5;0xBC;0xBF;0xCD;</MSFT:EditionAllowList>
       </MSFT:Applicability>
     </DFProperties>
     <Node>
diff --git a/windows/client-management/mdm/configuration-service-provider-ddf.md b/windows/client-management/mdm/configuration-service-provider-ddf.md
index 99b94df749..bcb544c636 100644
--- a/windows/client-management/mdm/configuration-service-provider-ddf.md
+++ b/windows/client-management/mdm/configuration-service-provider-ddf.md
@@ -13,7 +13,7 @@ This article lists the OMA DM device description framework (DDF) files for vario
 
 As of December 2022, DDF XML schema was updated to include additional information such as OS build applicability. DDF v2 XML files for Windows 10 and Windows 11 are combined, and provided in a single download:
 
-- [DDF v2 Files, May 2024](https://download.microsoft.com/download/f/6/1/f61445f7-1d38-45f7-bc8c-609b86e4aabc/DDFv2May24.zip)
+- [DDF v2 Files, September 2024](https://download.microsoft.com/download/a/a/a/aaadc008-67d4-4dcd-b864-70c479baf7d6/DDFv2September24.zip)
 
 ## DDF v2 schema
 
@@ -574,7 +574,7 @@ DDF v2 XML schema definition is listed below along with the schema definition fo
 ## Older DDF files
 
 You can download the older DDF files for various CSPs from the links below:
-
+- [Download all the DDF files for Windows 10 and 11 May 2024](https://download.microsoft.com/download/f/6/1/f61445f7-1d38-45f7-bc8c-609b86e4aabc/DDFv2May24.zip)
 - [Download all the DDF files for Windows 10 and 11 September 2023](https://download.microsoft.com/download/0/e/c/0ec027e5-8971-49a2-9230-ec9352bc3ead/DDFv2September2023.zip)
 - [Download all the DDF files for Windows 10 and 11 December 2022](https://download.microsoft.com/download/7/4/c/74c6daca-983e-4f16-964a-eef65b553a37/DDFv2December2022.zip)
 - [Download all the DDF files for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/Windows10_2004_DDF_download.zip)
diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md
index 198570987e..9841e9f442 100644
--- a/windows/client-management/mdm/defender-csp.md
+++ b/windows/client-management/mdm/defender-csp.md
@@ -1,7 +1,7 @@
 ---
 title: Defender CSP
 description: Learn more about the Defender CSP.
-ms.date: 06/21/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -1289,7 +1289,7 @@ Define data duplication remote location for Device Control. When configuring thi
 
 <!-- Device-Configuration-DaysUntilAggressiveCatchupQuickScan-Description-Begin -->
 <!-- Description-Source-DDF -->
-Configure how many days can pass before an aggressive quick scan is triggered. The valid interval is [7-60] days. If not configured, aggressive quick scans will be disabled. By default, the value is set to 25 days when enabled.
+Configure how many days can pass before an aggressive quick scan is triggered. The valid interval is [7-60] days. If not configured, aggressive quick scans will be disabled. By default, the value is set to 30 days when enabled.
 <!-- Device-Configuration-DaysUntilAggressiveCatchupQuickScan-Description-End -->
 
 <!-- Device-Configuration-DaysUntilAggressiveCatchupQuickScan-Editable-Begin -->
@@ -1304,7 +1304,7 @@ Configure how many days can pass before an aggressive quick scan is triggered. T
 | Format | `int` |
 | Access Type | Add, Delete, Get, Replace |
 | Allowed Values | Range: `[7-60]` |
-| Default Value  | 25 |
+| Default Value  | 30 |
 <!-- Device-Configuration-DaysUntilAggressiveCatchupQuickScan-DFProperties-End -->
 
 <!-- Device-Configuration-DaysUntilAggressiveCatchupQuickScan-Examples-Begin -->
diff --git a/windows/client-management/mdm/defender-ddf.md b/windows/client-management/mdm/defender-ddf.md
index f286ba947c..2055d5bdf0 100644
--- a/windows/client-management/mdm/defender-ddf.md
+++ b/windows/client-management/mdm/defender-ddf.md
@@ -1,7 +1,7 @@
 ---
 title: Defender DDF file
 description: View the XML file containing the device description framework (DDF) for the Defender configuration service provider.
-ms.date: 06/28/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -2373,8 +2373,8 @@ The following XML file contains the device description framework (DDF) for the D
             <Get />
             <Replace />
           </AccessType>
-          <DefaultValue>25</DefaultValue>
-          <Description>Configure how many days can pass before an aggressive quick scan is triggered. The valid interval is [7-60] days. If not configured, aggressive quick scans will be disabled. By default, the value is set to 25 days when enabled.</Description>
+          <DefaultValue>30</DefaultValue>
+          <Description>Configure how many days can pass before an aggressive quick scan is triggered. The valid interval is [7-60] days. If not configured, aggressive quick scans will be disabled. By default, the value is set to 30 days when enabled.</Description>
           <DFFormat>
             <int />
           </DFFormat>
diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md
index e269946643..4d6dc724a9 100644
--- a/windows/client-management/mdm/firewall-csp.md
+++ b/windows/client-management/mdm/firewall-csp.md
@@ -1,7 +1,7 @@
 ---
 title: Firewall CSP
 description: Learn more about the Firewall CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -2221,7 +2221,7 @@ Specifies the friendly name of the firewall rule.
 
 <!-- Device-MdmStore-FirewallRules-{FirewallRuleName}-PolicyAppId-Description-Begin -->
 <!-- Description-Source-DDF -->
-Specifies one WDAC tag. This is a string that can contain any alphanumeric character and any of the characters ":", "/", ""., and "_". A PolicyAppId and ServiceName can't be specified in the same rule.
+Specifies one App Control tag. This is a string that can contain any alphanumeric character and any of the characters ":", "/", ""., and "_". A PolicyAppId and ServiceName can't be specified in the same rule.
 <!-- Device-MdmStore-FirewallRules-{FirewallRuleName}-PolicyAppId-Description-End -->
 
 <!-- Device-MdmStore-FirewallRules-{FirewallRuleName}-PolicyAppId-Editable-Begin -->
diff --git a/windows/client-management/mdm/index.yml b/windows/client-management/mdm/index.yml
index f1b84cf506..632aec5fb8 100644
--- a/windows/client-management/mdm/index.yml
+++ b/windows/client-management/mdm/index.yml
@@ -9,7 +9,7 @@ metadata:
   ms.topic: landing-page
   ms.collection:
     - tier1
-  ms.date: 10/25/2023
+  ms.date: 10/07/2024
   ms.localizationpriority: medium
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
@@ -27,8 +27,8 @@ landingContent:
             url: configuration-service-provider-support.md
           - text: Device description framework (DDF) files
             url: configuration-service-provider-ddf.md
-          - text: BitLocker CSP
-            url: bitlocker-csp.md
+          - text: Contribute to CSP reference
+            url: contribute-csp-reference.md
           - text: Declared Configuration protocol
             url: ../declared-configuration.md
 
@@ -42,8 +42,8 @@ landingContent:
             url: policy-configuration-service-provider.md
           - text: Policy DDF file
             url: configuration-service-provider-ddf.md
-          - text: Policy CSP - Start
-            url: policy-csp-start.md
+          - text: Policy CSP - Defender
+            url: policy-csp-defender.md
           - text: Policy CSP - Update
             url: policy-csp-update.md
 
diff --git a/windows/client-management/mdm/laps-csp.md b/windows/client-management/mdm/laps-csp.md
index 0e5e7d5b2d..76508deef5 100644
--- a/windows/client-management/mdm/laps-csp.md
+++ b/windows/client-management/mdm/laps-csp.md
@@ -1,7 +1,7 @@
 ---
 title: LAPS CSP
 description: Learn more about the LAPS CSP.
-ms.date: 06/21/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 06/21/2024
 <!-- LAPS-Begin -->
 # LAPS CSP
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- LAPS-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 The Local Administrator Password Solution (LAPS) configuration service provider (CSP) is used by the enterprise to manage back up of local administrator account passwords. Windows supports a LAPS Group Policy Object that is entirely separate from the LAPS CSP. Many of the various settings are common across both the LAPS GPO and CSP (GPO does not support any of the Action-related settings). As long as at least one LAPS setting is configured via CSP, any GPO-configured settings will be ignored. Also see [Configure policy settings for Windows LAPS](/windows-server/identity/laps/laps-management-policy-settings).
@@ -432,7 +430,7 @@ If the specified user or group account is invalid the device will fallback to us
 <!-- Device-Policies-AutomaticAccountManagementEnableAccount-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-AutomaticAccountManagementEnableAccount-Applicability-End -->
 
 <!-- Device-Policies-AutomaticAccountManagementEnableAccount-OmaUri-Begin -->
@@ -488,7 +486,7 @@ If not specified, this setting defaults to False.
 <!-- Device-Policies-AutomaticAccountManagementEnabled-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-AutomaticAccountManagementEnabled-Applicability-End -->
 
 <!-- Device-Policies-AutomaticAccountManagementEnabled-OmaUri-Begin -->
@@ -543,7 +541,7 @@ If not specified, this setting defaults to False.
 <!-- Device-Policies-AutomaticAccountManagementNameOrPrefix-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-AutomaticAccountManagementNameOrPrefix-Applicability-End -->
 
 <!-- Device-Policies-AutomaticAccountManagementNameOrPrefix-OmaUri-Begin -->
@@ -587,7 +585,7 @@ If not specified, this setting will default to "WLapsAdmin".
 <!-- Device-Policies-AutomaticAccountManagementRandomizeName-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-AutomaticAccountManagementRandomizeName-Applicability-End -->
 
 <!-- Device-Policies-AutomaticAccountManagementRandomizeName-OmaUri-Begin -->
@@ -643,7 +641,7 @@ If not specified, this setting defaults to False.
 <!-- Device-Policies-AutomaticAccountManagementTarget-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-AutomaticAccountManagementTarget-Applicability-End -->
 
 <!-- Device-Policies-AutomaticAccountManagementTarget-OmaUri-Begin -->
@@ -759,7 +757,7 @@ If not specified, this setting will default to 0.
 <!-- Device-Policies-PassphraseLength-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Device-Policies-PassphraseLength-Applicability-End -->
 
 <!-- Device-Policies-PassphraseLength-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/laps-ddf-file.md b/windows/client-management/mdm/laps-ddf-file.md
index 5d06e470a6..d32a646434 100644
--- a/windows/client-management/mdm/laps-ddf-file.md
+++ b/windows/client-management/mdm/laps-ddf-file.md
@@ -1,7 +1,7 @@
 ---
 title: LAPS DDF file
 description: View the XML file containing the device description framework (DDF) for the LAPS configuration service provider.
-ms.date: 06/28/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -327,7 +327,7 @@ This setting has a maximum allowed value of 10 words.</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:AllowedValues ValueType="Range">
@@ -690,7 +690,7 @@ If not specified, this setting defaults to False.</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:AllowedValues ValueType="ENUM">
@@ -736,7 +736,7 @@ If not specified, this setting will default to 1.</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:AllowedValues ValueType="ENUM">
@@ -791,7 +791,7 @@ If not specified, this setting will default to "WLapsAdmin".</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:DependencyBehavior>
@@ -839,7 +839,7 @@ If not specified, this setting defaults to False.</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:AllowedValues ValueType="ENUM">
@@ -897,7 +897,7 @@ If not specified, this setting defaults to False.</Description>
             <MIME />
           </DFType>
           <MSFT:Applicability>
-            <MSFT:OsBuildVersion>99.9.9999</MSFT:OsBuildVersion>
+            <MSFT:OsBuildVersion>10.0.26100</MSFT:OsBuildVersion>
             <MSFT:CspVersion>1.1</MSFT:CspVersion>
           </MSFT:Applicability>
           <MSFT:AllowedValues ValueType="ENUM">
diff --git a/windows/client-management/mdm/office-csp.md b/windows/client-management/mdm/office-csp.md
index 70692efc8b..5dc08b8a09 100644
--- a/windows/client-management/mdm/office-csp.md
+++ b/windows/client-management/mdm/office-csp.md
@@ -1,7 +1,7 @@
 ---
 title: Office CSP
 description: Learn more about the Office CSP.
-ms.date: 01/18/2024
+ms.date: 10/10/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,7 +11,7 @@ ms.date: 01/18/2024
 
 <!-- Office-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-The Office configuration service provider (CSP) enables a Microsoft Office client to be installed on a device via the Office Deployment Tool (ODT). For more information, see [Configuration options for the Office Deployment Tool](/deployoffice/office-deployment-tool-configuration-options) and [How to assign Office 365 apps to Windows 10 devices with Microsoft Intune](/intune/apps-add-office365).
+The Office configuration service provider (CSP) enables a Microsoft Office client to be installed on a device via the Office Deployment Tool (ODT). For more information, see [Configuration options for the Office Deployment Tool](/deployoffice/office-deployment-tool-configuration-options) and [Add Microsoft 365 Apps to Windows devices with Microsoft Intune](/mem/intune/apps/apps-add-office365).
 <!-- Office-Editable-End -->
 
 <!-- Office-Tree-Begin -->
@@ -587,7 +587,7 @@ To get the current status of Office 365 on the device.
 | 17001      | ERROR_QUEUE_SCENARIO <br/>Failed to queue installation scenario in C2RClient                                                                                                                                                                                                                                                      | Failure |
 | 17002      | ERROR_COMPLETING_SCENARIO <br>Failed to complete the process. Possible reasons:<li>Installation canceled by user<li>Installation canceled by another installation<li>Out of disk space during installation <li>Unknown language ID                                                                                                | Failure |
 | 17003      | ERROR_ANOTHER_RUNNING_SCENARIO <br>Another scenario is running                                                                                                                                                                                                                                                                    | Failure |
-| 17004      | ERROR_COMPLETING_SCENARIO_NEED_CLEAN_UP<br>Possible reasons:<li>Unknown SKUs<li>Content does't exist on CDN<ul><li>Such as trying to install an unsupported LAP, like zh-sg<li>CDN issue that content is not available</li></ul><li>Signature check issue, such as failed the signature check for Office content<li>User canceled | Failure |
+| 17004      | ERROR_COMPLETING_SCENARIO_NEED_CLEAN_UP<br>Possible reasons:<li>Unknown SKUs<li>Content doesn't exist on CDN<ul><li>Such as trying to install an unsupported LAP, like zh-sg<li>CDN issue that content is not available</li></ul><li>Signature check issue, such as failed the signature check for Office content<li>User canceled | Failure |
 | 17005      | ERROR_SCENARIO_CANCELLED_AS_PLANNED                                                                                                                                                                                                                                                                                               | Failure |
 | 17006      | ERROR_SCENARIO_CANCELLED<br>Blocked update by running apps                                                                                                                                                                                                                                                                        | Failure |
 | 17007      | ERROR_REMOVE_INSTALLATION_NEEDED<br>The client is requesting client clean-up in a "Remove Installation" scenario                                                                                                                                                                                                                  | Failure |
diff --git a/windows/client-management/mdm/personalization-ddf.md b/windows/client-management/mdm/personalization-ddf.md
index 052f60bfcd..6cf4a75b50 100644
--- a/windows/client-management/mdm/personalization-ddf.md
+++ b/windows/client-management/mdm/personalization-ddf.md
@@ -1,7 +1,7 @@
 ---
 title: Personalization DDF file
 description: View the XML file containing the device description framework (DDF) for the Personalization configuration service provider.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the P
       <MSFT:Applicability>
         <MSFT:OsBuildVersion>10.0.16299</MSFT:OsBuildVersion>
         <MSFT:CspVersion>1.0</MSFT:CspVersion>
-        <MSFT:EditionAllowList>0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB;</MSFT:EditionAllowList>
+        <MSFT:EditionAllowList>0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2;</MSFT:EditionAllowList>
       </MSFT:Applicability>
     </DFProperties>
     <Node>
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index c0c0fd2588..826ef1ac3b 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -137,7 +137,6 @@ ms.date: 02/03/2023
 - [Update/ConfigureDeadlineForFeatureUpdates](policy-csp-update.md#configuredeadlineforfeatureupdates) <sup>11</sup>
 - [Update/ConfigureDeadlineForQualityUpdates](policy-csp-update.md#configuredeadlineforqualityupdates) <sup>11</sup>
 - [Update/ConfigureDeadlineGracePeriod](policy-csp-update.md#configuredeadlinegraceperiod) <sup>11</sup>
-- [Update/ConfigureDeadlineNoAutoReboot](policy-csp-update.md#configuredeadlinenoautoreboot) <sup>11</sup>
 - [Update/DeferFeatureUpdatesPeriodInDays](policy-csp-update.md#deferfeatureupdatesperiodindays)
 - [Update/DeferQualityUpdatesPeriodInDays](policy-csp-update.md#deferqualityupdatesperiodindays)
 - [Update/ManagePreviewBuilds](policy-csp-update.md#managepreviewbuilds)
diff --git a/windows/client-management/mdm/policies-in-preview.md b/windows/client-management/mdm/policies-in-preview.md
index 0ad7b632c3..2c62565783 100644
--- a/windows/client-management/mdm/policies-in-preview.md
+++ b/windows/client-management/mdm/policies-in-preview.md
@@ -1,7 +1,7 @@
 ---
 title: Configuration service provider preview policies
 description: Learn more about configuration service provider (CSP) policies that are available for Windows Insider Preview.
-ms.date: 09/11/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -17,6 +17,7 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [TurnOffInstallTracing](policy-csp-appdeviceinventory.md#turnoffinstalltracing)
 - [TurnOffAPISamping](policy-csp-appdeviceinventory.md#turnoffapisamping)
 - [TurnOffApplicationFootprint](policy-csp-appdeviceinventory.md#turnoffapplicationfootprint)
+- [TurnOffWin32AppBackup](policy-csp-appdeviceinventory.md#turnoffwin32appbackup)
 
 ## ClientCertificateInstall CSP
 
@@ -28,15 +29,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [EnablePhysicalDeviceAccessOnErrorScreens](clouddesktop-csp.md#userenablephysicaldeviceaccessonerrorscreens)
 - [EnableBootToCloudSharedPCMode](clouddesktop-csp.md#deviceenableboottocloudsharedpcmode)
 
-## Cryptography
-
-- [ConfigureEllipticCurveCryptography](policy-csp-cryptography.md#configureellipticcurvecryptography)
-- [ConfigureSystemCryptographyForceStrongKeyProtection](policy-csp-cryptography.md#configuresystemcryptographyforcestrongkeyprotection)
-- [OverrideMinimumEnabledTLSVersionClient](policy-csp-cryptography.md#overrideminimumenabledtlsversionclient)
-- [OverrideMinimumEnabledTLSVersionServer](policy-csp-cryptography.md#overrideminimumenabledtlsversionserver)
-- [OverrideMinimumEnabledDTLSVersionClient](policy-csp-cryptography.md#overrideminimumenableddtlsversionclient)
-- [OverrideMinimumEnabledDTLSVersionServer](policy-csp-cryptography.md#overrideminimumenableddtlsversionserver)
-
 ## DeclaredConfiguration CSP
 
 - [Document](declaredconfiguration-csp.md#hostcompletedocumentsdociddocument)
@@ -47,23 +39,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [DODisallowCacheServerDownloadsOnVPN](policy-csp-deliveryoptimization.md#dodisallowcacheserverdownloadsonvpn)
 - [DOVpnKeywords](policy-csp-deliveryoptimization.md#dovpnkeywords)
 
-## DesktopAppInstaller
-
-- [EnableWindowsPackageManagerCommandLineInterfaces](policy-csp-desktopappinstaller.md#enablewindowspackagemanagercommandlineinterfaces)
-- [EnableWindowsPackageManagerConfiguration](policy-csp-desktopappinstaller.md#enablewindowspackagemanagerconfiguration)
-
-## DeviceLock
-
-- [MaximumPasswordAge](policy-csp-devicelock.md#maximumpasswordage)
-- [ClearTextPassword](policy-csp-devicelock.md#cleartextpassword)
-- [PasswordComplexity](policy-csp-devicelock.md#passwordcomplexity)
-- [PasswordHistorySize](policy-csp-devicelock.md#passwordhistorysize)
-- [AccountLockoutPolicy](policy-csp-devicelock.md#accountlockoutpolicy)
-- [AllowAdministratorLockout](policy-csp-devicelock.md#allowadministratorlockout)
-- [MinimumPasswordLength](policy-csp-devicelock.md#minimumpasswordlength)
-- [MinimumPasswordLengthAudit](policy-csp-devicelock.md#minimumpasswordlengthaudit)
-- [RelaxMinimumPasswordLengthLimits](policy-csp-devicelock.md#relaxminimumpasswordlengthlimits)
-
 ## DevicePreparation CSP
 
 - [PageEnabled](devicepreparation-csp.md#pageenabled)
@@ -84,12 +59,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [Cadence](dmclient-csp.md#deviceproviderprovideridconfigrefreshcadence)
 - [PausePeriod](dmclient-csp.md#deviceproviderprovideridconfigrefreshpauseperiod)
 
-## Experience
-
-- [AllowScreenRecorder](policy-csp-experience.md#allowscreenrecorder)
-- [EnableOrganizationalMessages](policy-csp-experience.md#enableorganizationalmessages)
-- [DisableTextTranslation](policy-csp-experience.md#disabletexttranslation)
-
 ## FileSystem
 
 - [EnableDevDrive](policy-csp-filesystem.md#enabledevdrive)
@@ -99,13 +68,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 
 - [AttestErrorMessage](healthattestation-csp.md#attesterrormessage)
 
-## HumanPresence
-
-- [ForceDisableWakeWhenBatterySaverOn](policy-csp-humanpresence.md#forcedisablewakewhenbatterysaveron)
-- [ForceAllowWakeWhenExternalDisplayConnected](policy-csp-humanpresence.md#forceallowwakewhenexternaldisplayconnected)
-- [ForceAllowLockWhenExternalDisplayConnected](policy-csp-humanpresence.md#forceallowlockwhenexternaldisplayconnected)
-- [ForceAllowDimWhenExternalDisplayConnected](policy-csp-humanpresence.md#forceallowdimwhenexternaldisplayconnected)
-
 ## InternetExplorer
 
 - [AllowLegacyURLFields](policy-csp-internetexplorer.md#allowlegacyurlfields)
@@ -121,49 +83,8 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [StartInstallation](language-pack-management-csp.md#installlanguage-idstartinstallation)
 - [SystemPreferredUILanguages](language-pack-management-csp.md#languagesettingssystempreferreduilanguages)
 
-## LAPS CSP
-
-- [PassphraseLength](laps-csp.md#policiespassphraselength)
-- [AutomaticAccountManagementEnabled](laps-csp.md#policiesautomaticaccountmanagementenabled)
-- [AutomaticAccountManagementTarget](laps-csp.md#policiesautomaticaccountmanagementtarget)
-- [AutomaticAccountManagementNameOrPrefix](laps-csp.md#policiesautomaticaccountmanagementnameorprefix)
-- [AutomaticAccountManagementEnableAccount](laps-csp.md#policiesautomaticaccountmanagementenableaccount)
-- [AutomaticAccountManagementRandomizeName](laps-csp.md#policiesautomaticaccountmanagementrandomizename)
-
 ## LocalPoliciesSecurityOptions
 
-- [Audit_AuditTheUseOfBackupAndRestoreprivilege](policy-csp-localpoliciessecurityoptions.md#audit_audittheuseofbackupandrestoreprivilege)
-- [Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings](policy-csp-localpoliciessecurityoptions.md#audit_forceauditpolicysubcategorysettingstooverrideauditpolicycategorysettings)
-- [Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits](policy-csp-localpoliciessecurityoptions.md#audit_shutdownsystemimmediatelyifunabletologsecurityaudits)
-- [Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly](policy-csp-localpoliciessecurityoptions.md#devices_restrictfloppyaccesstolocallyloggedonuseronly)
-- [DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways](policy-csp-localpoliciessecurityoptions.md#domainmember_digitallyencryptorsignsecurechanneldataalways)
-- [DomainMember_DigitallyEncryptSecureChannelDataWhenPossible](policy-csp-localpoliciessecurityoptions.md#domainmember_digitallyencryptsecurechanneldatawhenpossible)
-- [DomainMember_DigitallySignSecureChannelDataWhenPossible](policy-csp-localpoliciessecurityoptions.md#domainmember_digitallysignsecurechanneldatawhenpossible)
-- [DomainMember_DisableMachineAccountPasswordChanges](policy-csp-localpoliciessecurityoptions.md#domainmember_disablemachineaccountpasswordchanges)
-- [DomainMember_MaximumMachineAccountPasswordAge](policy-csp-localpoliciessecurityoptions.md#domainmember_maximummachineaccountpasswordage)
-- [DomainMember_RequireStrongSessionKey](policy-csp-localpoliciessecurityoptions.md#domainmember_requirestrongsessionkey)
-- [InteractiveLogon_MachineAccountLockoutThreshold](policy-csp-localpoliciessecurityoptions.md#interactivelogon_machineaccountlockoutthreshold)
-- [InteractiveLogon_NumberOfPreviousLogonsToCache](policy-csp-localpoliciessecurityoptions.md#interactivelogon_numberofpreviouslogonstocache)
-- [InteractiveLogon_PromptUserToChangePasswordBeforeExpiration](policy-csp-localpoliciessecurityoptions.md#interactivelogon_promptusertochangepasswordbeforeexpiration)
-- [MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession](policy-csp-localpoliciessecurityoptions.md#microsoftnetworkserver_amountofidletimerequiredbeforesuspendingsession)
-- [MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire](policy-csp-localpoliciessecurityoptions.md#microsoftnetworkserver_disconnectclientswhenlogonhoursexpire)
-- [MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel](policy-csp-localpoliciessecurityoptions.md#microsoftnetworkserver_serverspntargetnamevalidationlevel)
-- [NetworkAccess_AllowAnonymousSIDOrNameTranslation](policy-csp-localpoliciessecurityoptions.md#networkaccess_allowanonymoussidornametranslation)
-- [NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication](policy-csp-localpoliciessecurityoptions.md#networkaccess_donotallowstorageofpasswordsandcredentialsfornetworkauthentication)
-- [NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers](policy-csp-localpoliciessecurityoptions.md#networkaccess_leteveryonepermissionsapplytoanonymoususers)
-- [NetworkAccess_NamedPipesThatCanBeAccessedAnonymously](policy-csp-localpoliciessecurityoptions.md#networkaccess_namedpipesthatcanbeaccessedanonymously)
-- [NetworkAccess_RemotelyAccessibleRegistryPaths](policy-csp-localpoliciessecurityoptions.md#networkaccess_remotelyaccessibleregistrypaths)
-- [NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths](policy-csp-localpoliciessecurityoptions.md#networkaccess_remotelyaccessibleregistrypathsandsubpaths)
-- [NetworkAccess_SharesThatCanBeAccessedAnonymously](policy-csp-localpoliciessecurityoptions.md#networkaccess_sharesthatcanbeaccessedanonymously)
-- [NetworkAccess_SharingAndSecurityModelForLocalAccounts](policy-csp-localpoliciessecurityoptions.md#networkaccess_sharingandsecuritymodelforlocalaccounts)
-- [NetworkSecurity_AllowLocalSystemNULLSessionFallback](policy-csp-localpoliciessecurityoptions.md#networksecurity_allowlocalsystemnullsessionfallback)
-- [NetworkSecurity_ForceLogoffWhenLogonHoursExpire](policy-csp-localpoliciessecurityoptions.md#networksecurity_forcelogoffwhenlogonhoursexpire)
-- [NetworkSecurity_LDAPClientSigningRequirements](policy-csp-localpoliciessecurityoptions.md#networksecurity_ldapclientsigningrequirements)
-- [RecoveryConsole_AllowAutomaticAdministrativeLogon](policy-csp-localpoliciessecurityoptions.md#recoveryconsole_allowautomaticadministrativelogon)
-- [RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders](policy-csp-localpoliciessecurityoptions.md#recoveryconsole_allowfloppycopyandaccesstoalldrivesandallfolders)
-- [SystemCryptography_ForceStrongKeyProtection](policy-csp-localpoliciessecurityoptions.md#systemcryptography_forcestrongkeyprotection)
-- [SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems](policy-csp-localpoliciessecurityoptions.md#systemobjects_requirecaseinsensitivityfornonwindowssubsystems)
-- [SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects](policy-csp-localpoliciessecurityoptions.md#systemobjects_strengthendefaultpermissionsofinternalsystemobjects)
 - [UserAccountControl_BehaviorOfTheElevationPromptForAdministratorProtection](policy-csp-localpoliciessecurityoptions.md#useraccountcontrol_behavioroftheelevationpromptforadministratorprotection)
 - [UserAccountControl_TypeOfAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md#useraccountcontrol_typeofadminapprovalmode)
 
@@ -174,23 +95,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [ConfigureDeviceStandbyAction](policy-csp-mixedreality.md#configuredevicestandbyaction)
 - [ConfigureDeviceStandbyActionTimeout](policy-csp-mixedreality.md#configuredevicestandbyactiontimeout)
 
-## MSSecurityGuide
-
-- [NetBTNodeTypeConfiguration](policy-csp-mssecurityguide.md#netbtnodetypeconfiguration)
-
-## NetworkListManager
-
-- [AllNetworks_NetworkIcon](policy-csp-networklistmanager.md#allnetworks_networkicon)
-- [AllNetworks_NetworkLocation](policy-csp-networklistmanager.md#allnetworks_networklocation)
-- [AllNetworks_NetworkName](policy-csp-networklistmanager.md#allnetworks_networkname)
-- [IdentifyingNetworks_LocationType](policy-csp-networklistmanager.md#identifyingnetworks_locationtype)
-- [UnidentifiedNetworks_LocationType](policy-csp-networklistmanager.md#unidentifiednetworks_locationtype)
-- [UnidentifiedNetworks_UserPermissions](policy-csp-networklistmanager.md#unidentifiednetworks_userpermissions)
-
-## Notifications
-
-- [DisableAccountNotifications](policy-csp-notifications.md#disableaccountnotifications)
-
 ## PassportForWork CSP
 
 - [EnableWindowsHelloProvisioningForSecurityKeys](passportforwork-csp.md#devicetenantidpoliciesenablewindowshelloprovisioningforsecuritykeys)
@@ -202,77 +106,15 @@ This article lists the policies that are applicable for Windows Insider Preview
 
 ## RemoteDesktopServices
 
-- [LimitServerToClientClipboardRedirection](policy-csp-remotedesktopservices.md#limitservertoclientclipboardredirection)
-- [LimitClientToServerClipboardRedirection](policy-csp-remotedesktopservices.md#limitclienttoserverclipboardredirection)
-- [DisconnectOnLockLegacyAuthn](policy-csp-remotedesktopservices.md#disconnectonlocklegacyauthn)
-- [DisconnectOnLockMicrosoftIdentityAuthn](policy-csp-remotedesktopservices.md#disconnectonlockmicrosoftidentityauthn)
 - [TS_SERVER_REMOTEAPP_USE_SHELLAPPRUNTIME](policy-csp-remotedesktopservices.md#ts_server_remoteapp_use_shellappruntime)
 
-## Search
-
-- [ConfigureSearchOnTaskbarMode](policy-csp-search.md#configuresearchontaskbarmode)
-
-## SettingsSync
-
-- [DisableAccessibilitySettingSync](policy-csp-settingssync.md#disableaccessibilitysettingsync)
-- [DisableLanguageSettingSync](policy-csp-settingssync.md#disablelanguagesettingsync)
-
-## Sudo
-
-- [EnableSudo](policy-csp-sudo.md#enablesudo)
-
 ## SurfaceHub CSP
 
 - [ExchangeModernAuthEnabled](surfacehub-csp.md#deviceaccountexchangemodernauthenabled)
 
-## System
-
-- [HideUnsupportedHardwareNotifications](policy-csp-system.md#hideunsupportedhardwarenotifications)
-
-## SystemServices
-
-- [ConfigureComputerBrowserServiceStartupMode](policy-csp-systemservices.md#configurecomputerbrowserservicestartupmode)
-- [ConfigureIISAdminServiceStartupMode](policy-csp-systemservices.md#configureiisadminservicestartupmode)
-- [ConfigureInfraredMonitorServiceStartupMode](policy-csp-systemservices.md#configureinfraredmonitorservicestartupmode)
-- [ConfigureInternetConnectionSharingServiceStartupMode](policy-csp-systemservices.md#configureinternetconnectionsharingservicestartupmode)
-- [ConfigureLxssManagerServiceStartupMode](policy-csp-systemservices.md#configurelxssmanagerservicestartupmode)
-- [ConfigureMicrosoftFTPServiceStartupMode](policy-csp-systemservices.md#configuremicrosoftftpservicestartupmode)
-- [ConfigureRemoteProcedureCallLocatorServiceStartupMode](policy-csp-systemservices.md#configureremoteprocedurecalllocatorservicestartupmode)
-- [ConfigureRoutingAndRemoteAccessServiceStartupMode](policy-csp-systemservices.md#configureroutingandremoteaccessservicestartupmode)
-- [ConfigureSimpleTCPIPServicesStartupMode](policy-csp-systemservices.md#configuresimpletcpipservicesstartupmode)
-- [ConfigureSpecialAdministrationConsoleHelperServiceStartupMode](policy-csp-systemservices.md#configurespecialadministrationconsolehelperservicestartupmode)
-- [ConfigureSSDPDiscoveryServiceStartupMode](policy-csp-systemservices.md#configuressdpdiscoveryservicestartupmode)
-- [ConfigureUPnPDeviceHostServiceStartupMode](policy-csp-systemservices.md#configureupnpdevicehostservicestartupmode)
-- [ConfigureWebManagementServiceStartupMode](policy-csp-systemservices.md#configurewebmanagementservicestartupmode)
-- [ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode](policy-csp-systemservices.md#configurewindowsmediaplayernetworksharingservicestartupmode)
-- [ConfigureWindowsMobileHotspotServiceStartupMode](policy-csp-systemservices.md#configurewindowsmobilehotspotservicestartupmode)
-- [ConfigureWorldWideWebPublishingServiceStartupMode](policy-csp-systemservices.md#configureworldwidewebpublishingservicestartupmode)
-
 ## Update
 
 - [AllowTemporaryEnterpriseFeatureControl](policy-csp-update.md#allowtemporaryenterprisefeaturecontrol)
-- [ConfigureDeadlineNoAutoRebootForFeatureUpdates](policy-csp-update.md#configuredeadlinenoautorebootforfeatureupdates)
-- [ConfigureDeadlineNoAutoRebootForQualityUpdates](policy-csp-update.md#configuredeadlinenoautorebootforqualityupdates)
-- [AlwaysAutoRebootAtScheduledTimeMinutes](policy-csp-update.md#alwaysautorebootatscheduledtimeminutes)
-
-## UserRights
-
-- [BypassTraverseChecking](policy-csp-userrights.md#bypasstraversechecking)
-- [ReplaceProcessLevelToken](policy-csp-userrights.md#replaceprocessleveltoken)
-- [ChangeTimeZone](policy-csp-userrights.md#changetimezone)
-- [ShutDownTheSystem](policy-csp-userrights.md#shutdownthesystem)
-- [LogOnAsBatchJob](policy-csp-userrights.md#logonasbatchjob)
-- [ProfileSystemPerformance](policy-csp-userrights.md#profilesystemperformance)
-- [DenyLogOnAsBatchJob](policy-csp-userrights.md#denylogonasbatchjob)
-- [LogOnAsService](policy-csp-userrights.md#logonasservice)
-- [IncreaseProcessWorkingSet](policy-csp-userrights.md#increaseprocessworkingset)
-- [DenyLogOnAsService](policy-csp-userrights.md#denylogonasservice)
-- [AdjustMemoryQuotasForProcess](policy-csp-userrights.md#adjustmemoryquotasforprocess)
-- [AllowLogOnThroughRemoteDesktop](policy-csp-userrights.md#allowlogonthroughremotedesktop)
-
-## WebThreatDefense
-
-- [AutomaticDataCollection](policy-csp-webthreatdefense.md#automaticdatacollection)
 
 ## Wifi
 
@@ -281,7 +123,7 @@ This article lists the policies that are applicable for Windows Insider Preview
 
 ## WindowsAI
 
-- [DisableAIDataAnalysis](policy-csp-windowsai.md#disableaidataanalysis)
+- [SetCopilotHardwareKey](policy-csp-windowsai.md#setcopilothardwarekey)
 - [DisableImageCreator](policy-csp-windowsai.md#disableimagecreator)
 - [DisableCocreator](policy-csp-windowsai.md#disablecocreator)
 
@@ -294,11 +136,6 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [DisableSubscription](windowslicensing-csp.md#subscriptionsdisablesubscription)
 - [RemoveSubscription](windowslicensing-csp.md#subscriptionsremovesubscription)
 
-## WindowsSandbox
-
-- [AllowMappedFolders](policy-csp-windowssandbox.md#allowmappedfolders)
-- [AllowWriteToMappedFolders](policy-csp-windowssandbox.md#allowwritetomappedfolders)
-
 ## Related articles
 
 [Policy configuration service provider](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 0fa200d984..1823ce5450 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -1,7 +1,7 @@
 ---
 title: Policy CSP
 description: Learn more about the Policy CSP.
-ms.date: 08/07/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -1152,6 +1152,7 @@ Specifies the name/value pair used in the policy. See the individual Area DDFs f
 - [Settings](policy-csp-settings.md)
 - [SettingsSync](policy-csp-settingssync.md)
 - [SmartScreen](policy-csp-smartscreen.md)
+- [SpeakForMe](policy-csp-speakforme.md)
 - [Speech](policy-csp-speech.md)
 - [Start](policy-csp-start.md)
 - [Stickers](policy-csp-stickers.md)
diff --git a/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md b/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
index 0cdd78d66b..3f48213786 100644
--- a/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
+++ b/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_AppxPackageManager Policy CSP
 description: Learn more about the ADMX_AppxPackageManager Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -32,7 +32,7 @@ ms.date: 08/06/2024
 
 <!-- AllowDeploymentInSpecialProfiles-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows you to manage the deployment of Windows Store apps when the user is signed in using a special profile. Special profiles are the following user profiles, where changes are discarded after the user signs off:
+This policy setting allows you to manage the deployment of packaged Microsoft Store apps when the user is signed in using a special profile. Special profiles are the following user profiles, where changes are discarded after the user signs off:
 
 Roaming user profiles to which the "Delete cached copies of roaming profiles" Group Policy setting applies.
 
@@ -42,9 +42,9 @@ Temporary user profiles, which are created when an error prevents the correct pr
 
 User profiles for the Guest account and members of the Guests group.
 
-- If you enable this policy setting, Group Policy allows deployment operations (adding, registering, staging, updating, or removing an app package) of Windows Store apps when using a special profile.
+- If you enable this policy setting, Group Policy allows deployment operations (adding, registering, staging, updating, or removing an app package) of packaged Microsoft Store apps when using a special profile.
 
-- If you disable or don't configure this policy setting, Group Policy blocks deployment operations of Windows Store apps when using a special profile.
+- If you disable or don't configure this policy setting, Group Policy blocks deployment operations of packaged Microsoft Store apps when using a special profile.
 <!-- AllowDeploymentInSpecialProfiles-Description-End -->
 
 <!-- AllowDeploymentInSpecialProfiles-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-admx-appxruntime.md b/windows/client-management/mdm/policy-csp-admx-appxruntime.md
index 540235107e..1cc79f97a0 100644
--- a/windows/client-management/mdm/policy-csp-admx-appxruntime.md
+++ b/windows/client-management/mdm/policy-csp-admx-appxruntime.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_AppXRuntime Policy CSP
 description: Learn more about the ADMX_AppXRuntime Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -32,11 +32,11 @@ ms.date: 08/06/2024
 
 <!-- AppxRuntimeApplicationContentUriRules-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting lets you turn on Content URI Rules to supplement the static Content URI Rules that were defined as part of the app manifest and apply to all Windows Store apps that use the enterpriseAuthentication capability on a computer.
+This policy setting lets you turn on Content URI Rules to supplement the static Content URI Rules that were defined as part of the app manifest and apply to all packaged Microsoft Store apps that use the enterpriseAuthentication capability on a computer.
 
-- If you enable this policy setting, you can define additional Content URI Rules that all Windows Store apps that use the enterpriseAuthentication capability on a computer can use.
+- If you enable this policy setting, you can define additional Content URI Rules that all packaged Microsoft Store apps that use the enterpriseAuthentication capability on a computer can use.
 
-- If you disable or don't set this policy setting, Windows Store apps will only use the static Content URI Rules.
+- If you disable or don't set this policy setting, packaged Microsoft Store apps will only use the static Content URI Rules.
 <!-- AppxRuntimeApplicationContentUriRules-Description-End -->
 
 <!-- AppxRuntimeApplicationContentUriRules-Editable-Begin -->
@@ -60,7 +60,7 @@ This policy setting lets you turn on Content URI Rules to supplement the static
 | Name | Value |
 |:--|:--|
 | Name | AppxRuntimeApplicationContentUriRules |
-| Friendly Name | Turn on dynamic Content URI Rules for Windows store apps |
+| Friendly Name | Turn on dynamic Content URI Rules for packaged Microsoft Store apps |
 | Location | Computer Configuration |
 | Path | Windows Components > App runtime |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\Packages\Applications |
@@ -95,11 +95,11 @@ This policy setting lets you turn on Content URI Rules to supplement the static
 
 <!-- AppxRuntimeBlockFileElevation-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting lets you control whether Windows Store apps can open files using the default desktop app for a file type. Because desktop apps run at a higher integrity level than Windows Store apps, there is a risk that a Windows Store app might compromise the system by opening a file in the default desktop app for a file type.
+This policy setting lets you control whether packaged Microsoft Store apps can open files using the default desktop app for a file type. Because desktop apps run at a higher integrity level than packaged Microsoft Store apps, there is a risk that a packaged Microsoft Store app might compromise the system by opening a file in the default desktop app for a file type.
 
-- If you enable this policy setting, Windows Store apps can't open files in the default desktop app for a file type; they can open files only in other Windows Store apps.
+- If you enable this policy setting, packaged Microsoft Store apps can't open files in the default desktop app for a file type; they can open files only in other packaged Microsoft Store apps.
 
-- If you disable or don't configure this policy setting, Windows Store apps can open files in the default desktop app for a file type.
+- If you disable or don't configure this policy setting, packaged Microsoft Store apps can open files in the default desktop app for a file type.
 <!-- AppxRuntimeBlockFileElevation-Description-End -->
 
 <!-- AppxRuntimeBlockFileElevation-Editable-Begin -->
@@ -219,14 +219,14 @@ This policy shouldn't be enabled unless recommended by Microsoft as a security r
 
 <!-- AppxRuntimeBlockProtocolElevation-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting lets you control whether Windows Store apps can open URIs using the default desktop app for a URI scheme. Because desktop apps run at a higher integrity level than Windows Store apps, there is a risk that a URI scheme launched by a Windows Store app might compromise the system by launching a desktop app.
+This policy setting lets you control whether packaged Microsoft Store apps can open URIs using the default desktop app for a URI scheme. Because desktop apps run at a higher integrity level than packaged Microsoft Store apps, there is a risk that a URI scheme launched by a packaged Microsoft Store app might compromise the system by launching a desktop app.
 
-- If you enable this policy setting, Windows Store apps can't open URIs in the default desktop app for a URI scheme; they can open URIs only in other Windows Store apps.
+- If you enable this policy setting, packaged Microsoft Store apps can't open URIs in the default desktop app for a URI scheme; they can open URIs only in other packaged Microsoft Store apps.
 
-- If you disable or don't configure this policy setting, Windows Store apps can open URIs in the default desktop app for a URI scheme.
+- If you disable or don't configure this policy setting, packaged Microsoft Store apps can open URIs in the default desktop app for a URI scheme.
 
 > [!NOTE]
-> Enabling this policy setting doesn't block Windows Store apps from opening the default desktop app for the http, https, and mailto URI schemes. The handlers for these URI schemes are hardened against URI-based vulnerabilities from untrusted sources, reducing the associated risk.
+> Enabling this policy setting doesn't block packaged Microsoft Store apps from opening the default desktop app for the http, https, and mailto URI schemes. The handlers for these URI schemes are hardened against URI-based vulnerabilities from untrusted sources, reducing the associated risk.
 <!-- AppxRuntimeBlockProtocolElevation-Description-End -->
 
 <!-- AppxRuntimeBlockProtocolElevation-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
index af2f85b62d..fa0478440b 100644
--- a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
+++ b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_ControlPanelDisplay Policy CSP
 description: Learn more about the ADMX_ControlPanelDisplay Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -1351,7 +1351,7 @@ Specifies which theme file is applied to the computer the first time a user logs
 |:--|:--|
 | Name | CPL_Personalization_SetTheme |
 | Friendly Name | Load a specific theme |
-| Location | User Configuration |
+| Location | Computer and User Configuration |
 | Path | Control Panel > Personalization |
 | Registry Key Name | Software\Policies\Microsoft\Windows\Personalization |
 | ADMX File Name | ControlPanelDisplay.admx |
diff --git a/windows/client-management/mdm/policy-csp-admx-deviceguard.md b/windows/client-management/mdm/policy-csp-admx-deviceguard.md
index 94711a96ae..2a743d498c 100644
--- a/windows/client-management/mdm/policy-csp-admx-deviceguard.md
+++ b/windows/client-management/mdm/policy-csp-admx-deviceguard.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_DeviceGuard Policy CSP
 description: Learn more about the ADMX_DeviceGuard Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -14,7 +14,7 @@ ms.date: 08/06/2024
 <!-- ADMX_DeviceGuard-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!WARNING]
-> Group Policy-based deployment of Windows Defender Application Control policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for [policy deployment](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
+> Group Policy-based deployment of App Control for Business policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for [policy deployment](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
 <!-- ADMX_DeviceGuard-Editable-End -->
 
 <!-- ConfigCIPolicy-Begin -->
@@ -34,7 +34,7 @@ ms.date: 08/06/2024
 
 <!-- ConfigCIPolicy-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Deploy Windows Defender Application Control.
+Deploy App Control for Business.
 
 This policy setting lets you deploy a Code Integrity Policy to a machine to control what's allowed to run on that machine.
 
@@ -69,7 +69,7 @@ If using a signed and protected policy then disabling this policy setting doesn'
 | Name | Value |
 |:--|:--|
 | Name | ConfigCIPolicy |
-| Friendly Name | Deploy Windows Defender Application Control |
+| Friendly Name | Deploy App Control for Business |
 | Location | Computer Configuration |
 | Path | System > Device Guard |
 | Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\DeviceGuard |
diff --git a/windows/client-management/mdm/policy-csp-admx-dnsclient.md b/windows/client-management/mdm/policy-csp-admx-dnsclient.md
index 2f447009b6..dc1ec2aa56 100644
--- a/windows/client-management/mdm/policy-csp-admx-dnsclient.md
+++ b/windows/client-management/mdm/policy-csp-admx-dnsclient.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_DnsClient Policy CSP
 description: Learn more about the ADMX_DnsClient Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -91,7 +91,7 @@ Specifies that NetBIOS over TCP/IP (NetBT) queries are issued for fully qualifie
 
 <!-- DNS_AppendToMultiLabelName-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies that computers may attach suffixes to an unqualified multi-label name before sending subsequent DNS queries if the original name query fails.
+Specifies that the DNS client may attach suffixes to an unqualified multi-label name before sending subsequent DNS queries if the original name query fails.
 
 A name containing dots, but not dot-terminated, is called an unqualified multi-label name, for example "server.corp" is an unqualified multi-label name. The name "server.corp.contoso.com" is an example of a fully qualified name because it contains a terminating dot.
 
@@ -103,7 +103,7 @@ If attaching suffixes is allowed, and a DNS client with a primary domain suffix
 
 - If you disable this policy setting, no suffixes are appended to unqualified multi-label name queries if the original name query fails.
 
-- If you don't configure this policy setting, computers will use their local DNS client settings to determine the query behavior for unqualified multi-label names.
+- If you don't configure this policy setting, the DNS client will use its local settings to determine the query behavior for unqualified multi-label names.
 <!-- DNS_AppendToMultiLabelName-Description-End -->
 
 <!-- DNS_AppendToMultiLabelName-Editable-Begin -->
@@ -162,9 +162,9 @@ Specifies a connection-specific DNS suffix. This policy setting supersedes local
 
 To use this policy setting, click Enabled, and then enter a string value representing the DNS suffix.
 
-- If you enable this policy setting, the DNS suffix that you enter will be applied to all network connections used by computers that receive this policy setting.
+- If you enable this policy setting, the DNS suffix that you enter will be applied to all network connections used by the DNS client.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied connection specific DNS suffix, if configured.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client will use the local or DHCP supplied connection specific DNS suffix, if configured.
 <!-- DNS_Domain-Description-End -->
 
 <!-- DNS_Domain-Editable-Begin -->
@@ -234,7 +234,7 @@ Each connection-specific DNS suffix, assigned either through DHCP or specified i
 
 For example, when a user submits a query for a single-label name such as "example," the DNS client attaches a suffix such as "microsoft.com" resulting in the query "example.microsoft.com," before sending the query to a DNS server.
 
-If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
+If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the DNS client (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
 
 For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it's under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it's under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix can't be devolved beyond a devolution level of two. The devolution level can be configured using this policy setting. The default devolution level is two.
 
@@ -295,11 +295,11 @@ For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the
 
 <!-- DNS_IdnEncoding-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies whether the DNS client should convert internationalized domain names (IDNs) to Punycode when the computer is on non-domain networks with no WINS servers configured.
+Specifies whether the DNS client should convert internationalized domain names (IDNs) to Punycode when the DNS client is on non-domain networks with no WINS servers configured.
 
 - If this policy setting is enabled, IDNs aren't converted to Punycode.
 
-- If this policy setting is disabled, or if this policy setting isn't configured, IDNs are converted to Punycode when the computer is on non-domain networks with no WINS servers configured.
+- If this policy setting is disabled, or if this policy setting isn't configured, IDNs are converted to Punycode when the DNS client is on non-domain networks with no WINS servers configured.
 <!-- DNS_IdnEncoding-Description-End -->
 
 <!-- DNS_IdnEncoding-Editable-Begin -->
@@ -413,13 +413,13 @@ Specifies whether the DNS client should convert internationalized domain names (
 
 <!-- DNS_NameServer-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Defines the DNS servers to which a computer sends queries when it attempts to resolve names. This policy setting supersedes the list of DNS servers configured locally and those configured using DHCP.
+Defines the DNS servers to which the DNS client sends queries when it attempts to resolve names. This policy setting supersedes the list of DNS servers configured locally and those configured using DHCP.
 
 To use this policy setting, click Enabled, and then enter a space-delimited list of IP addresses in the available field. To use this policy setting, you must enter at least one IP address.
 
-- If you enable this policy setting, the list of DNS servers is applied to all network connections used by computers that receive this policy setting.
+- If you enable this policy setting, the list of DNS servers is applied to all network connections used by the DNS client.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied list of DNS servers, if configured.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client will use the local or DHCP supplied list of DNS servers, if configured.
 <!-- DNS_NameServer-Description-End -->
 
 <!-- DNS_NameServer-Editable-Begin -->
@@ -535,18 +535,18 @@ Specifies that responses from link local name resolution protocols received over
 
 <!-- DNS_PrimaryDnsSuffix-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies the primary DNS suffix used by computers in DNS name registration and DNS name resolution.
+Specifies the primary DNS suffix used by the DNS client in DNS name registration and DNS name resolution.
 
 To use this policy setting, click Enabled and enter the entire primary DNS suffix you want to assign. For example: microsoft.com.
 
 > [!IMPORTANT]
-> In order for changes to this policy setting to be applied on computers that receive it, you must restart Windows.
+> In order for changes to this policy setting to be applied on the DNS client, you must restart Windows.
 
 - If you enable this policy setting, it supersedes the primary DNS suffix configured in the DNS Suffix and NetBIOS Computer Name dialog box using the System control panel.
 
 You can use this policy setting to prevent users, including local administrators, from changing the primary DNS suffix.
 
-- If you disable this policy setting, or if you don't configure this policy setting, each computer uses its local primary DNS suffix, which is usually the DNS name of Active Directory domain to which it's joined.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client uses the local primary DNS suffix, which is usually the DNS name of Active Directory domain to which it's joined.
 <!-- DNS_PrimaryDnsSuffix-Description-End -->
 
 <!-- DNS_PrimaryDnsSuffix-Editable-Begin -->
@@ -600,18 +600,18 @@ You can use this policy setting to prevent users, including local administrators
 
 <!-- DNS_RegisterAdapterName-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies if a computer performing dynamic DNS registration will register A and PTR resource records with a concatenation of its computer name and a connection-specific DNS suffix, in addition to registering these records with a concatenation of its computer name and the primary DNS suffix.
+Specifies if the DNS client performing dynamic DNS registration will register A and PTR resource records with a concatenation of its computer name and a connection-specific DNS suffix, in addition to registering these records with a concatenation of its computer name and the primary DNS suffix.
 
 By default, a DNS client performing dynamic DNS registration registers A and PTR resource records with a concatenation of its computer name and the primary DNS suffix. For example, a computer name of mycomputer and a primary DNS suffix of microsoft.com will be registered as: mycomputer.microsoft.com.
 
-- If you enable this policy setting, a computer will register A and PTR resource records with its connection-specific DNS suffix, in addition to the primary DNS suffix. This applies to all network connections used by computers that receive this policy setting.
+- If you enable this policy setting, the DNS client will register A and PTR resource records with its connection-specific DNS suffix, in addition to the primary DNS suffix. This applies to all network connections used by the DNS client.
 
-For example, with a computer name of mycomputer, a primary DNS suffix of microsoft.com, and a connection specific DNS suffix of VPNconnection, a computer will register A and PTR resource records for mycomputer. VPNconnection and mycomputer.microsoft.com when this policy setting is enabled.
+For example, with a computer name of mycomputer, a primary DNS suffix of microsoft.com, and a connection specific DNS suffix of VPNconnection, the DNS client will register A and PTR resource records for mycomputer. VPNconnection and mycomputer.microsoft.com when this policy setting is enabled.
 
 > [!IMPORTANT]
-> This policy setting is ignored on a DNS client computer if dynamic DNS registration is disabled.
+> This policy setting is ignored by the DNS client if dynamic DNS registration is disabled.
 
-- If you disable this policy setting, or if you don't configure this policy setting, a DNS client computer won't register any A and PTR resource records using a connection-specific DNS suffix.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client won't register any A and PTR resource records using a connection-specific DNS suffix.
 <!-- DNS_RegisterAdapterName-Description-End -->
 
 <!-- DNS_RegisterAdapterName-Editable-Begin -->
@@ -666,7 +666,7 @@ For example, with a computer name of mycomputer, a primary DNS suffix of microso
 
 <!-- DNS_RegisterReverseLookup-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies if DNS client computers will register PTR resource records.
+Specifies if the DNS client will register PTR resource records.
 
 By default, DNS clients configured to perform dynamic DNS registration will attempt to register PTR resource record only if they successfully registered the corresponding A resource record.
 
@@ -674,13 +674,13 @@ By default, DNS clients configured to perform dynamic DNS registration will atte
 
 To use this policy setting, click Enabled, and then select one of the following options from the drop-down list:
 
-Don't register: Computers won't attempt to register PTR resource records.
+Don't register: the DNS client won't attempt to register PTR resource records.
 
-Register: Computers will attempt to register PTR resource records even if registration of the corresponding A records wasn't successful.
+Register: the DNS client will attempt to register PTR resource records even if registration of the corresponding A records wasn't successful.
 
-Register only if A record registration succeeds: Computers will attempt to register PTR resource records only if registration of the corresponding A records was successful.
+Register only if A record registration succeeds: the DNS client will attempt to register PTR resource records only if registration of the corresponding A records was successful.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use locally configured settings.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client will use locally configured settings.
 <!-- DNS_RegisterReverseLookup-Description-End -->
 
 <!-- DNS_RegisterReverseLookup-Editable-Begin -->
@@ -734,11 +734,11 @@ Register only if A record registration succeeds: Computers will attempt to regis
 
 <!-- DNS_RegistrationEnabled-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies if DNS dynamic update is enabled. Computers configured for DNS dynamic update automatically register and update their DNS resource records with a DNS server.
+Specifies if DNS dynamic update is enabled. DNS clients configured for DNS dynamic update automatically register and update their DNS resource records with a DNS server.
 
-- If you enable this policy setting, or you don't configure this policy setting, computers will attempt to use dynamic DNS registration on all network connections that have connection-specific dynamic DNS registration enabled. For a dynamic DNS registration to be enabled on a network connection, the connection-specific configuration must allow dynamic DNS registration, and this policy setting mustn't be disabled.
+- If you enable this policy setting, or you don't configure this policy setting, the DNS client will attempt to use dynamic DNS registration on all network connections that have connection-specific dynamic DNS registration enabled. For a dynamic DNS registration to be enabled on a network connection, the connection-specific configuration must allow dynamic DNS registration, and this policy setting mustn't be disabled.
 
-- If you disable this policy setting, computers may not use dynamic DNS registration for any of their network connections, regardless of the configuration for individual network connections.
+- If you disable this policy setting, the DNS client may not use dynamic DNS registration for any of their network connections, regardless of the configuration for individual network connections.
 <!-- DNS_RegistrationEnabled-Description-End -->
 
 <!-- DNS_RegistrationEnabled-Editable-Begin -->
@@ -795,7 +795,7 @@ Specifies if DNS dynamic update is enabled. Computers configured for DNS dynamic
 <!-- Description-Source-ADMX -->
 Specifies whether dynamic updates should overwrite existing resource records that contain conflicting IP addresses.
 
-This policy setting is designed for computers that register address (A) resource records in DNS zones that don't use Secure Dynamic Updates. Secure Dynamic Update preserves ownership of resource records and doesn't allow a DNS client to overwrite records that are registered by other computers.
+This policy setting is designed for DNS clients that register address (A) resource records in DNS zones that don't use Secure Dynamic Updates. Secure Dynamic Update preserves ownership of resource records and doesn't allow a DNS client to overwrite records that are registered by other DNS clients.
 
 During dynamic update of resource records in a zone that doesn't use Secure Dynamic Updates, an A resource record might exist that associates the client's host name with an IP address different than the one currently in use by the client. By default, the DNS client attempts to replace the existing A resource record with an A resource record that has the client's current IP address.
 
@@ -856,18 +856,18 @@ During dynamic update of resource records in a zone that doesn't use Secure Dyna
 
 <!-- DNS_RegistrationRefreshInterval-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies the interval used by DNS clients to refresh registration of A and PTR resource. This policy setting only applies to computers performing dynamic DNS updates.
+Specifies the interval used by DNS clients to refresh registration of A and PTR resource. This policy setting only applies DNS clients performing dynamic DNS updates.
 
-Computers configured to perform dynamic DNS registration of A and PTR resource records periodically reregister their records with DNS servers, even if the record hasn't changed. This reregistration is required to indicate to DNS servers that records are current and shouldn't be automatically removed (scavenged) when a DNS server is configured to delete stale records.
+DNS clients configured to perform dynamic DNS registration of A and PTR resource records periodically reregister their records with DNS servers, even if the record hasn't changed. This reregistration is required to indicate to DNS servers that records are current and shouldn't be automatically removed (scavenged) when a DNS server is configured to delete stale records.
 
 > [!WARNING]
 > If record scavenging is enabled on the zone, the value of this policy setting should never be longer than the value of the DNS zone refresh interval. Configuring the registration refresh interval to be longer than the refresh interval of the DNS zone might result in the undesired deletion of A and PTR resource records.
 
 To specify the registration refresh interval, click Enabled and then enter a value of 1800 or greater. The value that you specify is the number of seconds to use for the registration refresh interval. For example, 1800 seconds is 30 minutes.
 
-- If you enable this policy setting, registration refresh interval that you specify will be applied to all network connections used by computers that receive this policy setting.
+- If you enable this policy setting, registration refresh interval that you specify will be applied to all network connections used by DNS clients that receive this policy setting.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied setting. By default, client computers configured with a static IP address attempt to update their DNS resource records once every 24 hours and DHCP clients will attempt to update their DNS resource records when a DHCP lease is granted or renewed.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client will use the local or DHCP supplied setting. By default, DNS clients configured with a static IP address attempt to update their DNS resource records once every 24 hours and DHCP clients will attempt to update their DNS resource records when a DHCP lease is granted or renewed.
 <!-- DNS_RegistrationRefreshInterval-Description-End -->
 
 <!-- DNS_RegistrationRefreshInterval-Editable-Begin -->
@@ -921,13 +921,13 @@ To specify the registration refresh interval, click Enabled and then enter a val
 
 <!-- DNS_RegistrationTtl-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies the value of the time to live (TTL) field in A and PTR resource records that are registered by computers to which this policy setting is applied.
+Specifies the value of the time to live (TTL) field in A and PTR resource records that are registered by the DNS client to which this policy setting is applied.
 
 To specify the TTL, click Enabled and then enter a value in seconds (for example, 900 is 15 minutes).
 
-- If you enable this policy setting, the TTL value that you specify will be applied to DNS resource records registered for all network connections used by computers that receive this policy setting.
+- If you enable this policy setting, the TTL value that you specify will be applied to DNS resource records registered for all network connections used by the DNS client.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use the TTL settings specified in DNS. By default, the TTL is 1200 seconds (20 minutes).
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client will use the TTL settings specified in DNS. By default, the TTL is 1200 seconds (20 minutes).
 <!-- DNS_RegistrationTtl-Description-End -->
 
 <!-- DNS_RegistrationTtl-Editable-Begin -->
@@ -985,7 +985,7 @@ Specifies the DNS suffixes to attach to an unqualified single-label name before
 
 An unqualified single-label name contains no dots. The name "example" is a single-label name. This is different from a fully qualified domain name such as "example.microsoft.com".
 
-Client computers that receive this policy setting will attach one or more suffixes to DNS queries for a single-label name. For example, a DNS query for the single-label name "example" will be modified to "example.microsoft.com" before sending the query to a DNS server if this policy setting is enabled with a suffix of "microsoft.com".
+DNS clients that receive this policy setting will attach one or more suffixes to DNS queries for a single-label name. For example, a DNS query for the single-label name "example" will be modified to "example.microsoft.com" before sending the query to a DNS server if this policy setting is enabled with a suffix of "microsoft.com".
 
 To use this policy setting, click Enabled, and then enter a string value representing the DNS suffixes that should be appended to single-label names. You must specify at least one suffix. Use a comma-delimited string, such as "microsoft.com,serverua.microsoft.com,office.microsoft.com" to specify multiple suffixes.
 
@@ -1170,15 +1170,15 @@ Specifies the security level for dynamic DNS updates.
 
 To use this policy setting, click Enabled and then select one of the following values:
 
-Unsecure followed by secure - computers send secure dynamic updates only when nonsecure dynamic updates are refused.
+Unsecure followed by secure - the DNS client sends secure dynamic updates only when nonsecure dynamic updates are refused.
 
-Only unsecure - computers send only nonsecure dynamic updates.
+Only unsecure - the DNS client sends only nonsecure dynamic updates.
 
-Only secure - computers send only secure dynamic updates.
+Only secure - The DNS client sends only secure dynamic updates.
 
-- If you enable this policy setting, computers that attempt to send dynamic DNS updates will use the security level that you specify in this policy setting.
+- If you enable this policy setting, DNS clients that attempt to send dynamic DNS updates will use the security level that you specify in this policy setting.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers will use local settings. By default, DNS clients attempt to use unsecured dynamic update first. If an unsecured update is refused, clients try to use secure update.
+- If you disable this policy setting, or if you don't configure this policy setting, DNS clients will use local settings. By default, DNS clients attempt to use unsecured dynamic update first. If an unsecured update is refused, clients try to use secure update.
 <!-- DNS_UpdateSecurityLevel-Description-End -->
 
 <!-- DNS_UpdateSecurityLevel-Editable-Begin -->
@@ -1232,13 +1232,13 @@ Only secure - computers send only secure dynamic updates.
 
 <!-- DNS_UpdateTopLevelDomainZones-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies if computers may send dynamic updates to zones with a single label name. These zones are also known as top-level domain zones, for example: "com".
+Specifies if the DNS client may send dynamic updates to zones with a single label name. These zones are also known as top-level domain zones, for example: "com".
 
 By default, a DNS client that's configured to perform dynamic DNS update will update the DNS zone that's authoritative for its DNS resource records unless the authoritative zone is a top-level domain or root zone.
 
-- If you enable this policy setting, computers send dynamic updates to any zone that's authoritative for the resource records that the computer needs to update, except the root zone.
+- If you enable this policy setting, the DNS client sends dynamic updates to any zone that's authoritative for the resource records that the DNS client needs to update, except the root zone.
 
-- If you disable this policy setting, or if you don't configure this policy setting, computers don't send dynamic updates to the root zone or top-level domain zones that are authoritative for the resource records that the computer needs to update.
+- If you disable this policy setting, or if you don't configure this policy setting, the DNS client doesn't send dynamic updates to the root zone or top-level domain zones that are authoritative for the resource records that the DNS client needs to update.
 <!-- DNS_UpdateTopLevelDomainZones-Description-End -->
 
 <!-- DNS_UpdateTopLevelDomainZones-Editable-Begin -->
@@ -1309,7 +1309,7 @@ Each connection-specific DNS suffix, assigned either through DHCP or specified i
 
 For example, when a user submits a query for a single-label name such as "example," the DNS client attaches a suffix such as "microsoft.com" resulting in the query "example.microsoft.com," before sending the query to a DNS server.
 
-If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
+If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the DNS client (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
 
 For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it's under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it's under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix can't be devolved beyond a devolution level of two. The devolution level can be configured using the primary DNS suffix devolution level policy setting. The default devolution level is two.
 
@@ -1370,11 +1370,11 @@ For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the
 
 <!-- Turn_Off_Multicast-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Specifies that link local multicast name resolution (LLMNR) is disabled on client computers.
+Specifies that link local multicast name resolution (LLMNR) is disabled on the DNS client.
 
-LLMNR is a secondary name resolution protocol. With LLMNR, queries are sent using multicast over a local network link on a single subnet from a client computer to another client computer on the same subnet that also has LLMNR enabled. LLMNR doesn't require a DNS server or DNS client configuration, and provides name resolution in scenarios in which conventional DNS name resolution isn't possible.
+LLMNR is a secondary name resolution protocol. With LLMNR, queries are sent using multicast over a local network link on a single subnet from a DNS client to another DNS client on the same subnet that also has LLMNR enabled. LLMNR doesn't require a DNS server or DNS client configuration, and provides name resolution in scenarios in which conventional DNS name resolution isn't possible.
 
-- If you enable this policy setting, LLMNR will be disabled on all available network adapters on the client computer.
+- If you enable this policy setting, LLMNR will be disabled on all available network adapters on the DNS client.
 
 - If you disable this policy setting, or you don't configure this policy setting, LLMNR will be enabled on all available network adapters.
 <!-- Turn_Off_Multicast-Description-End -->
diff --git a/windows/client-management/mdm/policy-csp-admx-filesys.md b/windows/client-management/mdm/policy-csp-admx-filesys.md
index 03c6eabd47..1b08f87864 100644
--- a/windows/client-management/mdm/policy-csp-admx-filesys.md
+++ b/windows/client-management/mdm/policy-csp-admx-filesys.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_FileSys Policy CSP
 description: Learn more about the ADMX_FileSys Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -260,7 +260,7 @@ Encrypting the page file prevents malicious users from reading data that has bee
 
 <!-- LongPathsEnabled-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Enabling Win32 long paths will allow manifested win32 applications and Windows Store applications to access paths beyond the normal 260 character limit. Enabling this setting will cause the long paths to be accessible within the process.
+Enabling Win32 long paths will allow manifested win32 applications and packaged Microsoft Store applications to access paths beyond the normal 260 character limit. Enabling this setting will cause the long paths to be accessible within the process.
 <!-- LongPathsEnabled-Description-End -->
 
 <!-- LongPathsEnabled-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index 124f07bbb0..2664598272 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_MicrosoftDefenderAntivirus Policy CSP
 description: Learn more about the ADMX_MicrosoftDefenderAntivirus Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -1523,11 +1523,13 @@ This policy setting defines the number of days items should be kept in the Quara
 
 <!-- RandomizeScheduleTaskTimes-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows you to configure the scheduled scan, and the scheduled security intelligence update, start time window in hours.
+This policy setting allows you to configure the randomization of the scheduled scan start time and the scheduled definition update start time.
 
-- If you disable or don't configure this setting, scheduled tasks will begin at a random time within 4 hours after the time specified in Task Scheduler.
+- If you enable or don't configure this policy setting, and didn't set a randomization window in the Configure scheduled task time randomization window setting , then randomization will be added between 0-4 hours.
 
-- If you enable this setting, you can widen, or narrow, this randomization period. Specify a randomization window of between 1 and 23 hours.
+- If you enable or don't configure this policy setting, and set a randomization window in the Configure scheduled task time randomization window setting, the configured randomization window will be used.
+
+- If you disable this policy setting, but configured the scheduled task time randomization window, randomization won't be done.
 <!-- RandomizeScheduleTaskTimes-Description-End -->
 
 <!-- RandomizeScheduleTaskTimes-Editable-Begin -->
@@ -3528,11 +3530,11 @@ This policy setting allows you to configure scanning mapped network drives.
 
 <!-- Scan_DisableScanningNetworkFiles-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows you to configure scanning for network files. It's recommended that you don't enable this setting.
+This policy setting allows the scanning of network files using on access protection. The default is enabled. Recommended to remain enabled in most cases.
 
-- If you enable this setting, network files will be scanned.
+- If you enable or don't configure this setting, network files will be scanned.
 
-- If you disable or don't configure this setting, network files won't be scanned.
+- If you disable this setting, network files won't be scanned.
 <!-- Scan_DisableScanningNetworkFiles-Description-End -->
 
 <!-- Scan_DisableScanningNetworkFiles-Editable-Begin -->
@@ -3556,7 +3558,7 @@ This policy setting allows you to configure scanning for network files. It's rec
 | Name | Value |
 |:--|:--|
 | Name | Scan_DisableScanningNetworkFiles |
-| Friendly Name | Scan network files |
+| Friendly Name | Configure scanning of network files |
 | Location | Computer Configuration |
 | Path | Windows Components > Microsoft Defender Antivirus > Scan |
 | Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
@@ -5436,12 +5438,7 @@ Valid remediation action values are:
 <!-- UX_Configuration_CustomDefaultActionToastString-OmaUri-End -->
 
 <!-- UX_Configuration_CustomDefaultActionToastString-Description-Begin -->
-<!-- Description-Source-ADMX -->
-This policy setting allows you to configure whether or not to display additional text to clients when they need to perform an action. The text displayed is a custom administrator-defined string. For example, the phone number to call the company help desk. The client interface will only display a maximum of 1024 characters. Longer strings will be truncated before display.
-
-- If you enable this setting, the additional text specified will be displayed.
-
-- If you disable or don't configure this setting, there will be no additional text displayed.
+<!-- Description-Source-Not-Found -->
 <!-- UX_Configuration_CustomDefaultActionToastString-Description-End -->
 
 <!-- UX_Configuration_CustomDefaultActionToastString-Editable-Begin -->
@@ -5458,6 +5455,7 @@ This policy setting allows you to configure whether or not to display additional
 <!-- UX_Configuration_CustomDefaultActionToastString-DFProperties-End -->
 
 <!-- UX_Configuration_CustomDefaultActionToastString-AdmxBacked-Begin -->
+<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -5465,10 +5463,6 @@ This policy setting allows you to configure whether or not to display additional
 | Name | Value |
 |:--|:--|
 | Name | UX_Configuration_CustomDefaultActionToastString |
-| Friendly Name | Display additional text to clients when they need to perform an action |
-| Location | Computer Configuration |
-| Path | Windows Components > Microsoft Defender Antivirus > Client Interface |
-| Registry Key Name | Software\Policies\Microsoft\Windows Defender\UX Configuration |
 | ADMX File Name | WindowsDefender.admx |
 <!-- UX_Configuration_CustomDefaultActionToastString-AdmxBacked-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-netlogon.md b/windows/client-management/mdm/policy-csp-admx-netlogon.md
index 6603256c75..3cad268ba1 100644
--- a/windows/client-management/mdm/policy-csp-admx-netlogon.md
+++ b/windows/client-management/mdm/policy-csp-admx-netlogon.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_Netlogon Policy CSP
 description: Learn more about the ADMX_Netlogon Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -420,6 +420,8 @@ Note that this policy setting doesn't affect NetBIOS-based discovery for DC loca
 - If you enable or don't configure this policy setting, the DC location algorithm doesn't use NetBIOS-based discovery as a fallback mechanism when DNS-based discovery fails. This is the default behavior.
 
 - If you disable this policy setting, the DC location algorithm can use NetBIOS-based discovery as a fallback mechanism when DNS based discovery fails.
+
+This setting has no effect unless the BlockNetbiosDiscovery setting is disabled. NetBIOS-based discovery is considered unsecure, has many limitations, and will be deprecated in a future release. For these reasons, NetBIOS-based discovery isn't recommended. See <https://aka.ms/dclocatornetbiosdeprecation> for more information.
 <!-- Netlogon_AvoidFallbackNetbiosDiscovery-Description-End -->
 
 <!-- Netlogon_AvoidFallbackNetbiosDiscovery-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-admx-printing.md b/windows/client-management/mdm/policy-csp-admx-printing.md
index d610c2f9e8..3d3913d0a5 100644
--- a/windows/client-management/mdm/policy-csp-admx-printing.md
+++ b/windows/client-management/mdm/policy-csp-admx-printing.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_Printing Policy CSP
 description: Learn more about the ADMX_Printing Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -749,7 +749,7 @@ This preference allows you to change default printer management.
 
 <!-- MXDWUseLegacyOutputFormatMSXPS-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Microsoft XPS Document Writer (MXDW) generates OpenXPS (*.oxps) files by default in Windows 10, Windows 10 and Windows Server 2022.
+Microsoft XPS Document Writer (MXDW) generates OpenXPS (*.oxps) files by default in Windows 10, Windows 10 and Windows Server 2025.
 
 - If you enable this group policy setting, the default MXDW output format is the legacy Microsoft XPS (*.xps).
 
diff --git a/windows/client-management/mdm/policy-csp-admx-startmenu.md b/windows/client-management/mdm/policy-csp-admx-startmenu.md
index e43437afce..7c490ba91b 100644
--- a/windows/client-management/mdm/policy-csp-admx-startmenu.md
+++ b/windows/client-management/mdm/policy-csp-admx-startmenu.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_StartMenu Policy CSP
 description: Learn more about the ADMX_StartMenu Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -997,7 +997,7 @@ This policy setting allows you to prevent users from changing their Start screen
 |:--|:--|
 | Name | NoChangeStartMenu |
 | Friendly Name | Prevent users from customizing their Start Screen |
-| Location | User Configuration |
+| Location | Computer and User Configuration |
 | Path | Start Menu and Taskbar |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
 | Registry Value Name | NoChangeStartMenu |
diff --git a/windows/client-management/mdm/policy-csp-admx-taskbar.md b/windows/client-management/mdm/policy-csp-admx-taskbar.md
index 15a624d898..f2d2086000 100644
--- a/windows/client-management/mdm/policy-csp-admx-taskbar.md
+++ b/windows/client-management/mdm/policy-csp-admx-taskbar.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_Taskbar Policy CSP
 description: Learn more about the ADMX_Taskbar Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -69,7 +69,7 @@ A reboot is required for this policy setting to take effect.
 |:--|:--|
 | Name | DisableNotificationCenter |
 | Friendly Name | Remove Notifications and Action Center |
-| Location | User Configuration |
+| Location | Computer and User Configuration |
 | Path | Start Menu and Taskbar |
 | Registry Key Name | Software\Policies\Microsoft\Windows\Explorer |
 | Registry Value Name | DisableNotificationCenter |
@@ -748,11 +748,11 @@ This policy setting allows you to turn off automatic promotion of notification i
 
 <!-- ShowWindowsStoreAppsOnTaskbar-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows users to see Windows Store apps on the taskbar.
+This policy setting allows users to see packaged Microsoft Store apps on the taskbar.
 
-- If you enable this policy setting, users will see Windows Store apps on the taskbar.
+- If you enable this policy setting, users will see packaged Microsoft Store apps on the taskbar.
 
-- If you disable this policy setting, users won't see Windows Store apps on the taskbar.
+- If you disable this policy setting, users won't see packaged Microsoft Store apps on the taskbar.
 
 - If you don't configure this policy setting, the default setting for the user's device will be used, and the user can choose to change it.
 <!-- ShowWindowsStoreAppsOnTaskbar-Description-End -->
@@ -778,7 +778,7 @@ This policy setting allows users to see Windows Store apps on the taskbar.
 | Name | Value |
 |:--|:--|
 | Name | ShowWindowsStoreAppsOnTaskbar |
-| Friendly Name | Show Windows Store apps on the taskbar |
+| Friendly Name | Show packaged Microsoft Store apps on the taskbar |
 | Location | User Configuration |
 | Path | Start Menu and Taskbar |
 | Registry Key Name | Software\Policies\Microsoft\Windows\Explorer |
diff --git a/windows/client-management/mdm/policy-csp-admx-terminalserver.md b/windows/client-management/mdm/policy-csp-admx-terminalserver.md
index c4f588506a..d6d10aed92 100644
--- a/windows/client-management/mdm/policy-csp-admx-terminalserver.md
+++ b/windows/client-management/mdm/policy-csp-admx-terminalserver.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_TerminalServer Policy CSP
 description: Learn more about the ADMX_TerminalServer Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -3585,7 +3585,7 @@ This policy setting allows you to specify which protocols can be used for Remote
 
 - If you enable this policy setting, you must specify if you would like RDP to use UDP.
 
-You can select one of the following options: "Use both UDP and TCP", "Use only TCP" or "Use either UDP or TCP (default)".
+You can select one of the following options: "Use either UDP or TCP (default)" or "Use only TCP".
 
 If you select "Use either UDP or TCP" and the UDP connection is successful, most of the RDP traffic will use UDP.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-thumbnails.md b/windows/client-management/mdm/policy-csp-admx-thumbnails.md
index 7095179c9c..bc47c28b99 100644
--- a/windows/client-management/mdm/policy-csp-admx-thumbnails.md
+++ b/windows/client-management/mdm/policy-csp-admx-thumbnails.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_Thumbnails Policy CSP
 description: Learn more about the ADMX_Thumbnails Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -95,11 +95,14 @@ File Explorer displays thumbnail images by default.
 <!-- Description-Source-ADMX -->
 This policy setting allows you to configure how File Explorer displays thumbnail images or icons on network folders.
 
-File Explorer displays thumbnail images on network folders by default.
+File Explorer displays only icons and never displays thumbnail images on network folders by default.
 
-- If you enable this policy setting, File Explorer displays only icons and never displays thumbnail images on network folders.
+- If you disable this policy setting, File Explorer displays thumbnail images on network folders.
 
-- If you disable or don't configure this policy setting, File Explorer displays only thumbnail images on network folders.
+- If you enable or don't configure this policy setting, File Explorer displays only icons and never displays thumbnail images on network folders.
+
+> [!NOTE]
+> Allowing the use of thumbnail images from network folders can expose the users' computers to security risks.
 <!-- DisableThumbnailsOnNetworkFolders-Description-End -->
 
 <!-- DisableThumbnailsOnNetworkFolders-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 44d542de9d..9100a4bbb3 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_WindowsExplorer Policy CSP
 description: Learn more about the ADMX_WindowsExplorer Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -472,7 +472,15 @@ You can specify a known folder using its known folder id or using its canonical
 <!-- DisableMotWOnInsecurePathCopy-OmaUri-End -->
 
 <!-- DisableMotWOnInsecurePathCopy-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting determines the application of the Mark of the Web tag to files sourced from insecure locations.
+
+- If you enable this policy setting, files copied from unsecure sources won't be tagged with the Mark of the Web.
+
+- If you disable or don't configure this policy setting, files copied from unsecure sources will be tagged with the appropriate Mark of the Web.
+
+> [!NOTE]
+> Failure to tag files from unsecure sources with the Mark of the Web can expose users' computers to security risks.
 <!-- DisableMotWOnInsecurePathCopy-Description-End -->
 
 <!-- DisableMotWOnInsecurePathCopy-Editable-Begin -->
@@ -489,7 +497,6 @@ You can specify a known folder using its known folder id or using its canonical
 <!-- DisableMotWOnInsecurePathCopy-DFProperties-End -->
 
 <!-- DisableMotWOnInsecurePathCopy-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -497,6 +504,11 @@ You can specify a known folder using its known folder id or using its canonical
 | Name | Value |
 |:--|:--|
 | Name | DisableMotWOnInsecurePathCopy |
+| Friendly Name | Do not apply the Mark of the Web tag to files copied from insecure sources |
+| Location | Computer Configuration |
+| Path | WindowsComponents > File Explorer |
+| Registry Key Name | Software\Policies\Microsoft\Windows\Explorer |
+| Registry Value Name | DisableMotWOnInsecurePathCopy |
 | ADMX File Name | WindowsExplorer.admx |
 <!-- DisableMotWOnInsecurePathCopy-AdmxBacked-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-wpn.md b/windows/client-management/mdm/policy-csp-admx-wpn.md
index bfddc2641c..b1b7b3fd75 100644
--- a/windows/client-management/mdm/policy-csp-admx-wpn.md
+++ b/windows/client-management/mdm/policy-csp-admx-wpn.md
@@ -1,7 +1,7 @@
 ---
 title: ADMX_WPN Policy CSP
 description: Learn more about the ADMX_WPN Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -254,7 +254,7 @@ No reboots or service restarts are required for this policy setting to take effe
 |:--|:--|
 | Name | NoToastNotification |
 | Friendly Name | Turn off toast notifications |
-| Location | User Configuration |
+| Location | Computer and User Configuration |
 | Path | Start Menu and Taskbar > Notifications |
 | Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications |
 | Registry Value Name | NoToastApplicationNotification |
diff --git a/windows/client-management/mdm/policy-csp-appdeviceinventory.md b/windows/client-management/mdm/policy-csp-appdeviceinventory.md
index 7e0fb8176b..aa8f597ae9 100644
--- a/windows/client-management/mdm/policy-csp-appdeviceinventory.md
+++ b/windows/client-management/mdm/policy-csp-appdeviceinventory.md
@@ -1,7 +1,7 @@
 ---
 title: AppDeviceInventory Policy CSP
 description: Learn more about the AppDeviceInventory Area in Policy CSP.
-ms.date: 08/07/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -33,7 +33,12 @@ ms.date: 08/07/2024
 <!-- TurnOffAPISamping-OmaUri-End -->
 
 <!-- TurnOffAPISamping-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls the state of API Sampling. API Sampling monitors the sampled collection of application programming interfaces used during system runtime to help diagnose compatibility problems.
+
+- If you enable this policy, API Sampling won't be run.
+
+- If you disable or don't configure this policy, API Sampling will be turned on.
 <!-- TurnOffAPISamping-Description-End -->
 
 <!-- TurnOffAPISamping-Editable-Begin -->
@@ -50,7 +55,6 @@ ms.date: 08/07/2024
 <!-- TurnOffAPISamping-DFProperties-End -->
 
 <!-- TurnOffAPISamping-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -58,6 +62,11 @@ ms.date: 08/07/2024
 | Name | Value |
 |:--|:--|
 | Name | TurnOffAPISamping |
+| Friendly Name | Turn off API Sampling |
+| Location | Computer Configuration |
+| Path | Windows Components > App and Device Inventory |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppCompat |
+| Registry Value Name | DisableAPISamping |
 | ADMX File Name | AppDeviceInventory.admx |
 <!-- TurnOffAPISamping-AdmxBacked-End -->
 
@@ -83,7 +92,12 @@ ms.date: 08/07/2024
 <!-- TurnOffApplicationFootprint-OmaUri-End -->
 
 <!-- TurnOffApplicationFootprint-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls the state of Application Footprint. Application Footprint monitors the sampled collection of registry and file usage to help diagnose compatibility problems.
+
+- If you enable this policy, Application Footprint won't be run.
+
+- If you disable or don't configure this policy, Application Footprint will be turned on.
 <!-- TurnOffApplicationFootprint-Description-End -->
 
 <!-- TurnOffApplicationFootprint-Editable-Begin -->
@@ -100,7 +114,6 @@ ms.date: 08/07/2024
 <!-- TurnOffApplicationFootprint-DFProperties-End -->
 
 <!-- TurnOffApplicationFootprint-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -108,6 +121,11 @@ ms.date: 08/07/2024
 | Name | Value |
 |:--|:--|
 | Name | TurnOffApplicationFootprint |
+| Friendly Name | Turn off Application Footprint |
+| Location | Computer Configuration |
+| Path | Windows Components > App and Device Inventory |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppCompat |
+| Registry Value Name | DisableApplicationFootprint |
 | ADMX File Name | AppDeviceInventory.admx |
 <!-- TurnOffApplicationFootprint-AdmxBacked-End -->
 
@@ -133,7 +151,12 @@ ms.date: 08/07/2024
 <!-- TurnOffInstallTracing-OmaUri-End -->
 
 <!-- TurnOffInstallTracing-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls the state of Install Tracing. Install Tracing is a mechanism that tracks application installs to help diagnose compatibility problems.
+
+- If you enable this policy, Install Tracing won't be run.
+
+- If you disable or don't configure this policy, Install Tracing will be turned on.
 <!-- TurnOffInstallTracing-Description-End -->
 
 <!-- TurnOffInstallTracing-Editable-Begin -->
@@ -150,7 +173,6 @@ ms.date: 08/07/2024
 <!-- TurnOffInstallTracing-DFProperties-End -->
 
 <!-- TurnOffInstallTracing-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -158,6 +180,11 @@ ms.date: 08/07/2024
 | Name | Value |
 |:--|:--|
 | Name | TurnOffInstallTracing |
+| Friendly Name | Turn off Install Tracing |
+| Location | Computer Configuration |
+| Path | Windows Components > App and Device Inventory |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppCompat |
+| Registry Value Name | DisableInstallTracing |
 | ADMX File Name | AppDeviceInventory.admx |
 <!-- TurnOffInstallTracing-AdmxBacked-End -->
 
@@ -167,6 +194,65 @@ ms.date: 08/07/2024
 
 <!-- TurnOffInstallTracing-End -->
 
+<!-- TurnOffWin32AppBackup-Begin -->
+## TurnOffWin32AppBackup
+
+<!-- TurnOffWin32AppBackup-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+<!-- TurnOffWin32AppBackup-Applicability-End -->
+
+<!-- TurnOffWin32AppBackup-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/AppDeviceInventory/TurnOffWin32AppBackup
+```
+<!-- TurnOffWin32AppBackup-OmaUri-End -->
+
+<!-- TurnOffWin32AppBackup-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy controls the state of the compatibility scan for backed up applications. The compatibility scan for backed up applications evaluates for compatibility problems in installed applications.
+
+- If you enable this policy, the compatibility scan for backed up applications won't be run.
+
+- If you disable or don't configure this policy, the compatibility scan for backed up applications will be run.
+<!-- TurnOffWin32AppBackup-Description-End -->
+
+<!-- TurnOffWin32AppBackup-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- TurnOffWin32AppBackup-Editable-End -->
+
+<!-- TurnOffWin32AppBackup-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+<!-- TurnOffWin32AppBackup-DFProperties-End -->
+
+<!-- TurnOffWin32AppBackup-AdmxBacked-Begin -->
+[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
+
+**ADMX mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | TurnOffWin32AppBackup |
+| Friendly Name | Turn off compatibility scan for backed up applications |
+| Location | Computer Configuration |
+| Path | Windows Components > App and Device Inventory |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppCompat |
+| Registry Value Name | DisableWin32AppBackup |
+| ADMX File Name | AppDeviceInventory.admx |
+<!-- TurnOffWin32AppBackup-AdmxBacked-End -->
+
+<!-- TurnOffWin32AppBackup-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- TurnOffWin32AppBackup-Examples-End -->
+
+<!-- TurnOffWin32AppBackup-End -->
+
 <!-- AppDeviceInventory-CspMoreInfo-Begin -->
 <!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
 <!-- AppDeviceInventory-CspMoreInfo-End -->
diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md
index 7b1698c462..885f96e31a 100644
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@@ -1,7 +1,7 @@
 ---
 title: ApplicationManagement Policy CSP
 description: Learn more about the ApplicationManagement Area in Policy CSP.
-ms.date: 04/10/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -30,11 +30,11 @@ ms.date: 04/10/2024
 
 <!-- AllowAllTrustedApps-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows you to manage the installation of trusted line-of-business (LOB) or developer-signed Windows Store apps.
+This policy setting allows you to manage the installation of trusted line-of-business (LOB) or developer-signed packaged Microsoft Store apps.
 
-- If you enable this policy setting, you can install any LOB or developer-signed Windows Store app (which must be signed with a certificate chain that can be successfully validated by the local computer).
+- If you enable this policy setting, you can install any LOB or developer-signed packaged Microsoft Store app (which must be signed with a certificate chain that can be successfully validated by the local computer).
 
-- If you disable or don't configure this policy setting, you can't install LOB or developer-signed Windows Store apps.
+- If you disable or don't configure this policy setting, you can't install LOB or developer-signed packaged Microsoft Store apps.
 <!-- AllowAllTrustedApps-Description-End -->
 
 <!-- AllowAllTrustedApps-Editable-Begin -->
@@ -269,7 +269,7 @@ Allows or denies development of Microsoft Store applications and installing them
 | Name | Value |
 |:--|:--|
 | Name | AllowDevelopmentWithoutDevLicense |
-| Friendly Name | Allows development of Windows Store apps and installing them from an integrated development environment (IDE) |
+| Friendly Name | Allows development of packaged Microsoft Store apps and installing them from an integrated development environment (IDE) |
 | Location | Computer Configuration |
 | Path | Windows Components > App Package Deployment |
 | Registry Key Name | Software\Policies\Microsoft\Windows\Appx |
diff --git a/windows/client-management/mdm/policy-csp-appruntime.md b/windows/client-management/mdm/policy-csp-appruntime.md
index 20cddfc183..2b19c52a8c 100644
--- a/windows/client-management/mdm/policy-csp-appruntime.md
+++ b/windows/client-management/mdm/policy-csp-appruntime.md
@@ -1,7 +1,7 @@
 ---
 title: AppRuntime Policy CSP
 description: Learn more about the AppRuntime Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -32,9 +32,9 @@ ms.date: 01/18/2024
 
 <!-- AllowMicrosoftAccountsToBeOptional-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting lets you control whether Microsoft accounts are optional for Windows Store apps that require an account to sign in. This policy only affects Windows Store apps that support it.
+This policy setting lets you control whether Microsoft accounts are optional for packaged Microsoft Store apps that require an account to sign in. This policy only affects packaged Microsoft Store apps that support it.
 
-- If you enable this policy setting, Windows Store apps that typically require a Microsoft account to sign in will allow users to sign in with an enterprise account instead.
+- If you enable this policy setting, packaged Microsoft Store apps that typically require a Microsoft account to sign in will allow users to sign in with an enterprise account instead.
 
 - If you disable or don't configure this policy setting, users will need to sign in with a Microsoft account.
 <!-- AllowMicrosoftAccountsToBeOptional-Description-End -->
diff --git a/windows/client-management/mdm/policy-csp-appvirtualization.md b/windows/client-management/mdm/policy-csp-appvirtualization.md
index 6e677aa3b7..220712712a 100644
--- a/windows/client-management/mdm/policy-csp-appvirtualization.md
+++ b/windows/client-management/mdm/policy-csp-appvirtualization.md
@@ -1,7 +1,7 @@
 ---
 title: AppVirtualization Policy CSP
 description: Learn more about the AppVirtualization Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -33,6 +33,9 @@ ms.date: 01/18/2024
 <!-- AllowAppVClient-Description-Begin -->
 <!-- Description-Source-ADMX -->
 This policy setting allows you to enable or disable Microsoft Application Virtualization (App-V) feature. Reboot is needed for disable to take effect.
+
+> [!NOTE]
+> Application Virtualization (App-V) will reach end-of-life April 2026. After that time, the App-V client will be excluded from new versions of the Windows operating system. See aka.ms/AppVDeprecation for more information.
 <!-- AllowAppVClient-Description-End -->
 
 <!-- AllowAppVClient-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-audit.md b/windows/client-management/mdm/policy-csp-audit.md
index 3e7b9cbfee..a3a20cf60a 100644
--- a/windows/client-management/mdm/policy-csp-audit.md
+++ b/windows/client-management/mdm/policy-csp-audit.md
@@ -1,7 +1,7 @@
 ---
 title: Audit Policy CSP
 description: Learn more about the Audit Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 10/10/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -846,7 +846,7 @@ Volume: Low.
 
 <!-- AccountLogonLogoff_AuditSpecialLogon-Description-Begin -->
 <!-- Description-Source-DDF -->
-This policy setting allows you to audit events generated by special logons such as the following: The use of a special logon, which is a logon that has administrator-equivalent privileges and can be used to elevate a process to a higher level. A logon by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged-on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the subcategory is enabled, an event is logged. For more information about this feature, see [article 947223 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121697).
+This policy setting allows you to audit events generated by special logons such as the following: The use of a special logon, which is a logon that has administrator-equivalent privileges and can be used to elevate a process to a higher level. A logon by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged-on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the subcategory is enabled, an event is logged.
 <!-- AccountLogonLogoff_AuditSpecialLogon-Description-End -->
 
 <!-- AccountLogonLogoff_AuditSpecialLogon-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md
index 27aae04079..11bf016054 100644
--- a/windows/client-management/mdm/policy-csp-cryptography.md
+++ b/windows/client-management/mdm/policy-csp-cryptography.md
@@ -1,7 +1,7 @@
 ---
 title: Cryptography Policy CSP
 description: Learn more about the Cryptography Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/18/2024
 <!-- Cryptography-Begin -->
 # Policy CSP - Cryptography
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Cryptography-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Cryptography-Editable-End -->
@@ -79,7 +77,7 @@ Allows or disallows the Federal Information Processing Standard (FIPS) policy.
 <!-- ConfigureEllipticCurveCryptography-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureEllipticCurveCryptography-Applicability-End -->
 
 <!-- ConfigureEllipticCurveCryptography-OmaUri-Begin -->
@@ -146,7 +144,7 @@ CertUtil.exe -DisplayEccCurve.
 <!-- ConfigureSystemCryptographyForceStrongKeyProtection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSystemCryptographyForceStrongKeyProtection-Applicability-End -->
 
 <!-- ConfigureSystemCryptographyForceStrongKeyProtection-OmaUri-Begin -->
@@ -196,7 +194,7 @@ System cryptography: Force strong key protection for user keys stored on the com
 <!-- OverrideMinimumEnabledDTLSVersionClient-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- OverrideMinimumEnabledDTLSVersionClient-Applicability-End -->
 
 <!-- OverrideMinimumEnabledDTLSVersionClient-OmaUri-Begin -->
@@ -235,7 +233,7 @@ Override minimal enabled TLS version for client role. Last write wins.
 <!-- OverrideMinimumEnabledDTLSVersionServer-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- OverrideMinimumEnabledDTLSVersionServer-Applicability-End -->
 
 <!-- OverrideMinimumEnabledDTLSVersionServer-OmaUri-Begin -->
@@ -274,7 +272,7 @@ Override minimal enabled TLS version for server role. Last write wins.
 <!-- OverrideMinimumEnabledTLSVersionClient-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- OverrideMinimumEnabledTLSVersionClient-Applicability-End -->
 
 <!-- OverrideMinimumEnabledTLSVersionClient-OmaUri-Begin -->
@@ -313,7 +311,7 @@ Override minimal enabled TLS version for client role. Last write wins.
 <!-- OverrideMinimumEnabledTLSVersionServer-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- OverrideMinimumEnabledTLSVersionServer-Applicability-End -->
 
 <!-- OverrideMinimumEnabledTLSVersionServer-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md
index a790f24a26..2eef54311e 100644
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@@ -1,7 +1,7 @@
 ---
 title: Defender Policy CSP
 description: Learn more about the Defender Area in Policy CSP.
-ms.date: 06/28/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -745,7 +745,7 @@ This policy setting allows you to configure scheduled scans and on-demand (manua
 | Name | Value |
 |:--|:--|
 | Name | Scan_DisableScanningNetworkFiles |
-| Friendly Name | Scan network files |
+| Friendly Name | Configure scanning of network files |
 | Location | Computer Configuration |
 | Path | Windows Components > Microsoft Defender Antivirus > Scan |
 | Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
diff --git a/windows/client-management/mdm/policy-csp-desktopappinstaller.md b/windows/client-management/mdm/policy-csp-desktopappinstaller.md
index 2b3fea16a4..c1806d30f7 100644
--- a/windows/client-management/mdm/policy-csp-desktopappinstaller.md
+++ b/windows/client-management/mdm/policy-csp-desktopappinstaller.md
@@ -1,7 +1,7 @@
 ---
 title: DesktopAppInstaller Policy CSP
 description: Learn more about the DesktopAppInstaller Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,8 +11,6 @@ ms.date: 01/18/2024
 
 [!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- DesktopAppInstaller-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- DesktopAppInstaller-Editable-End -->
@@ -215,7 +213,14 @@ Users will still be able to execute the *winget* command. The default help will
 <!-- EnableBypassCertificatePinningForMicrosoftStore-OmaUri-End -->
 
 <!-- EnableBypassCertificatePinningForMicrosoftStore-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls whether the [Windows Package Manager](/windows/package-manager/) will validate the Microsoft Store certificate hash matches to a known Microsoft Store certificate when initiating a connection to the Microsoft Store Source.
+
+- If you enable this policy, the [Windows Package Manager](/windows/package-manager/) will bypass the Microsoft Store certificate validation.
+
+- If you disable this policy, the [Windows Package Manager](/windows/package-manager/) will validate the Microsoft Store certificate used is valid and belongs to the Microsoft Store before communicating with the Microsoft Store source.
+
+- If you don't configure this policy, the [Windows Package Manager](/windows/package-manager/) administrator settings will be adhered to.
 <!-- EnableBypassCertificatePinningForMicrosoftStore-Description-End -->
 
 <!-- EnableBypassCertificatePinningForMicrosoftStore-Editable-Begin -->
@@ -232,7 +237,6 @@ Users will still be able to execute the *winget* command. The default help will
 <!-- EnableBypassCertificatePinningForMicrosoftStore-DFProperties-End -->
 
 <!-- EnableBypassCertificatePinningForMicrosoftStore-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -240,6 +244,11 @@ Users will still be able to execute the *winget* command. The default help will
 | Name | Value |
 |:--|:--|
 | Name | EnableBypassCertificatePinningForMicrosoftStore |
+| Friendly Name | Enable App Installer Microsoft Store Source Certificate Validation Bypass |
+| Location | Computer Configuration |
+| Path | Windows Components > Desktop App Installer |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppInstaller |
+| Registry Value Name | EnableBypassCertificatePinningForMicrosoftStore |
 | ADMX File Name | DesktopAppInstaller.admx |
 <!-- EnableBypassCertificatePinningForMicrosoftStore-AdmxBacked-End -->
 
@@ -445,7 +454,14 @@ This policy controls whether or not the [Windows Package Manager](/windows/packa
 <!-- EnableLocalArchiveMalwareScanOverride-OmaUri-End -->
 
 <!-- EnableLocalArchiveMalwareScanOverride-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls the ability to override malware vulnerability scans when installing an archive file using a local manifest using the command line arguments.
+
+- If you enable this policy, users can override the malware scan when performing a local manifest install of an archive file.
+
+- If you disable this policy, users will be unable to override the malware scan of an archive file when installing using a local manifest.
+
+- If you don't configure this policy, the [Windows Package Manager](/windows/package-manager/) administrator settings will be adhered to.
 <!-- EnableLocalArchiveMalwareScanOverride-Description-End -->
 
 <!-- EnableLocalArchiveMalwareScanOverride-Editable-Begin -->
@@ -462,7 +478,6 @@ This policy controls whether or not the [Windows Package Manager](/windows/packa
 <!-- EnableLocalArchiveMalwareScanOverride-DFProperties-End -->
 
 <!-- EnableLocalArchiveMalwareScanOverride-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -470,6 +485,11 @@ This policy controls whether or not the [Windows Package Manager](/windows/packa
 | Name | Value |
 |:--|:--|
 | Name | EnableLocalArchiveMalwareScanOverride |
+| Friendly Name | Enable App Installer Local Archive Malware Scan Override |
+| Location | Computer Configuration |
+| Path | Windows Components > Desktop App Installer |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppInstaller |
+| Registry Value Name | EnableLocalArchiveMalwareScanOverride |
 | ADMX File Name | DesktopAppInstaller.admx |
 <!-- EnableLocalArchiveMalwareScanOverride-AdmxBacked-End -->
 
@@ -618,9 +638,9 @@ This policy controls the Microsoft Store source included with the [Windows Packa
 <!-- Description-Source-ADMX -->
 This policy controls whether users can install packages from a website that's using the ms-appinstaller protocol.
 
-- If you enable or don't configure this setting, users will be able to install packages from websites that use this protocol.
+- If you enable this setting, users will be able to install packages from websites that use this protocol.
 
-- If you disable this setting, users won't be able to install packages from websites that use this protocol.
+- If you disable or don't configure this setting, users won't be able to install packages from websites that use this protocol.
 <!-- EnableMSAppInstallerProtocol-Description-End -->
 
 <!-- EnableMSAppInstallerProtocol-Editable-Begin -->
@@ -724,7 +744,7 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-Applicability-End -->
 
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-OmaUri-Begin -->
@@ -734,7 +754,14 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-OmaUri-End -->
 
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy determines if a user can perform an action using the [Windows Package Manager](/windows/package-manager/) through a command line interface (WinGet CLI, or WinGet PowerShell).
+
+If you disable this policy, users won't be able execute the [Windows Package Manager](/windows/package-manager/) CLI, and PowerShell cmdlets.
+
+If you enable, or don't configuring this policy, users will be able to execute the [Windows Package Manager](/windows/package-manager/) CLI commands, and PowerShell cmdlets. (Provided "Enable App Installer" policy isn't disabled).
+
+This policy doesn't override the "Enable App Installer" policy.
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-Description-End -->
 
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-Editable-Begin -->
@@ -751,7 +778,6 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-DFProperties-End -->
 
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -759,6 +785,11 @@ The settings are stored inside of a .json file on the user’s system. It may be
 | Name | Value |
 |:--|:--|
 | Name | EnableWindowsPackageManagerCommandLineInterfaces |
+| Friendly Name | Enable Windows Package Manager command line interfaces |
+| Location | Computer Configuration |
+| Path | Windows Components > Desktop App Installer |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppInstaller |
+| Registry Value Name | EnableWindowsPackageManagerCommandLineInterfaces |
 | ADMX File Name | DesktopAppInstaller.admx |
 <!-- EnableWindowsPackageManagerCommandLineInterfaces-AdmxBacked-End -->
 
@@ -774,7 +805,7 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerConfiguration-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- EnableWindowsPackageManagerConfiguration-Applicability-End -->
 
 <!-- EnableWindowsPackageManagerConfiguration-OmaUri-Begin -->
@@ -784,7 +815,12 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerConfiguration-OmaUri-End -->
 
 <!-- EnableWindowsPackageManagerConfiguration-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy controls whether the [Windows Package Manager](/windows/package-manager/) configuration feature can be used by users.
+
+- If you enable or don't configure this setting, users will be able to use the [Windows Package Manager](/windows/package-manager/) configuration feature.
+
+- If you disable this setting, users won't be able to use the [Windows Package Manager](/windows/package-manager/) configuration feature.
 <!-- EnableWindowsPackageManagerConfiguration-Description-End -->
 
 <!-- EnableWindowsPackageManagerConfiguration-Editable-Begin -->
@@ -801,7 +837,6 @@ The settings are stored inside of a .json file on the user’s system. It may be
 <!-- EnableWindowsPackageManagerConfiguration-DFProperties-End -->
 
 <!-- EnableWindowsPackageManagerConfiguration-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -809,6 +844,11 @@ The settings are stored inside of a .json file on the user’s system. It may be
 | Name | Value |
 |:--|:--|
 | Name | EnableWindowsPackageManagerConfiguration |
+| Friendly Name | Enable Windows Package Manager Configuration |
+| Location | Computer Configuration |
+| Path | Windows Components > Desktop App Installer |
+| Registry Key Name | Software\Policies\Microsoft\Windows\AppInstaller |
+| Registry Value Name | EnableWindowsPackageManagerConfiguration |
 | ADMX File Name | DesktopAppInstaller.admx |
 <!-- EnableWindowsPackageManagerConfiguration-AdmxBacked-End -->
 
@@ -835,9 +875,9 @@ The settings are stored inside of a .json file on the user’s system. It may be
 
 <!-- SourceAutoUpdateInterval-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy controls the auto update interval for package-based sources.
+This policy controls the auto-update interval for package-based sources. The default source for [Windows Package Manager](/windows/package-manager/) is configured such that an index of the packages is cached on the local machine. The index is downloaded when a user invokes a command, and the interval has passed.
 
-- If you disable or don't configure this setting, the default interval or the value specified in settings will be used by the [Windows Package Manager](/windows/package-manager/).
+- If you disable or don't configure this setting, the default interval or the value specified in the [Windows Package Manager](/windows/package-manager/) settings will be used.
 
 - If you enable this setting, the number of minutes specified will be used by the [Windows Package Manager](/windows/package-manager/).
 <!-- SourceAutoUpdateInterval-Description-End -->
diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md
index 259d88a891..c294633d53 100644
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@@ -1,7 +1,7 @@
 ---
 title: DeviceLock Policy CSP
 description: Learn more about the DeviceLock Area in Policy CSP.
-ms.date: 08/05/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,8 +11,6 @@ ms.date: 08/05/2024
 
 [!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- DeviceLock-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!IMPORTANT]
@@ -25,7 +23,7 @@ ms.date: 08/05/2024
 <!-- AccountLockoutPolicy-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AccountLockoutPolicy-Applicability-End -->
 
 <!-- AccountLockoutPolicy-OmaUri-Begin -->
@@ -64,7 +62,7 @@ Account lockout threshold - This security setting determines the number of faile
 <!-- AllowAdministratorLockout-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowAdministratorLockout-Applicability-End -->
 
 <!-- AllowAdministratorLockout-OmaUri-Begin -->
@@ -329,7 +327,7 @@ Determines the type of PIN or password required. This policy only applies if the
 <!-- ClearTextPassword-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ClearTextPassword-Applicability-End -->
 
 <!-- ClearTextPassword-OmaUri-Begin -->
@@ -685,7 +683,7 @@ The number of authentication failures allowed before the device will be wiped. A
 <!-- MaximumPasswordAge-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MaximumPasswordAge-Applicability-End -->
 
 <!-- MaximumPasswordAge-OmaUri-Begin -->
@@ -1025,7 +1023,7 @@ This security setting determines the period of time (in days) that a password mu
 <!-- MinimumPasswordLength-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MinimumPasswordLength-Applicability-End -->
 
 <!-- MinimumPasswordLength-OmaUri-Begin -->
@@ -1078,7 +1076,7 @@ This security setting determines the least number of characters that a password
 <!-- MinimumPasswordLengthAudit-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MinimumPasswordLengthAudit-Applicability-End -->
 
 <!-- MinimumPasswordLengthAudit-OmaUri-Begin -->
@@ -1128,7 +1126,7 @@ This security setting determines the minimum password length for which password
 <!-- PasswordComplexity-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- PasswordComplexity-Applicability-End -->
 
 <!-- PasswordComplexity-OmaUri-Begin -->
@@ -1188,7 +1186,7 @@ Complexity requirements are enforced when passwords are changed or created.
 <!-- PasswordHistorySize-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- PasswordHistorySize-Applicability-End -->
 
 <!-- PasswordHistorySize-OmaUri-Begin -->
@@ -1360,7 +1358,7 @@ If you enable this setting, users will no longer be able to modify slide show se
 <!-- RelaxMinimumPasswordLengthLimits-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RelaxMinimumPasswordLengthLimits-Applicability-End -->
 
 <!-- RelaxMinimumPasswordLengthLimits-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md
index f0831810bd..d6932eb1ca 100644
--- a/windows/client-management/mdm/policy-csp-experience.md
+++ b/windows/client-management/mdm/policy-csp-experience.md
@@ -1,7 +1,7 @@
 ---
 title: Experience Policy CSP
 description: Learn more about the Experience Area in Policy CSP.
-ms.date: 08/07/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 08/07/2024
 <!-- Experience-Begin -->
 # Policy CSP - Experience
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Experience-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Experience-Editable-End -->
@@ -484,7 +482,7 @@ Allow screen capture.
 <!-- AllowScreenRecorder-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ❌ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ❌ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowScreenRecorder-Applicability-End -->
 
 <!-- AllowScreenRecorder-OmaUri-Begin -->
@@ -494,7 +492,7 @@ Allow screen capture.
 <!-- AllowScreenRecorder-OmaUri-End -->
 
 <!-- AllowScreenRecorder-Description-Begin -->
-<!-- Description-Source-DDF -->
+<!-- Description-Source-ADMX -->
 This policy setting allows you to control whether screen recording functionality is available in the Windows Snipping Tool app.
 
 - If you disable this policy setting, screen recording functionality won't be accessible in the Windows Snipping Tool app.
@@ -531,7 +529,12 @@ This policy setting allows you to control whether screen recording functionality
 | Name | Value |
 |:--|:--|
 | Name | AllowScreenRecorder |
-| Path | Programs > AT > WindowsComponents > SnippingTool |
+| Friendly Name | Allow Screen Recorder |
+| Location | User Configuration |
+| Path | Windows Components > Snipping Tool |
+| Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\SnippingTool |
+| Registry Value Name | AllowScreenRecorder |
+| ADMX File Name | Programs.admx |
 <!-- AllowScreenRecorder-GpMapping-End -->
 
 <!-- AllowScreenRecorder-Examples-Begin -->
@@ -1681,7 +1684,7 @@ This policy setting lets you turn off cloud consumer account state content in al
 <!-- DisableTextTranslation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisableTextTranslation-Applicability-End -->
 
 <!-- DisableTextTranslation-OmaUri-Begin -->
@@ -1887,7 +1890,7 @@ _**Turn syncing off by default but don’t disable**_
 <!-- EnableOrganizationalMessages-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ❌ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 2004 [10.0.19041.4828] and later <br> ✅ Windows 11, version 22H2 with [KB5020044](https://support.microsoft.com/help/5020044) [10.0.22621.900] and later <br> ✅ Windows Insider Preview |
+| ❌ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 22H2 with [KB5041582](https://support.microsoft.com/help/5041582) [10.0.19045.4842] and later <br> ✅ Windows 11, version 22H2 with [KB5020044](https://support.microsoft.com/help/5020044) [10.0.22621.900] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- EnableOrganizationalMessages-Applicability-End -->
 
 <!-- EnableOrganizationalMessages-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-fileexplorer.md b/windows/client-management/mdm/policy-csp-fileexplorer.md
index fb55df7a5d..73f6d2a6de 100644
--- a/windows/client-management/mdm/policy-csp-fileexplorer.md
+++ b/windows/client-management/mdm/policy-csp-fileexplorer.md
@@ -1,7 +1,7 @@
 ---
 title: FileExplorer Policy CSP
 description: Learn more about the FileExplorer Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -138,7 +138,7 @@ When This PC location is restricted, give the user the option to enumerate and n
 
 <!-- DisableGraphRecentItems-Description-Begin -->
 <!-- Description-Source-ADMX -->
-Turning off this setting will prevent File Explorer from requesting cloud file metadata and displaying it in the homepage and other views in File Explorer. Any insights and files available based on account activity will be stopped in views such as Recent, Recommended, Favorites, etc.
+Turning off this setting will prevent File Explorer from requesting cloud file metadata and displaying it in the homepage and other views in File Explorer. Any insights and files available based on account activity will be stopped in views such as Recent, Recommended, Favorites, Details pane, etc.
 <!-- DisableGraphRecentItems-Description-End -->
 
 <!-- DisableGraphRecentItems-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-humanpresence.md b/windows/client-management/mdm/policy-csp-humanpresence.md
index 3ef891ed68..1cf592ddff 100644
--- a/windows/client-management/mdm/policy-csp-humanpresence.md
+++ b/windows/client-management/mdm/policy-csp-humanpresence.md
@@ -1,7 +1,7 @@
 ---
 title: HumanPresence Policy CSP
 description: Learn more about the HumanPresence Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/18/2024
 <!-- HumanPresence-Begin -->
 # Policy CSP - HumanPresence
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- HumanPresence-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- HumanPresence-Editable-End -->
@@ -21,7 +19,7 @@ ms.date: 01/18/2024
 <!-- ForceAllowDimWhenExternalDisplayConnected-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ForceAllowDimWhenExternalDisplayConnected-Applicability-End -->
 
 <!-- ForceAllowDimWhenExternalDisplayConnected-OmaUri-Begin -->
@@ -85,7 +83,7 @@ Determines whether Allow Adaptive Dimming When Battery Saver On checkbox is forc
 <!-- ForceAllowLockWhenExternalDisplayConnected-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ForceAllowLockWhenExternalDisplayConnected-Applicability-End -->
 
 <!-- ForceAllowLockWhenExternalDisplayConnected-OmaUri-Begin -->
@@ -149,7 +147,7 @@ Determines whether Allow Lock on Leave When Battery Saver On checkbox is forced
 <!-- ForceAllowWakeWhenExternalDisplayConnected-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ForceAllowWakeWhenExternalDisplayConnected-Applicability-End -->
 
 <!-- ForceAllowWakeWhenExternalDisplayConnected-OmaUri-Begin -->
@@ -213,7 +211,7 @@ Determines whether Allow Wake on Approach When External Display Connected checkb
 <!-- ForceDisableWakeWhenBatterySaverOn-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ForceDisableWakeWhenBatterySaverOn-Applicability-End -->
 
 <!-- ForceDisableWakeWhenBatterySaverOn-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index 5e218fe45c..bfcf5c6f27 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -1,7 +1,7 @@
 ---
 title: InternetExplorer Policy CSP
 description: Learn more about the InternetExplorer Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -1005,7 +1005,12 @@ Note. It's recommended to configure template policy settings in one Group Policy
 <!-- AllowLegacyURLFields-OmaUri-End -->
 
 <!-- AllowLegacyURLFields-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting allows the use of some disabled functionality, such as WorkingDirectory field or pluggable protocol handling, in Internet Shortcut files.
+
+If you enable this policy, disabled functionality for Internet Shortcut files will be re-enabled.
+
+If you disable, or don't configure this policy, some functionality for Internet Shortcut files, such as WorkingDirectory field or pluggable protocol handling, will be disabled.
 <!-- AllowLegacyURLFields-Description-End -->
 
 <!-- AllowLegacyURLFields-Editable-Begin -->
@@ -1022,7 +1027,6 @@ Note. It's recommended to configure template policy settings in one Group Policy
 <!-- AllowLegacyURLFields-DFProperties-End -->
 
 <!-- AllowLegacyURLFields-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -1030,6 +1034,11 @@ Note. It's recommended to configure template policy settings in one Group Policy
 | Name | Value |
 |:--|:--|
 | Name | AllowLegacyURLFields |
+| Friendly Name | Allow legacy functionality for Internet Shortcut files |
+| Location | Computer and User Configuration |
+| Path | Windows Components > Internet Explorer |
+| Registry Key Name | Software\Policies\Microsoft\Internet Explorer\Main |
+| Registry Value Name | AllowLegacyURLFields |
 | ADMX File Name | inetres.admx |
 <!-- AllowLegacyURLFields-AdmxBacked-End -->
 
@@ -7923,13 +7932,11 @@ This policy setting allows you to manage the opening of windows and frames and a
 
 <!-- JScriptReplacement-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting specifies whether JScript or JScript9Legacy is loaded for MSHTML/WebOC/MSXML/Cscript based invocations.
+This policy setting specifies whether JScript or JScript9Legacy is loaded.
 
-- If you enable this policy setting, JScript9Legacy will be loaded in situations where JScript is instantiated.
+- If you enable this policy setting or not configured, JScript9Legacy will be loaded in situations where JScript is instantiated.
 
 - If you disable this policy, then JScript will be utilized.
-
-- If this policy is left unconfigured, then MSHTML will use JScript9Legacy and MSXML/Cscript will use JScript.
 <!-- JScriptReplacement-Description-End -->
 
 <!-- JScriptReplacement-Editable-Begin -->
@@ -7953,7 +7960,7 @@ This policy setting specifies whether JScript or JScript9Legacy is loaded for MS
 | Name | Value |
 |:--|:--|
 | Name | JScriptReplacement |
-| Friendly Name | Replace JScript by loading JScript9Legacy in place of JScript via MSHTML/WebOC. |
+| Friendly Name | Replace JScript by loading JScript9Legacy in place of JScript. |
 | Location | Computer and User Configuration |
 | Path | Windows Components > Internet Explorer |
 | Registry Key Name | Software\Policies\Microsoft\Internet Explorer\Main |
@@ -13407,7 +13414,7 @@ If you enable this policy, the zoom of an HTML dialog in Internet Explorer mode
 
 If you disable, or don't configure this policy, the zoom of an HTML dialog in Internet Explorer mode will be set based on the zoom of it's parent page.
 
-For more information, see <https://go.microsoft.com/fwlink/?linkid=2102115>
+For more information, see <https://go.microsoft.com/fwlink/?linkid=2220107>
 <!-- ResetZoomForDialogInIEMode-Description-End -->
 
 <!-- ResetZoomForDialogInIEMode-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-lanmanworkstation.md b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
index b3e44fe44d..b80bf2d206 100644
--- a/windows/client-management/mdm/policy-csp-lanmanworkstation.md
+++ b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
@@ -1,7 +1,7 @@
 ---
 title: LanmanWorkstation Policy CSP
 description: Learn more about the LanmanWorkstation Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -36,6 +36,8 @@ This policy setting determines if the SMB client will allow insecure guest logon
 
 - If you disable this policy setting, the SMB client will reject insecure guest logons.
 
+If you enable signing, the SMB client will reject insecure guest logons.
+
 Insecure guest logons are used by file servers to allow unauthenticated access to shared folders. While uncommon in an enterprise environment, insecure guest logons are frequently used by consumer Network Attached Storage (NAS) appliances acting as file servers. Windows file servers require authentication and don't use insecure guest logons by default. Since insecure guest logons are unauthenticated, important security features such as SMB Signing and SMB Encryption are disabled. As a result, clients that allow insecure guest logons are vulnerable to a variety of man-in-the-middle attacks that can result in data loss, data corruption, and exposure to malware. Additionally, any data written to a file server using an insecure guest logon is potentially accessible to anyone on the network. Microsoft recommends disabling insecure guest logons and configuring file servers to require authenticated access".
 <!-- EnableInsecureGuestLogons-Description-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 8caa34c334..031f151e0e 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -1,7 +1,7 @@
 ---
 title: LocalPoliciesSecurityOptions Policy CSP
 description: Learn more about the LocalPoliciesSecurityOptions Area in Policy CSP.
-ms.date: 09/11/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -360,7 +360,7 @@ Accounts: Rename guest account This security setting determines whether a differ
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-Applicability-End -->
 
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-OmaUri-Begin -->
@@ -404,7 +404,7 @@ Audit: Audit the use of Backup and Restore privilege This security setting deter
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-Applicability-End -->
 
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-OmaUri-Begin -->
@@ -445,7 +445,7 @@ Audit: Force audit policy subcategory settings (Windows Vista or later) to overr
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-Applicability-End -->
 
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-OmaUri-Begin -->
@@ -718,7 +718,7 @@ Devices: Restrict CD-ROM access to locally logged-on user only This security set
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-Applicability-End -->
 
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-OmaUri-Begin -->
@@ -771,7 +771,7 @@ Devices: Restrict floppy access to locally logged-on user only This security set
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-Applicability-End -->
 
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-OmaUri-Begin -->
@@ -825,7 +825,7 @@ Domain member: Digitally encrypt or sign secure channel data (always) This secur
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-Applicability-End -->
 
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-OmaUri-Begin -->
@@ -878,7 +878,7 @@ Domain member: Digitally encrypt secure channel data (when possible) This securi
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-Applicability-End -->
 
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-OmaUri-Begin -->
@@ -928,7 +928,7 @@ Domain member: Digitally sign secure channel data (when possible) This security
 <!-- DomainMember_DisableMachineAccountPasswordChanges-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DisableMachineAccountPasswordChanges-Applicability-End -->
 
 <!-- DomainMember_DisableMachineAccountPasswordChanges-OmaUri-Begin -->
@@ -982,7 +982,7 @@ Domain member: Disable machine account password changes Determines whether a dom
 <!-- DomainMember_MaximumMachineAccountPasswordAge-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_MaximumMachineAccountPasswordAge-Applicability-End -->
 
 <!-- DomainMember_MaximumMachineAccountPasswordAge-OmaUri-Begin -->
@@ -1035,7 +1035,7 @@ Domain member: Maximum machine account password age This security setting determ
 <!-- DomainMember_RequireStrongSessionKey-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_RequireStrongSessionKey-Applicability-End -->
 
 <!-- DomainMember_RequireStrongSessionKey-OmaUri-Begin -->
@@ -1335,7 +1335,7 @@ Interactive logon: Don't require CTRL+ALT+DEL This security setting determines w
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-Applicability-End -->
 
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-OmaUri-Begin -->
@@ -1454,6 +1454,8 @@ Interactive logon: Message text for users attempting to log on This security set
 
 <!-- InteractiveLogon_MessageTextForUsersAttemptingToLogOn-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+> [!IMPORTANT]
+> Windows Autopilot pre-provisioning doesn't work when this policy setting is enabled. For more information, see [Windows Autopilot troubleshooting FAQ](/autopilot/troubleshooting-faq#troubleshooting-policy-conflicts-with-windows-autopilot).
 <!-- InteractiveLogon_MessageTextForUsersAttemptingToLogOn-Editable-End -->
 
 <!-- InteractiveLogon_MessageTextForUsersAttemptingToLogOn-DFProperties-Begin -->
@@ -1503,6 +1505,8 @@ Interactive logon: Message title for users attempting to log on This security se
 
 <!-- InteractiveLogon_MessageTitleForUsersAttemptingToLogOn-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+> [!IMPORTANT]
+> Windows Autopilot pre-provisioning doesn't work when this policy setting is enabled. For more information, see [Windows Autopilot troubleshooting FAQ](/autopilot/troubleshooting-faq#troubleshooting-policy-conflicts-with-windows-autopilot).
 <!-- InteractiveLogon_MessageTitleForUsersAttemptingToLogOn-Editable-End -->
 
 <!-- InteractiveLogon_MessageTitleForUsersAttemptingToLogOn-DFProperties-Begin -->
@@ -1535,7 +1539,7 @@ Interactive logon: Message title for users attempting to log on This security se
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-Applicability-End -->
 
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-OmaUri-Begin -->
@@ -1575,7 +1579,7 @@ Interactive logon: Number of previous logons to cache (in case domain controller
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-Applicability-End -->
 
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-OmaUri-Begin -->
@@ -1864,7 +1868,7 @@ Microsoft network client: Send unencrypted password to connect to third-party SM
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-OmaUri-Begin -->
@@ -2047,7 +2051,7 @@ Microsoft network server: Digitally sign communications (if client agrees) This
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-OmaUri-Begin -->
@@ -2090,7 +2094,7 @@ Microsoft network server: Disconnect clients when logon hours expire This securi
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-OmaUri-Begin -->
@@ -2131,7 +2135,7 @@ Microsoft network server: Server SPN target name validation level This policy se
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-Applicability-End -->
 
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-OmaUri-Begin -->
@@ -2312,7 +2316,7 @@ Network access: Don't allow anonymous enumeration of SAM accounts and shares Thi
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-Applicability-End -->
 
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-OmaUri-Begin -->
@@ -2360,7 +2364,7 @@ Network access: Don't allow storage of passwords and credentials for network aut
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-Applicability-End -->
 
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-OmaUri-Begin -->
@@ -2412,7 +2416,7 @@ Network access: Let Everyone permissions apply to anonymous users This security
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-Applicability-End -->
 
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-OmaUri-Begin -->
@@ -2452,7 +2456,7 @@ Network access: Named pipes that can be accessed anonymously This security setti
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-Applicability-End -->
 
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-OmaUri-Begin -->
@@ -2495,7 +2499,7 @@ Network access: Remotely accessible registry paths This security setting determi
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-Applicability-End -->
 
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-OmaUri-Begin -->
@@ -2644,7 +2648,7 @@ Network access: Restrict clients allowed to make remote calls to SAM This policy
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-Applicability-End -->
 
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-OmaUri-Begin -->
@@ -2684,7 +2688,7 @@ Network access: Shares that can be accessed anonymously This security setting de
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-Applicability-End -->
 
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-OmaUri-Begin -->
@@ -2728,7 +2732,7 @@ Network access: Sharing and security model for local accounts This security sett
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-Applicability-End -->
 
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-OmaUri-Begin -->
@@ -2958,7 +2962,7 @@ Network security: Don't store LAN Manager hash value on next password change Thi
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-Applicability-End -->
 
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-OmaUri-Begin -->
@@ -3083,7 +3087,7 @@ Network security LAN Manager authentication level This security setting determin
 <!-- NetworkSecurity_LDAPClientSigningRequirements-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_LDAPClientSigningRequirements-Applicability-End -->
 
 <!-- NetworkSecurity_LDAPClientSigningRequirements-OmaUri-Begin -->
@@ -3489,7 +3493,7 @@ Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers This po
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-Applicability-End -->
 
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-OmaUri-Begin -->
@@ -3539,7 +3543,7 @@ Recovery console: Allow automatic administrative logon This security setting det
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-Applicability-End -->
 
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-OmaUri-Begin -->
@@ -3696,7 +3700,7 @@ Shutdown: Clear virtual memory pagefile This security setting determines whether
 <!-- SystemCryptography_ForceStrongKeyProtection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemCryptography_ForceStrongKeyProtection-Applicability-End -->
 
 <!-- SystemCryptography_ForceStrongKeyProtection-OmaUri-Begin -->
@@ -3737,7 +3741,7 @@ System Cryptography: Force strong key protection for user keys stored on the com
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-Applicability-End -->
 
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-OmaUri-Begin -->
@@ -3787,7 +3791,7 @@ System objects: Require case insensitivity for non-Windows subsystems This secur
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-Applicability-End -->
 
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-lsa.md b/windows/client-management/mdm/policy-csp-lsa.md
index d4773d4c5d..d29d14edd8 100644
--- a/windows/client-management/mdm/policy-csp-lsa.md
+++ b/windows/client-management/mdm/policy-csp-lsa.md
@@ -1,7 +1,7 @@
 ---
 title: LocalSecurityAuthority Policy CSP
 description: Learn more about the LocalSecurityAuthority Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -93,7 +93,7 @@ This policy controls the configuration under which LSASS loads custom SSPs and A
 <!-- Description-Source-ADMX -->
 This policy controls the configuration under which LSASS is run.
 
-- If you don't configure this policy and there is no current setting in the registry, LSA will run as protected process for clean installed, HVCI capable, client SKUs that are domain or cloud domain joined devices. This configuration isn't UEFI locked. This can be overridden if the policy is configured.
+- If you don't configure this policy and there is no current setting in the registry, LSA will run as protected process for all clean installed, HVCI capable, client SKUs. This configuration isn't UEFI locked. This can be overridden if the policy is configured.
 
 - If you configure and set this policy setting to "Disabled", LSA won't run as a protected process.
 
@@ -135,7 +135,7 @@ This policy controls the configuration under which LSASS is run.
 | Friendly Name | Configures LSASS to run as a protected process |
 | Location | Computer Configuration |
 | Path | System > Local Security Authority |
-| Registry Key Name | System\CurrentControlSet\Control\Lsa |
+| Registry Key Name | Software\Policies\Microsoft\Windows\System |
 | ADMX File Name | LocalSecurityAuthority.admx |
 <!-- ConfigureLsaProtectedProcess-GpMapping-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-mssecurityguide.md b/windows/client-management/mdm/policy-csp-mssecurityguide.md
index da47e000cd..75b88b507b 100644
--- a/windows/client-management/mdm/policy-csp-mssecurityguide.md
+++ b/windows/client-management/mdm/policy-csp-mssecurityguide.md
@@ -1,7 +1,7 @@
 ---
 title: MSSecurityGuide Policy CSP
 description: Learn more about the MSSecurityGuide Area in Policy CSP.
-ms.date: 01/31/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,8 +11,6 @@ ms.date: 01/31/2024
 
 [!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- MSSecurityGuide-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- MSSecurityGuide-Editable-End -->
@@ -223,7 +221,7 @@ ms.date: 01/31/2024
 <!-- NetBTNodeTypeConfiguration-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetBTNodeTypeConfiguration-Applicability-End -->
 
 <!-- NetBTNodeTypeConfiguration-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-networklistmanager.md b/windows/client-management/mdm/policy-csp-networklistmanager.md
index 5864c486c1..a8158e010d 100644
--- a/windows/client-management/mdm/policy-csp-networklistmanager.md
+++ b/windows/client-management/mdm/policy-csp-networklistmanager.md
@@ -1,7 +1,7 @@
 ---
 title: NetworkListManager Policy CSP
 description: Learn more about the NetworkListManager Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 08/06/2024
 <!-- NetworkListManager-Begin -->
 # Policy CSP - NetworkListManager
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- NetworkListManager-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- NetworkListManager-Editable-End -->
@@ -21,7 +19,7 @@ ms.date: 08/06/2024
 <!-- AllNetworks_NetworkIcon-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkIcon-Applicability-End -->
 
 <!-- AllNetworks_NetworkIcon-OmaUri-Begin -->
@@ -70,7 +68,7 @@ This policy setting allows you to specify whether users can change the network i
 <!-- AllNetworks_NetworkLocation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkLocation-Applicability-End -->
 
 <!-- AllNetworks_NetworkLocation-OmaUri-Begin -->
@@ -119,7 +117,7 @@ This policy setting allows you to specify whether users can change the network l
 <!-- AllNetworks_NetworkName-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkName-Applicability-End -->
 
 <!-- AllNetworks_NetworkName-OmaUri-Begin -->
@@ -262,7 +260,7 @@ This policy setting provides the string that names a network. If this setting is
 <!-- IdentifyingNetworks_LocationType-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- IdentifyingNetworks_LocationType-Applicability-End -->
 
 <!-- IdentifyingNetworks_LocationType-OmaUri-Begin -->
@@ -311,7 +309,7 @@ This policy setting allows you to configure the Network Location for networks th
 <!-- UnidentifiedNetworks_LocationType-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- UnidentifiedNetworks_LocationType-Applicability-End -->
 
 <!-- UnidentifiedNetworks_LocationType-OmaUri-Begin -->
@@ -360,7 +358,7 @@ This policy setting allows you to configure the Network Location type for networ
 <!-- UnidentifiedNetworks_UserPermissions-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ❌ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- UnidentifiedNetworks_UserPermissions-Applicability-End -->
 
 <!-- UnidentifiedNetworks_UserPermissions-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-notifications.md b/windows/client-management/mdm/policy-csp-notifications.md
index 65d5cb42bc..8c03b26633 100644
--- a/windows/client-management/mdm/policy-csp-notifications.md
+++ b/windows/client-management/mdm/policy-csp-notifications.md
@@ -1,7 +1,7 @@
 ---
 title: Notifications Policy CSP
 description: Learn more about the Notifications Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/18/2024
 <!-- Notifications-Begin -->
 # Policy CSP - Notifications
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Notifications-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Notifications-Editable-End -->
@@ -21,7 +19,7 @@ ms.date: 01/18/2024
 <!-- DisableAccountNotifications-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisableAccountNotifications-Applicability-End -->
 
 <!-- DisableAccountNotifications-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-printers.md b/windows/client-management/mdm/policy-csp-printers.md
index fa423988bf..098733446d 100644
--- a/windows/client-management/mdm/policy-csp-printers.md
+++ b/windows/client-management/mdm/policy-csp-printers.md
@@ -1,7 +1,7 @@
 ---
 title: Printers Policy CSP
 description: Learn more about the Printers Area in Policy CSP.
-ms.date: 01/31/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -369,7 +369,7 @@ Determines whether Redirection Guard is enabled for the print spooler.
 
 You can enable this setting to configure the Redirection Guard policy being applied to spooler.
 
-- If you disable or don't configure this policy setting, Redirection Guard will default to being 'enabled'.
+- If you disable or don't configure this policy setting, Redirection Guard will default to being 'Enabled'.
 
 - If you enable this setting you may select the following options:
 
@@ -435,7 +435,12 @@ The following are the supported values:
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-OmaUri-End -->
 
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting controls whether packet level privacy is enabled for RPC for incoming connections.
+
+By default packet level privacy is enabled for RPC for incoming connections.
+
+If you enable or don't configure this policy setting, packet level privacy is enabled for RPC for incoming connections.
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-Description-End -->
 
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-Editable-Begin -->
@@ -452,7 +457,6 @@ The following are the supported values:
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-DFProperties-End -->
 
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -460,6 +464,11 @@ The following are the supported values:
 | Name | Value |
 |:--|:--|
 | Name | ConfigureRpcAuthnLevelPrivacyEnabled |
+| Friendly Name | Configure RPC packet level privacy setting for incoming connections |
+| Location | Computer Configuration |
+| Path | Printers |
+| Registry Key Name | System\CurrentControlSet\Control\Print |
+| Registry Value Name | RpcAuthnLevelPrivacyEnabled |
 | ADMX File Name | Printing.admx |
 <!-- ConfigureRpcAuthnLevelPrivacyEnabled-AdmxBacked-End -->
 
@@ -685,7 +694,16 @@ If you disable or don't configure this policy setting, dynamic TCP ports are use
 <!-- ConfigureWindowsProtectedPrint-OmaUri-End -->
 
 <!-- ConfigureWindowsProtectedPrint-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+Determines whether Windows protected print is enabled on this computer.
+
+By default, Windows protected print isn't enabled and there aren't any restrictions on the print drivers that can be installed or print functionality.
+
+- If you enable this setting, the computer will operate in Windows protected print mode which only allows printing to printers that support a subset of inbox Windows print drivers.
+
+- If you disable this setting or don't configure it, there aren't any restrictions on the print drivers that can be installed or print functionality.
+
+For more information, please see [insert link to web page with WPP info]
 <!-- ConfigureWindowsProtectedPrint-Description-End -->
 
 <!-- ConfigureWindowsProtectedPrint-Editable-Begin -->
@@ -702,7 +720,6 @@ If you disable or don't configure this policy setting, dynamic TCP ports are use
 <!-- ConfigureWindowsProtectedPrint-DFProperties-End -->
 
 <!-- ConfigureWindowsProtectedPrint-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -710,6 +727,11 @@ If you disable or don't configure this policy setting, dynamic TCP ports are use
 | Name | Value |
 |:--|:--|
 | Name | ConfigureWindowsProtectedPrint |
+| Friendly Name | Configure Windows protected print |
+| Location | Computer Configuration |
+| Path | Printers |
+| Registry Key Name | Software\Policies\Microsoft\Windows NT\Printers\WPP |
+| Registry Value Name | WindowsProtectedPrintGroupPolicyState |
 | ADMX File Name | Printing.admx |
 <!-- ConfigureWindowsProtectedPrint-AdmxBacked-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md
index 895ee8c286..35949bfb98 100644
--- a/windows/client-management/mdm/policy-csp-privacy.md
+++ b/windows/client-management/mdm/policy-csp-privacy.md
@@ -1,7 +1,7 @@
 ---
 title: Privacy Policy CSP
 description: Learn more about the Privacy Area in Policy CSP.
-ms.date: 09/11/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -2398,207 +2398,6 @@ List of semi-colon delimited Package Family Names of Windows Store Apps. The use
 
 <!-- LetAppsAccessGazeInput_UserInControlOfTheseApps-End -->
 
-<!-- LetAppsAccessGenerativeAI-Begin -->
-## LetAppsAccessGenerativeAI
-
-<!-- LetAppsAccessGenerativeAI-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 21H2 [10.0.22000] and later |
-<!-- LetAppsAccessGenerativeAI-Applicability-End -->
-
-<!-- LetAppsAccessGenerativeAI-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessGenerativeAI
-```
-<!-- LetAppsAccessGenerativeAI-OmaUri-End -->
-
-<!-- LetAppsAccessGenerativeAI-Description-Begin -->
-<!-- Description-Source-DDF -->
-This policy setting specifies whether Windows apps can use generative AI features of Windows.
-<!-- LetAppsAccessGenerativeAI-Description-End -->
-
-<!-- LetAppsAccessGenerativeAI-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI-Editable-End -->
-
-<!-- LetAppsAccessGenerativeAI-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `int` |
-| Access Type | Add, Delete, Get, Replace |
-| Allowed Values | Range: `[0-2]` |
-| Default Value  | 0 |
-<!-- LetAppsAccessGenerativeAI-DFProperties-End -->
-
-<!-- LetAppsAccessGenerativeAI-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | LetAppsAccessGenerativeAI |
-| Path | AppPrivacy > AT > WindowsComponents > AppPrivacy |
-| Element Name | LetAppsAccessGenerativeAI_Enum |
-<!-- LetAppsAccessGenerativeAI-GpMapping-End -->
-
-<!-- LetAppsAccessGenerativeAI-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI-Examples-End -->
-
-<!-- LetAppsAccessGenerativeAI-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Begin -->
-## LetAppsAccessGenerativeAI_ForceAllowTheseApps
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 21H2 [10.0.22000] and later |
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Applicability-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessGenerativeAI_ForceAllowTheseApps
-```
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-OmaUri-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Description-Begin -->
-<!-- Description-Source-DDF -->
-List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed to use generative AI features of Windows. This setting overrides the default LetAppsAccessGenerativeAI policy setting for the specified apps.
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Description-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Editable-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `chr` (string) |
-| Access Type | Add, Delete, Get, Replace |
-| Allowed Values | List (Delimiter: `;`) |
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-DFProperties-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | LetAppsAccessGenerativeAI |
-| Path | AppPrivacy > AT > WindowsComponents > AppPrivacy |
-| Element Name | LetAppsAccessGenerativeAI_ForceAllowTheseApps_List |
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-GpMapping-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-Examples-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceAllowTheseApps-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Begin -->
-## LetAppsAccessGenerativeAI_ForceDenyTheseApps
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 21H2 [10.0.22000] and later |
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Applicability-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessGenerativeAI_ForceDenyTheseApps
-```
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-OmaUri-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Description-Begin -->
-<!-- Description-Source-DDF -->
-List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied the use generative AI features of Windows. This setting overrides the default LetAppsAccessGenerativeAI policy setting for the specified apps.
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Description-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Editable-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `chr` (string) |
-| Access Type | Add, Delete, Get, Replace |
-| Allowed Values | List (Delimiter: `;`) |
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-DFProperties-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | LetAppsAccessGenerativeAI |
-| Path | AppPrivacy > AT > WindowsComponents > AppPrivacy |
-| Element Name | LetAppsAccessGenerativeAI_ForceDenyTheseApps_List |
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-GpMapping-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-Examples-End -->
-
-<!-- LetAppsAccessGenerativeAI_ForceDenyTheseApps-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Begin -->
-## LetAppsAccessGenerativeAI_UserInControlOfTheseApps
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 21H2 [10.0.22000] and later |
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Applicability-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Privacy/LetAppsAccessGenerativeAI_UserInControlOfTheseApps
-```
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-OmaUri-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Description-Begin -->
-<!-- Description-Source-DDF -->
-List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the generative AI setting for the listed apps. This setting overrides the default LetAppsAccessGenerativeAI policy setting for the specified apps.
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Description-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Editable-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `chr` (string) |
-| Access Type | Add, Delete, Get, Replace |
-| Allowed Values | List (Delimiter: `;`) |
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-DFProperties-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | LetAppsAccessGenerativeAI |
-| Path | AppPrivacy > AT > WindowsComponents > AppPrivacy |
-| Element Name | LetAppsAccessGenerativeAI_UserInControlOfTheseApps_List |
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-GpMapping-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-Examples-End -->
-
-<!-- LetAppsAccessGenerativeAI_UserInControlOfTheseApps-End -->
-
 <!-- LetAppsAccessGraphicsCaptureProgrammatic-Begin -->
 ## LetAppsAccessGraphicsCaptureProgrammatic
 
diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
index 68895bc0f7..70acc4ac5e 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@@ -1,7 +1,7 @@
 ---
 title: RemoteDesktopServices Policy CSP
 description: Learn more about the RemoteDesktopServices Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -156,7 +156,7 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockLegacyAuthn-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisconnectOnLockLegacyAuthn-Applicability-End -->
 
 <!-- DisconnectOnLockLegacyAuthn-OmaUri-Begin -->
@@ -166,7 +166,14 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockLegacyAuthn-OmaUri-End -->
 
 <!-- DisconnectOnLockLegacyAuthn-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting allows you to configure the user experience when the Remote Desktop session is locked by the user or by a policy. You can specify whether the remote session will show the remote lock screen or disconnect when the remote session is locked. Disconnecting the remote session ensures that a remote session can't be left on the lock screen and can't reconnect automatically due to loss of network connectivity.
+
+This policy applies only when using legacy authentication to authenticate to the remote PC. Legacy authentication is limited to username and password, or certificates like smartcards. Legacy authentication doesn't leverage the Microsoft identity platform, such as Microsoft Entra ID. Legacy authentication includes the NTLM, CredSSP, RDSTLS, TLS, and RDP basic authentication protocols.
+
+- If you enable this policy setting, Remote Desktop connections using legacy authentication will disconnect the remote session when the remote session is locked. Users can reconnect when they're ready and re-enter their credentials when prompted.
+
+- If you disable or don't configure this policy setting, Remote Desktop connections using legacy authentication will show the remote lock screen when the remote session is locked. Users can unlock the remote session using their username and password, or certificates.
 <!-- DisconnectOnLockLegacyAuthn-Description-End -->
 
 <!-- DisconnectOnLockLegacyAuthn-Editable-Begin -->
@@ -183,7 +190,6 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockLegacyAuthn-DFProperties-End -->
 
 <!-- DisconnectOnLockLegacyAuthn-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -191,7 +197,12 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 | Name | Value |
 |:--|:--|
 | Name | TS_DISCONNECT_ON_LOCK_POLICY |
-| ADMX File Name | terminalserver.admx |
+| Friendly Name |  Disconnect remote session on lock for legacy authentication |
+| Location | Computer Configuration |
+| Path | Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services |
+| Registry Value Name | fDisconnectOnLockLegacy |
+| ADMX File Name | TerminalServer.admx |
 <!-- DisconnectOnLockLegacyAuthn-AdmxBacked-End -->
 
 <!-- DisconnectOnLockLegacyAuthn-Examples-Begin -->
@@ -206,7 +217,7 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Applicability-End -->
 
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-OmaUri-Begin -->
@@ -216,7 +227,14 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-OmaUri-End -->
 
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting allows you to configure the user experience when the Remote Desktop session is locked by the user or by a policy. You can specify whether the remote session will show the remote lock screen or disconnect when the remote session is locked. Disconnecting the remote session ensures that a remote session can't be left on the lock screen and can't reconnect automatically due to loss of network connectivity.
+
+This policy applies only when using an identity provider that uses the Microsoft identity platform, such as Microsoft Entra ID, to authenticate to the remote PC. This policy doesn't apply when using Legacy authentication which includes the NTLM, CredSSP, RDSTLS, TLS, and RDP basic authentication protocols.
+
+- If you enable or don't configure this policy setting, Remote Desktop connections using the Microsoft identity platform will disconnect the remote session when the remote session is locked. Users can reconnect when they're ready and can use passwordless authentication if configured.
+
+- If you disable this policy setting, Remote Desktop connections using the Microsoft identity platform will show the remote lock screen when the remote session is locked. Users can unlock the remote session using their username and password, or certificates.
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Description-End -->
 
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Editable-Begin -->
@@ -233,7 +251,6 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-DFProperties-End -->
 
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -241,7 +258,12 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 | Name | Value |
 |:--|:--|
 | Name | TS_DISCONNECT_ON_LOCK_AAD_POLICY |
-| ADMX File Name | terminalserver.admx |
+| Friendly Name | Disconnect remote session on lock for Microsoft identity platform authentication |
+| Location | Computer Configuration |
+| Path | Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services |
+| Registry Value Name | fDisconnectOnLockMicrosoftIdentity |
+| ADMX File Name | TerminalServer.admx |
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-AdmxBacked-End -->
 
 <!-- DisconnectOnLockMicrosoftIdentityAuthn-Examples-Begin -->
@@ -439,7 +461,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitClientToServerClipboardRedirection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2523] and later <br> ✅ [10.0.25398.946] and later <br> ✅ Windows 11, version 21H2 [10.0.22000.3014] and later <br> ✅ Windows 11, version 22H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22621.3672] and later <br> ✅ Windows 11, version 23H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22631.3672] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2523] and later <br> ✅ [10.0.25398.946] and later <br> ✅ Windows 11, version 21H2 [10.0.22000.3014] and later <br> ✅ Windows 11, version 22H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22621.3672] and later <br> ✅ Windows 11, version 23H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22631.3672] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LimitClientToServerClipboardRedirection-Applicability-End -->
 
 <!-- LimitClientToServerClipboardRedirection-OmaUri-Begin -->
@@ -453,7 +475,25 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitClientToServerClipboardRedirection-OmaUri-End -->
 
 <!-- LimitClientToServerClipboardRedirection-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting allows you to restrict clipboard data transfers from client to server.
+
+- If you enable this policy setting, you must choose from the following behaviors:
+
+- Disable clipboard transfers from client to server.
+
+- Allow plain text copying from client to server.
+
+- Allow plain text and images copying from client to server.
+
+- Allow plain text, images and Rich Text Format copying from client to server.
+
+- Allow plain text, images, Rich Text Format and HTML copying from client to server.
+
+- If you disable or don't configure this policy setting, users can copy arbitrary contents from client to server if clipboard redirection is enabled.
+
+> [!NOTE]
+> This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured, the stricter restriction will be used.
 <!-- LimitClientToServerClipboardRedirection-Description-End -->
 
 <!-- LimitClientToServerClipboardRedirection-Editable-Begin -->
@@ -470,7 +510,6 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitClientToServerClipboardRedirection-DFProperties-End -->
 
 <!-- LimitClientToServerClipboardRedirection-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -478,7 +517,11 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 | Name | Value |
 |:--|:--|
 | Name | TS_CLIENT_CLIPBOARDRESTRICTION_CS |
-| ADMX File Name | terminalserver.admx |
+| Friendly Name | Restrict clipboard transfer from client to server |
+| Location | Computer and User Configuration |
+| Path | Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services |
+| ADMX File Name | TerminalServer.admx |
 <!-- LimitClientToServerClipboardRedirection-AdmxBacked-End -->
 
 <!-- LimitClientToServerClipboardRedirection-Examples-Begin -->
@@ -493,7 +536,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitServerToClientClipboardRedirection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2523] and later <br> ✅ [10.0.25398.946] and later <br> ✅ Windows 11, version 21H2 [10.0.22000.3014] and later <br> ✅ Windows 11, version 22H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22621.3672] and later <br> ✅ Windows 11, version 23H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22631.3672] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2523] and later <br> ✅ [10.0.25398.946] and later <br> ✅ Windows 11, version 21H2 [10.0.22000.3014] and later <br> ✅ Windows 11, version 22H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22621.3672] and later <br> ✅ Windows 11, version 23H2 with [KB5037853](https://support.microsoft.com/help/5037853) [10.0.22631.3672] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LimitServerToClientClipboardRedirection-Applicability-End -->
 
 <!-- LimitServerToClientClipboardRedirection-OmaUri-Begin -->
@@ -507,7 +550,25 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitServerToClientClipboardRedirection-OmaUri-End -->
 
 <!-- LimitServerToClientClipboardRedirection-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting allows you to restrict clipboard data transfers from server to client.
+
+- If you enable this policy setting, you must choose from the following behaviors:
+
+- Disable clipboard transfers from server to client.
+
+- Allow plain text copying from server to client.
+
+- Allow plain text and images copying from server to client.
+
+- Allow plain text, images and Rich Text Format copying from server to client.
+
+- Allow plain text, images, Rich Text Format and HTML copying from server to client.
+
+- If you disable or don't configure this policy setting, users can copy arbitrary contents from server to client if clipboard redirection is enabled.
+
+> [!NOTE]
+> This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured, the stricter restriction will be used.
 <!-- LimitServerToClientClipboardRedirection-Description-End -->
 
 <!-- LimitServerToClientClipboardRedirection-Editable-Begin -->
@@ -524,7 +585,6 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 <!-- LimitServerToClientClipboardRedirection-DFProperties-End -->
 
 <!-- LimitServerToClientClipboardRedirection-AdmxBacked-Begin -->
-<!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
 **ADMX mapping**:
@@ -532,7 +592,11 @@ By default, Remote Desktop allows redirection of WebAuthn requests.
 | Name | Value |
 |:--|:--|
 | Name | TS_CLIENT_CLIPBOARDRESTRICTION_SC |
-| ADMX File Name | terminalserver.admx |
+| Friendly Name | Restrict clipboard transfer from server to client |
+| Location | Computer and User Configuration |
+| Path | Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services |
+| ADMX File Name | TerminalServer.admx |
 <!-- LimitServerToClientClipboardRedirection-AdmxBacked-End -->
 
 <!-- LimitServerToClientClipboardRedirection-Examples-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index 005ef18357..fc7b78d250 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -1,7 +1,7 @@
 ---
 title: Search Policy CSP
 description: Learn more about the Search Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 08/06/2024
 <!-- Search-Begin -->
 # Policy CSP - Search
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Search-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Search-Editable-End -->
@@ -648,7 +646,7 @@ The most restrictive value is `0` to now allow automatic language detection.
 <!-- ConfigureSearchOnTaskbarMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSearchOnTaskbarMode-Applicability-End -->
 
 <!-- ConfigureSearchOnTaskbarMode-OmaUri-Begin -->
@@ -930,13 +928,13 @@ This policy setting configures whether or not locations on removable drives can
 
 <!-- DoNotUseWebResults-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy setting allows you to control whether or not Search can perform queries on the web, if web results are displayed in Search, and if search highlights are shown in the search box and in search home.
+This policy setting allows you to control whether or not Search can perform queries on the web, and if the web results are displayed in Search.
 
-- If you enable this policy setting, queries won't be performed on the web, web results won't be displayed when a user performs a query in Search, and search highlights won't be shown in the search box and in search home.
+- If you enable this policy setting, queries won't be performed on the web and web results won't be displayed when a user performs a query in Search.
 
-- If you disable this policy setting, queries will be performed on the web, web results will be displayed when a user performs a query in Search, and search highlights will be shown in the search box and in search home.
+- If you disable this policy setting, queries will be performed on the web and web results will be displayed when a user performs a query in Search.
 
-- If you don't configure this policy setting, a user can choose whether or not Search can perform queries on the web, and if the web results are displayed in Search, and if search highlights are shown in the search box and in search home.
+- If you don't configure this policy setting, a user can choose whether or not Search can perform queries on the web, and if the web results are displayed in Search.
 <!-- DoNotUseWebResults-Description-End -->
 
 <!-- DoNotUseWebResults-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-settingssync.md b/windows/client-management/mdm/policy-csp-settingssync.md
index 39e032a8b4..e8025d4898 100644
--- a/windows/client-management/mdm/policy-csp-settingssync.md
+++ b/windows/client-management/mdm/policy-csp-settingssync.md
@@ -1,7 +1,7 @@
 ---
 title: SettingsSync Policy CSP
 description: Learn more about the SettingsSync Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,8 +11,6 @@ ms.date: 01/18/2024
 
 [!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- SettingsSync-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- SettingsSync-Editable-End -->
@@ -23,7 +21,7 @@ ms.date: 01/18/2024
 <!-- DisableAccessibilitySettingSync-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisableAccessibilitySettingSync-Applicability-End -->
 
 <!-- DisableAccessibilitySettingSync-OmaUri-Begin -->
@@ -84,7 +82,7 @@ If you don't set or disable this setting, syncing of the "accessibility" group i
 <!-- DisableLanguageSettingSync-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisableLanguageSettingSync-Applicability-End -->
 
 <!-- DisableLanguageSettingSync-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-smartscreen.md b/windows/client-management/mdm/policy-csp-smartscreen.md
index 6e99e05ccb..166eacb4b4 100644
--- a/windows/client-management/mdm/policy-csp-smartscreen.md
+++ b/windows/client-management/mdm/policy-csp-smartscreen.md
@@ -1,7 +1,7 @@
 ---
 title: SmartScreen Policy CSP
 description: Learn more about the SmartScreen Area in Policy CSP.
-ms.date: 01/31/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -29,20 +29,11 @@ ms.date: 01/31/2024
 <!-- EnableAppInstallControl-OmaUri-End -->
 
 <!-- EnableAppInstallControl-Description-Begin -->
-<!-- Description-Source-ADMX -->
-App Install Control is a feature of Windows Defender SmartScreen that helps protect PCs by allowing users to install apps only from the Store. SmartScreen must be enabled for this feature to work properly.
+<!-- Description-Source-DDF-Forced -->
+Allows IT Admins to control whether users are allowed to install apps from places other than the Store.
 
-- If you enable this setting, you must choose from the following behaviors:
-
-- Turn off app recommendations.
-
-- Show me app recommendations.
-
-- Warn me before installing apps from outside the Store.
-
-- Allow apps from Store only.
-
-- If you disable or don't configure this setting, users will be able to install apps from anywhere, including files downloaded from the Internet.
+> [!NOTE]
+> This policy will block installation only while the device is online. To block offline installation too, SmartScreen/PreventOverrideForFilesInShell and SmartScreen/EnableSmartScreenInShell policies should also be enabled. This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.
 <!-- EnableAppInstallControl-Description-End -->
 
 <!-- EnableAppInstallControl-Editable-Begin -->
@@ -110,23 +101,8 @@ App Install Control is a feature of Windows Defender SmartScreen that helps prot
 <!-- EnableSmartScreenInShell-OmaUri-End -->
 
 <!-- EnableSmartScreenInShell-Description-Begin -->
-<!-- Description-Source-ADMX -->
-This policy allows you to turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that don't appear to be suspicious.
-
-Some information is sent to Microsoft about files and programs run on PCs with this feature enabled.
-
-- If you enable this policy, SmartScreen will be turned on for all users. Its behavior can be controlled by the following options:
-
-- Warn and prevent bypass
-- Warn.
-
-- If you enable this policy with the "Warn and prevent bypass" option, SmartScreen's dialogs won't present the user with the option to disregard the warning and run the app. SmartScreen will continue to show the warning on subsequent attempts to run the app.
-
-- If you enable this policy with the "Warn" option, SmartScreen's dialogs will warn the user that the app appears suspicious, but will permit the user to disregard the warning and run the app anyway. SmartScreen won't warn the user again for that app if the user tells SmartScreen to run the app.
-
-- If you disable this policy, SmartScreen will be turned off for all users. Users won't be warned if they try to run suspicious apps from the Internet.
-
-- If you don't configure this policy, SmartScreen will be enabled by default, but users may change their settings.
+<!-- Description-Source-DDF-Forced -->
+Allows IT Admins to configure SmartScreen for Windows.
 <!-- EnableSmartScreenInShell-Description-End -->
 
 <!-- EnableSmartScreenInShell-Editable-Begin -->
@@ -188,23 +164,8 @@ Some information is sent to Microsoft about files and programs run on PCs with t
 <!-- PreventOverrideForFilesInShell-OmaUri-End -->
 
 <!-- PreventOverrideForFilesInShell-Description-Begin -->
-<!-- Description-Source-ADMX -->
-This policy allows you to turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that don't appear to be suspicious.
-
-Some information is sent to Microsoft about files and programs run on PCs with this feature enabled.
-
-- If you enable this policy, SmartScreen will be turned on for all users. Its behavior can be controlled by the following options:
-
-- Warn and prevent bypass
-- Warn.
-
-- If you enable this policy with the "Warn and prevent bypass" option, SmartScreen's dialogs won't present the user with the option to disregard the warning and run the app. SmartScreen will continue to show the warning on subsequent attempts to run the app.
-
-- If you enable this policy with the "Warn" option, SmartScreen's dialogs will warn the user that the app appears suspicious, but will permit the user to disregard the warning and run the app anyway. SmartScreen won't warn the user again for that app if the user tells SmartScreen to run the app.
-
-- If you disable this policy, SmartScreen will be turned off for all users. Users won't be warned if they try to run suspicious apps from the Internet.
-
-- If you don't configure this policy, SmartScreen will be enabled by default, but users may change their settings.
+<!-- Description-Source-DDF-Forced -->
+Allows IT Admins to control whether users can ignore SmartScreen warnings and run malicious files.
 <!-- PreventOverrideForFilesInShell-Description-End -->
 
 <!-- PreventOverrideForFilesInShell-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-speakforme.md b/windows/client-management/mdm/policy-csp-speakforme.md
new file mode 100644
index 0000000000..b1be7a5fa4
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-speakforme.md
@@ -0,0 +1,79 @@
+---
+title: SpeakForMe Policy CSP
+description: Learn more about the SpeakForMe Area in Policy CSP.
+ms.date: 09/27/2024
+---
+
+<!-- Auto-Generated CSP Document -->
+
+<!-- SpeakForMe-Begin -->
+# Policy CSP - SpeakForMe
+
+<!-- SpeakForMe-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- SpeakForMe-Editable-End -->
+
+<!-- EnableSpeakForMe-Begin -->
+## EnableSpeakForMe
+
+<!-- EnableSpeakForMe-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+<!-- EnableSpeakForMe-Applicability-End -->
+
+<!-- EnableSpeakForMe-OmaUri-Begin -->
+```User
+./User/Vendor/MSFT/Policy/Config/SpeakForMe/EnableSpeakForMe
+```
+<!-- EnableSpeakForMe-OmaUri-End -->
+
+<!-- EnableSpeakForMe-Description-Begin -->
+<!-- Description-Source-DDF -->
+This policy setting controls whether to allow the creation of personal voices with SpeakForMe Accessibility Windows Application.
+
+- If you enable this policy setting, then user can create their personal voice models.
+
+- If you disable this policy setting, then user can't create their personal voice models with SpeakForMe.
+
+- If you don't configure this policy setting (default), then users can launch the training flow and create their personal voice model through SpeakForMe.
+<!-- EnableSpeakForMe-Description-End -->
+
+<!-- EnableSpeakForMe-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- EnableSpeakForMe-Editable-End -->
+
+<!-- EnableSpeakForMe-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `int` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- EnableSpeakForMe-DFProperties-End -->
+
+<!-- EnableSpeakForMe-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Not allowed. |
+| 1 (Default) | Allowed. |
+<!-- EnableSpeakForMe-AllowedValues-End -->
+
+<!-- EnableSpeakForMe-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- EnableSpeakForMe-Examples-End -->
+
+<!-- EnableSpeakForMe-End -->
+
+<!-- SpeakForMe-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- SpeakForMe-CspMoreInfo-End -->
+
+<!-- SpeakForMe-End -->
+
+## Related articles
+
+[Policy configuration service provider](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/policy-csp-sudo.md b/windows/client-management/mdm/policy-csp-sudo.md
index 09a4e3c938..dbcd21af22 100644
--- a/windows/client-management/mdm/policy-csp-sudo.md
+++ b/windows/client-management/mdm/policy-csp-sudo.md
@@ -1,7 +1,7 @@
 ---
 title: Sudo Policy CSP
 description: Learn more about the Sudo Area in Policy CSP.
-ms.date: 04/10/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 04/10/2024
 <!-- Sudo-Begin -->
 # Policy CSP - Sudo
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Sudo-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Sudo-Editable-End -->
@@ -21,7 +19,7 @@ ms.date: 04/10/2024
 <!-- EnableSudo-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ❌ Pro <br> ❌ Enterprise <br> ❌ Education <br> ❌ Windows SE <br> ❌ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ❌ Pro <br> ❌ Enterprise <br> ❌ Education <br> ❌ Windows SE <br> ❌ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- EnableSudo-Applicability-End -->
 
 <!-- EnableSudo-OmaUri-Begin -->
@@ -31,7 +29,20 @@ ms.date: 04/10/2024
 <!-- EnableSudo-OmaUri-End -->
 
 <!-- EnableSudo-Description-Begin -->
-<!-- Description-Source-Not-Found -->
+<!-- Description-Source-ADMX -->
+This policy setting controls use of the sudo.exe command line tool.
+
+- If you enable this policy setting, then you may set a maximum allowed mode to run sudo in. This restricts the ways in which users may interact with command-line applications run with sudo. You may pick one of the following modes to allow sudo to run in:
+
+"Disabled": sudo is entirely disabled on this machine. When the user tries to run sudo, sudo will print an error message and exit.
+
+"Force new window": When sudo launches a command line application, it will launch that app in a new console window.
+
+"Disable input": When sudo launches a command line application, it will launch the app in the current console window, but the user won't be able to type input to the command line app. The user may also choose to run sudo in "Force new window" mode.
+
+"Normal": When sudo launches a command line application, it will launch the app in the current console window. The user may also choose to run sudo in "Force new window" or "Disable input" mode.
+
+- If you disable this policy or don't configure it, the user will be able to run sudo.exe normally (after enabling the setting in the Settings app).
 <!-- EnableSudo-Description-End -->
 
 <!-- EnableSudo-Editable-Begin -->
@@ -65,7 +76,11 @@ ms.date: 04/10/2024
 | Name | Value |
 |:--|:--|
 | Name | EnableSudo |
-| Path | Sudo > AT > System |
+| Friendly Name | Configure the behavior of the sudo command |
+| Location | Computer Configuration |
+| Path | System |
+| Registry Key Name | Software\Policies\Microsoft\Windows\Sudo |
+| ADMX File Name | Sudo.admx |
 <!-- EnableSudo-GpMapping-End -->
 
 <!-- EnableSudo-Examples-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 57739476b7..1f4fbbaa1e 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -1,7 +1,7 @@
 ---
 title: System Policy CSP
 description: Learn more about the System Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -11,8 +11,6 @@ ms.date: 08/06/2024
 
 [!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- System-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- System-Editable-End -->
@@ -431,7 +429,7 @@ This policy setting determines whether Windows is allowed to download fonts and
 
 - If you enable this policy setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text.
 
-- If you disable this policy setting, Windows doesn't connect to an online font provider and only enumerates locally installed fonts.
+- If you disable this policy setting, Windows doesn't connect to an online font provider and only enumerates locally-installed fonts.
 
 - If you don't configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
 <!-- AllowFontProviders-Description-End -->
@@ -569,7 +567,7 @@ Specifies whether to allow app access to the Location service. Most restricted v
 This policy is deprecated and will only work on Windows 10 version 1809. Setting this policy will have no effect for other supported versions of Windows.
 This policy setting configures a Microsoft Entra joined device so that Microsoft is the processor of the Windows diagnostic data collected from the device, subject to the Product Terms at< https://go.microsoft.com/fwlink/?linkid=2185086>.
 For customers who enroll into the Microsoft Managed Desktop service, enabling this policy is required to allow Microsoft to process data for operational and analytic needs. See <https://go.microsoft.com/fwlink/?linkid=2184944> for more information.
-When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
+hen these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 This setting has no effect on devices unless they're properly enrolled in Microsoft Managed Desktop. If you disable this policy setting, devices may not appear in Microsoft Managed Desktop.
 <!-- AllowMicrosoftManagedDesktopProcessing-Description-End -->
 
@@ -888,7 +886,7 @@ To enable this behavior:
 
 When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 
-If you disable or don't configure this policy setting, devices enrolled to Windows Autopatch won't be able to take advantage of some deployment service features.
+If you disable or don't configure this policy setting, devices enrolled to the Windows Update for Business deployment service won't be able to take advantage of some deployment service features.
 <!-- AllowWUfBCloudProcessing-Description-End -->
 
 <!-- AllowWUfBCloudProcessing-Editable-Begin -->
@@ -1471,7 +1469,7 @@ This policy setting lets you prevent apps and features from working with files o
 
 * Users can't access OneDrive from the OneDrive app and file picker.
 
-* Windows Store apps can't access OneDrive using the WinRT API.
+* Packaged Microsoft Store apps can't access OneDrive using the WinRT API.
 
 * OneDrive doesn't appear in the navigation pane in File Explorer.
 
@@ -1739,7 +1737,7 @@ This policy setting controls whether Windows records attempts to connect with th
 
 <!-- FeedbackHubAlwaysSaveDiagnosticsLocally-Description-Begin -->
 <!-- Description-Source-DDF -->
-Diagnostic files created when feedback is filed in the Feedback Hub app will always be saved locally. If this policy isn't present or set to false, users will be presented with the option to save locally. The default is to not save locally.
+Diagnostic files created when a feedback is filed in the Feedback Hub app will always be saved locally. If this policy isn't present or set to false, users will be presented with the option to save locally. The default is to not save locally.
 <!-- FeedbackHubAlwaysSaveDiagnosticsLocally-Description-End -->
 
 <!-- FeedbackHubAlwaysSaveDiagnosticsLocally-Editable-Begin -->
@@ -1761,8 +1759,8 @@ Diagnostic files created when feedback is filed in the Feedback Hub app will alw
 
 | Value | Description |
 |:--|:--|
-| 0 (Default) | False. The Feedback Hub won't always save a local copy of diagnostics that may be created when feedback is submitted. The user will have the option to do so. |
-| 1 | True. The Feedback Hub should always save a local copy of diagnostics that may be created when feedback is submitted. |
+| 0 (Default) | False. The Feedback Hub won't always save a local copy of diagnostics that may be created when a feedback is submitted. The user will have the option to do so. |
+| 1 | True. The Feedback Hub should always save a local copy of diagnostics that may be created when a feedback is submitted. |
 <!-- FeedbackHubAlwaysSaveDiagnosticsLocally-AllowedValues-End -->
 
 <!-- FeedbackHubAlwaysSaveDiagnosticsLocally-Examples-Begin -->
@@ -1777,7 +1775,7 @@ Diagnostic files created when feedback is filed in the Feedback Hub app will alw
 <!-- HideUnsupportedHardwareNotifications-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- HideUnsupportedHardwareNotifications-Applicability-End -->
 
 <!-- HideUnsupportedHardwareNotifications-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-systemservices.md b/windows/client-management/mdm/policy-csp-systemservices.md
index 2d9c9595f5..10d548c65f 100644
--- a/windows/client-management/mdm/policy-csp-systemservices.md
+++ b/windows/client-management/mdm/policy-csp-systemservices.md
@@ -1,7 +1,7 @@
 ---
 title: SystemServices Policy CSP
 description: Learn more about the SystemServices Area in Policy CSP.
-ms.date: 04/10/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 04/10/2024
 <!-- SystemServices-Begin -->
 # Policy CSP - SystemServices
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- SystemServices-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- SystemServices-Editable-End -->
@@ -21,7 +19,7 @@ ms.date: 04/10/2024
 <!-- ConfigureComputerBrowserServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureComputerBrowserServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureComputerBrowserServiceStartupMode-OmaUri-Begin -->
@@ -171,7 +169,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureIISAdminServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureIISAdminServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureIISAdminServiceStartupMode-OmaUri-Begin -->
@@ -221,7 +219,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureInfraredMonitorServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureInfraredMonitorServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureInfraredMonitorServiceStartupMode-OmaUri-Begin -->
@@ -271,7 +269,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-OmaUri-Begin -->
@@ -321,7 +319,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureLxssManagerServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureLxssManagerServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureLxssManagerServiceStartupMode-OmaUri-Begin -->
@@ -371,7 +369,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureMicrosoftFTPServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureMicrosoftFTPServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureMicrosoftFTPServiceStartupMode-OmaUri-Begin -->
@@ -421,7 +419,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-OmaUri-Begin -->
@@ -471,7 +469,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-OmaUri-Begin -->
@@ -521,7 +519,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSimpleTCPIPServicesStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSimpleTCPIPServicesStartupMode-Applicability-End -->
 
 <!-- ConfigureSimpleTCPIPServicesStartupMode-OmaUri-Begin -->
@@ -571,7 +569,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-OmaUri-Begin -->
@@ -621,7 +619,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-OmaUri-Begin -->
@@ -671,7 +669,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-OmaUri-Begin -->
@@ -721,7 +719,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWebManagementServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWebManagementServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWebManagementServiceStartupMode-OmaUri-Begin -->
@@ -771,7 +769,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-OmaUri-Begin -->
@@ -821,7 +819,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-OmaUri-Begin -->
@@ -871,7 +869,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-tenantrestrictions.md b/windows/client-management/mdm/policy-csp-tenantrestrictions.md
index 484f4c88ad..536b1b741f 100644
--- a/windows/client-management/mdm/policy-csp-tenantrestrictions.md
+++ b/windows/client-management/mdm/policy-csp-tenantrestrictions.md
@@ -1,7 +1,7 @@
 ---
 title: TenantRestrictions Policy CSP
 description: Learn more about the TenantRestrictions Area in Policy CSP.
-ms.date: 08/06/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -41,9 +41,9 @@ When you enable this setting, compliant applications will be prevented from acce
 
 <https://go.microsoft.com/fwlink/?linkid=2148762>
 
-Before enabling firewall protection, ensure that a Windows Defender Application Control (WDAC) policy that correctly tags applications has been applied to the target devices. Enabling firewall protection without a corresponding WDAC policy will prevent all applications from reaching Microsoft endpoints. This firewall setting isn't supported on all versions of Windows - see the following link for more information.
+Before enabling firewall protection, ensure that an App Control for Business policy that correctly tags applications has been applied to the target devices. Enabling firewall protection without a corresponding App Control for Business policy will prevent all applications from reaching Microsoft endpoints. This firewall setting isn't supported on all versions of Windows - see the following link for more information.
 
-For details about setting up WDAC with tenant restrictions, see <https://go.microsoft.com/fwlink/?linkid=2155230>
+For details about setting up App Control with tenant restrictions, see <https://go.microsoft.com/fwlink/?linkid=2155230>
 <!-- ConfigureTenantRestrictions-Description-End -->
 
 <!-- ConfigureTenantRestrictions-Editable-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 9ecb6a207c..a77f87712f 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -1,7 +1,7 @@
 ---
 title: Update Policy CSP
 description: Learn more about the Update Area in Policy CSP.
-ms.date: 09/11/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,18 +9,12 @@ ms.date: 09/11/2024
 <!-- Update-Begin -->
 # Policy CSP - Update
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- Update-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- Update-Editable-End -->
 
 Update CSP policies are listed below based on the group policy area:
 
-- [Windows Insider Preview](#windows-insider-preview)
-  - [AlwaysAutoRebootAtScheduledTimeMinutes](#alwaysautorebootatscheduledtimeminutes)
-  - [ConfigureDeadlineNoAutoRebootForFeatureUpdates](#configuredeadlinenoautorebootforfeatureupdates)
-  - [ConfigureDeadlineNoAutoRebootForQualityUpdates](#configuredeadlinenoautorebootforqualityupdates)
 - [Manage updates offered from Windows Update](#manage-updates-offered-from-windows-update)
   - [AllowNonMicrosoftSignedUpdate](#allownonmicrosoftsignedupdate)
   - [AllowOptionalContent](#allowoptionalcontent)
@@ -61,7 +55,8 @@ Update CSP policies are listed below based on the group policy area:
   - [ConfigureDeadlineForQualityUpdates](#configuredeadlineforqualityupdates)
   - [ConfigureDeadlineGracePeriod](#configuredeadlinegraceperiod)
   - [ConfigureDeadlineGracePeriodForFeatureUpdates](#configuredeadlinegraceperiodforfeatureupdates)
-  - [ConfigureDeadlineNoAutoReboot](#configuredeadlinenoautoreboot)
+  - [ConfigureDeadlineNoAutoRebootForFeatureUpdates](#configuredeadlinenoautorebootforfeatureupdates)
+  - [ConfigureDeadlineNoAutoRebootForQualityUpdates](#configuredeadlinenoautorebootforqualityupdates)
   - [ConfigureFeatureUpdateUninstallPeriod](#configurefeatureupdateuninstallperiod)
   - [NoUpdateNotificationsDuringActiveHours](#noupdatenotificationsduringactivehours)
   - [ScheduledInstallDay](#scheduledinstallday)
@@ -76,6 +71,7 @@ Update CSP policies are listed below based on the group policy area:
   - [SetEDURestart](#setedurestart)
   - [UpdateNotificationLevel](#updatenotificationlevel)
 - [Legacy Policies](#legacy-policies)
+  - [AlwaysAutoRebootAtScheduledTimeMinutes](#alwaysautorebootatscheduledtimeminutes)
   - [AutoRestartDeadlinePeriodInDays](#autorestartdeadlineperiodindays)
   - [AutoRestartDeadlinePeriodInDaysForFeatureUpdates](#autorestartdeadlineperiodindaysforfeatureupdates)
   - [AutoRestartNotificationSchedule](#autorestartnotificationschedule)
@@ -99,188 +95,6 @@ Update CSP policies are listed below based on the group policy area:
   - [ScheduleRestartWarning](#schedulerestartwarning)
   - [SetAutoRestartNotificationDisable](#setautorestartnotificationdisable)
 
-## Windows Insider Preview
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Begin -->
-### AlwaysAutoRebootAtScheduledTimeMinutes
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Applicability-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Update/AlwaysAutoRebootAtScheduledTimeMinutes
-```
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-OmaUri-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Description-Begin -->
-<!-- Description-Source-ADMX -->
-
-- If you enable this policy, a restart timer will always begin immediately after Windows Update installs important updates, instead of first notifying users on the login screen for at least two days.
-
-The restart timer can be configured to start with any value from 15 to 180 minutes. When the timer runs out, the restart will proceed even if the PC has signed-in users.
-
-- If you disable or don't configure this policy, Windows Update won't alter its restart behavior.
-
-If the "No auto-restart with logged-on users for scheduled automatic updates installations" policy is enabled, then this policy has no effect.
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Description-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Editable-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `int` |
-| Access Type | Add, Delete, Get, Replace |
-| Allowed Values | Range: `[15-180]` |
-| Default Value  | 15 |
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-DFProperties-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | AlwaysAutoRebootAtScheduledTime |
-| Friendly Name | Always automatically restart at the scheduled time |
-| Element Name | work (minutes) |
-| Location | Computer Configuration |
-| Path | Windows Components > Windows Update > Manage end user experience |
-| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate\AU |
-| ADMX File Name | WindowsUpdate.admx |
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-GpMapping-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Examples-End -->
-
-<!-- AlwaysAutoRebootAtScheduledTimeMinutes-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Begin -->
-### ConfigureDeadlineNoAutoRebootForFeatureUpdates
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Applicability-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Update/ConfigureDeadlineNoAutoRebootForFeatureUpdates
-```
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-OmaUri-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Description-Begin -->
-<!-- Description-Source-DDF -->
-When enabled, devices won't automatically restart outside of active hours until the deadline and grace period have expired for feature updates, even if an update is ready for restart. When disabled, an automatic restart may be attempted outside of active hours after update is ready for restart before the deadline is reached. Takes effect only if Update/ConfigureDeadlineForFeatureUpdates is configured.
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Description-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Editable-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `int` |
-| Access Type | Add, Delete, Get, Replace |
-| Default Value  | 0 |
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-DFProperties-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-AllowedValues-Begin -->
-**Allowed values**:
-
-| Value | Description |
-|:--|:--|
-| 0 (Default) | Disabled. |
-| 1 | Enabled. |
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-AllowedValues-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | ConfigureDeadlineNoAutoRebootForFeatureUpdates |
-| Path | WindowsUpdate > AT > WindowsComponents > WindowsUpdateCat |
-| Element Name | ConfigureDeadlineNoAutoRebootForFeatureUpdates |
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-GpMapping-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Examples-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Begin -->
-### ConfigureDeadlineNoAutoRebootForQualityUpdates
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Applicability-Begin -->
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Applicability-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-OmaUri-Begin -->
-```Device
-./Device/Vendor/MSFT/Policy/Config/Update/ConfigureDeadlineNoAutoRebootForQualityUpdates
-```
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-OmaUri-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Description-Begin -->
-<!-- Description-Source-DDF -->
-When enabled, devices won't automatically restart outside of active hours until the deadline and grace period have expired for quality updates, even if an update is ready for restart. When disabled, an automatic restart may be attempted outside of active hours after update is ready for restart before the deadline is reached. Takes effect only if Update/ConfigureDeadlineForQualityUpdates is configured.
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Description-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Editable-Begin -->
-<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Editable-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-DFProperties-Begin -->
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | `int` |
-| Access Type | Add, Delete, Get, Replace |
-| Default Value  | 0 |
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-DFProperties-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-AllowedValues-Begin -->
-**Allowed values**:
-
-| Value | Description |
-|:--|:--|
-| 0 (Default) | Disabled. |
-| 1 | Enabled. |
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-AllowedValues-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-GpMapping-Begin -->
-**Group policy mapping**:
-
-| Name | Value |
-|:--|:--|
-| Name | ConfigureDeadlineNoAutoRebootForQualityUpdates |
-| Path | WindowsUpdate > AT > WindowsComponents > WindowsUpdateCat |
-| Element Name | ConfigureDeadlineNoAutoRebootForQualityUpdates |
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-GpMapping-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Examples-Begin -->
-<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Examples-End -->
-
-<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-End -->
-
 ## Manage updates offered from Windows Update
 
 <!-- AllowNonMicrosoftSignedUpdate-Begin -->
@@ -2518,8 +2332,8 @@ Number of days before feature updates are installed on devices automatically reg
 
 | Name | Value |
 |:--|:--|
-| Name | ComplianceDeadline |
-| Friendly Name | Specify deadlines for automatic updates and restarts |
+| Name | ComplianceDeadlineForFU |
+| Friendly Name | Specify deadline for automatic updates and restarts for feature update |
 | Element Name | Deadline (days) |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Update > Manage end user experience |
@@ -2578,7 +2392,7 @@ Number of days before quality updates are installed on devices automatically reg
 | Name | Value |
 |:--|:--|
 | Name | ComplianceDeadline |
-| Friendly Name | Specify deadlines for automatic updates and restarts |
+| Friendly Name | Specify deadline for automatic updates and restarts for quality update |
 | Element Name | Deadline (days) |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Update > Manage end user experience |
@@ -2633,7 +2447,7 @@ Minimum number of days from update installation until restarts occur automatical
 | Name | Value |
 |:--|:--|
 | Name | ComplianceDeadline |
-| Friendly Name | Specify deadlines for automatic updates and restarts |
+| Friendly Name | Specify deadline for automatic updates and restarts for quality update |
 | Element Name | Grace period (days) |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Update > Manage end user experience |
@@ -2687,8 +2501,8 @@ Minimum number of days from update installation until restarts occur automatical
 
 | Name | Value |
 |:--|:--|
-| Name | ComplianceDeadline |
-| Friendly Name | Specify deadlines for automatic updates and restarts |
+| Name | ComplianceDeadlineForFU |
+| Friendly Name | Specify deadline for automatic updates and restarts for feature update |
 | Element Name | Grace Period (days) |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Update > Manage end user experience |
@@ -2702,31 +2516,47 @@ Minimum number of days from update installation until restarts occur automatical
 
 <!-- ConfigureDeadlineGracePeriodForFeatureUpdates-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-Begin -->
-### ConfigureDeadlineNoAutoReboot
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Begin -->
+### ConfigureDeadlineNoAutoRebootForFeatureUpdates
 
-<!-- ConfigureDeadlineNoAutoReboot-Applicability-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1903 [10.0.18362] and later |
-<!-- ConfigureDeadlineNoAutoReboot-Applicability-End -->
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Applicability-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-OmaUri-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-OmaUri-Begin -->
 ```Device
-./Device/Vendor/MSFT/Policy/Config/Update/ConfigureDeadlineNoAutoReboot
+./Device/Vendor/MSFT/Policy/Config/Update/ConfigureDeadlineNoAutoRebootForFeatureUpdates
 ```
-<!-- ConfigureDeadlineNoAutoReboot-OmaUri-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-OmaUri-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-Description-Begin -->
-<!-- Description-Source-DDF-Forced -->
-When enabled, devices won't automatically restart outside of active hours until the deadline and grace period have expired, even if an update is ready for restart. When disabled, an automatic restart may be attempted outside of active hours after update is ready for restart before the deadline is reached. Takes effect only if Update/ConfigureDeadlineForQualityUpdates or Update/ConfigureDeadlineForFeatureUpdates is configured.
-<!-- ConfigureDeadlineNoAutoReboot-Description-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy lets you specify the number of days before feature updates are installed on devices automatically, and a grace period after which required restarts occur automatically.
 
-<!-- ConfigureDeadlineNoAutoReboot-Editable-Begin -->
+Set deadlines for feature updates and quality updates to meet your compliance goals. Updates will be downloaded and installed as soon as they're offered and automatic restarts will be attempted outside of active hours. Once the deadline has passed, restarts will occur regardless of active hours, and users won't be able to reschedule. If the deadline is set to 0 days, the update will be installed immediately upon offering, but might not finish within the day due to device availability and network connectivity.
+
+Set a grace period for feature updates to guarantee users a minimum time to manage their restarts once updates are installed. Users will be able to schedule restarts during the grace period and Windows can still automatically restart outside of active hours if users choose not to schedule restarts. The grace period might not take effect if users already have more than the number of days set as grace period to manage their restart, based on deadline configurations.
+
+You can set the device to delay restarting until both the deadline and grace period have expired.
+
+If you disable or don't configure this policy, devices will get updates and will restart according to the default schedule.
+
+This policy will override the following policies:
+
+1. Specify deadline before auto restart for update installation
+1. Specify Engaged restart transition and notification schedule for updates.
+
+1. Always automatically restart at the scheduled time
+1. Configure Automatic Updates.
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Description-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoReboot-Editable-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Editable-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-DFProperties-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-DFProperties-Begin -->
 **Description framework properties**:
 
 | Property name | Property value |
@@ -2734,36 +2564,115 @@ When enabled, devices won't automatically restart outside of active hours until
 | Format | `int` |
 | Access Type | Add, Delete, Get, Replace |
 | Default Value  | 0 |
-<!-- ConfigureDeadlineNoAutoReboot-DFProperties-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-DFProperties-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-AllowedValues-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-AllowedValues-Begin -->
 **Allowed values**:
 
 | Value | Description |
 |:--|:--|
 | 0 (Default) | Disabled. |
 | 1 | Enabled. |
-<!-- ConfigureDeadlineNoAutoReboot-AllowedValues-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-AllowedValues-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-GpMapping-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-GpMapping-Begin -->
 **Group policy mapping**:
 
 | Name | Value |
 |:--|:--|
-| Name | ComplianceDeadline |
-| Friendly Name | Specify deadlines for automatic updates and restarts |
+| Name | ComplianceDeadlineForFU |
+| Friendly Name | Specify deadline for automatic updates and restarts for feature update |
 | Element Name | Don't auto-restart until end of grace period. |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Update > Manage end user experience |
 | Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate |
 | ADMX File Name | WindowsUpdate.admx |
-<!-- ConfigureDeadlineNoAutoReboot-GpMapping-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-GpMapping-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-Examples-Begin -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- ConfigureDeadlineNoAutoReboot-Examples-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-Examples-End -->
 
-<!-- ConfigureDeadlineNoAutoReboot-End -->
+<!-- ConfigureDeadlineNoAutoRebootForFeatureUpdates-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Begin -->
+### ConfigureDeadlineNoAutoRebootForQualityUpdates
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Applicability-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Update/ConfigureDeadlineNoAutoRebootForQualityUpdates
+```
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-OmaUri-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy lets you specify the number of days before quality updates are installed on devices automatically, and a grace period after which required restarts occur automatically.
+
+Set deadlines for quality updates to meet your compliance goals. Updates will be downloaded and installed as soon as they're offered and automatic restarts will be attempted outside of active hours. Once the deadline has passed, restarts will occur regardless of active hours, and users won't be able to reschedule. If the deadline is set to 0 days, the update will be installed immediately upon offering, but might not finish within the day due to device availability and network connectivity.
+
+Set a grace period for quality updates to guarantee users a minimum time to manage their restarts once updates are installed. Users will be able to schedule restarts during the grace period and Windows can still automatically restart outside of active hours if users choose not to schedule restarts. The grace period might not take effect if users already have more than the number of days set as grace period to manage their restart, based on deadline configurations.
+
+You can set the device to delay restarting until both the deadline and grace period have expired.
+
+If you disable or don't configure this policy, devices will get updates and will restart according to the default schedule.
+
+This policy will override the following policies:
+
+1. Specify deadline before auto restart for update installation
+1. Specify Engaged restart transition and notification schedule for updates.
+
+1. Always automatically restart at the scheduled time
+1. Configure Automatic Updates.
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Description-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Editable-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `int` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-DFProperties-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Disabled. |
+| 1 | Enabled. |
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-AllowedValues-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | ComplianceDeadline |
+| Friendly Name | Specify deadline for automatic updates and restarts for quality update |
+| Element Name | Don't auto-restart until end of grace period. |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Update > Manage end user experience |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate |
+| ADMX File Name | WindowsUpdate.admx |
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-GpMapping-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-Examples-End -->
+
+<!-- ConfigureDeadlineNoAutoRebootForQualityUpdates-End -->
 
 <!-- ConfigureFeatureUpdateUninstallPeriod-Begin -->
 ### ConfigureFeatureUpdateUninstallPeriod
@@ -3647,6 +3556,68 @@ If you select "Apply only during active hours" in conjunction with Option 1 or 2
 
 ## Legacy Policies
 
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Begin -->
+### AlwaysAutoRebootAtScheduledTimeMinutes
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621] and later |
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Applicability-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Update/AlwaysAutoRebootAtScheduledTimeMinutes
+```
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-OmaUri-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Description-Begin -->
+<!-- Description-Source-ADMX -->
+
+- If you enable this policy, a restart timer will always begin immediately after Windows Update installs important updates, instead of first notifying users on the login screen for at least two days.
+
+The restart timer can be configured to start with any value from 15 to 180 minutes. When the timer runs out, the restart will proceed even if the PC has signed-in users.
+
+- If you disable or don't configure this policy, Windows Update won't alter its restart behavior.
+
+If the "No auto-restart with logged-on users for scheduled automatic updates installations" policy is enabled, then this policy has no effect.
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Description-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Editable-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `int` |
+| Access Type | Add, Delete, Get, Replace |
+| Allowed Values | Range: `[15-180]` |
+| Default Value  | 15 |
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-DFProperties-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | AlwaysAutoRebootAtScheduledTime |
+| Friendly Name | Always automatically restart at the scheduled time |
+| Element Name | work (minutes) |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Update > Legacy Policies |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate\AU |
+| ADMX File Name | WindowsUpdate.admx |
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-GpMapping-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-Examples-End -->
+
+<!-- AlwaysAutoRebootAtScheduledTimeMinutes-End -->
+
 <!-- AutoRestartDeadlinePeriodInDays-Begin -->
 ### AutoRestartDeadlinePeriodInDays
 
diff --git a/windows/client-management/mdm/policy-csp-userrights.md b/windows/client-management/mdm/policy-csp-userrights.md
index dc226ea336..68db80419e 100644
--- a/windows/client-management/mdm/policy-csp-userrights.md
+++ b/windows/client-management/mdm/policy-csp-userrights.md
@@ -1,7 +1,7 @@
 ---
 title: UserRights Policy CSP
 description: Learn more about the UserRights Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/18/2024
 <!-- UserRights-Begin -->
 # Policy CSP - UserRights
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- UserRights-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 User rights are assigned for user accounts or groups. The name of the policy defines the user right in question, and the values are always users or groups. Values can be represented as Security Identifiers (SID) or strings. For more information, see [Well-known SID structures](/openspecs/windows_protocols/ms-dtyp/81d92bba-d22b-4a8c-908a-554ab29148ab).
@@ -258,7 +256,7 @@ This user right allows a process to impersonate any user without authentication.
 <!-- AdjustMemoryQuotasForProcess-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AdjustMemoryQuotasForProcess-Applicability-End -->
 
 <!-- AdjustMemoryQuotasForProcess-OmaUri-Begin -->
@@ -359,7 +357,7 @@ This user right determines which users can log on to the computer.
 <!-- AllowLogOnThroughRemoteDesktop-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowLogOnThroughRemoteDesktop-Applicability-End -->
 
 <!-- AllowLogOnThroughRemoteDesktop-OmaUri-Begin -->
@@ -460,7 +458,7 @@ This user right determines which users can bypass file, directory, registry, and
 <!-- BypassTraverseChecking-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- BypassTraverseChecking-Applicability-End -->
 
 <!-- BypassTraverseChecking-OmaUri-Begin -->
@@ -567,7 +565,7 @@ This user right determines which users and groups can change the time and date o
 <!-- ChangeTimeZone-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ChangeTimeZone-Applicability-End -->
 
 <!-- ChangeTimeZone-OmaUri-Begin -->
@@ -1027,7 +1025,7 @@ This security setting determines which service accounts are prevented from regis
 <!-- DenyLogOnAsBatchJob-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DenyLogOnAsBatchJob-Applicability-End -->
 
 <!-- DenyLogOnAsBatchJob-OmaUri-Begin -->
@@ -1076,7 +1074,7 @@ This security setting determines which accounts are prevented from being able to
 <!-- DenyLogOnAsService-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DenyLogOnAsService-Applicability-End -->
 
 <!-- DenyLogOnAsService-OmaUri-Begin -->
@@ -1336,7 +1334,7 @@ Assigning this user right to a user allows programs running on behalf of that us
 <!-- IncreaseProcessWorkingSet-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- IncreaseProcessWorkingSet-Applicability-End -->
 
 <!-- IncreaseProcessWorkingSet-OmaUri-Begin -->
@@ -1543,7 +1541,7 @@ This user right determines which accounts can use a process to keep data in phys
 <!-- LogOnAsBatchJob-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LogOnAsBatchJob-Applicability-End -->
 
 <!-- LogOnAsBatchJob-OmaUri-Begin -->
@@ -1592,7 +1590,7 @@ This security setting allows a user to be logged-on by means of a batch-queue fa
 <!-- LogOnAsService-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LogOnAsService-Applicability-End -->
 
 <!-- LogOnAsService-OmaUri-Begin -->
@@ -1889,7 +1887,7 @@ This user right determines which users can use performance monitoring tools to m
 <!-- ProfileSystemPerformance-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ProfileSystemPerformance-Applicability-End -->
 
 <!-- ProfileSystemPerformance-OmaUri-Begin -->
@@ -1987,7 +1985,7 @@ This user right determines which users are allowed to shut down a computer from
 <!-- ReplaceProcessLevelToken-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ReplaceProcessLevelToken-Applicability-End -->
 
 <!-- ReplaceProcessLevelToken-OmaUri-Begin -->
@@ -2088,7 +2086,7 @@ This user right determines which users can bypass file, directory, registry, and
 <!-- ShutDownTheSystem-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ShutDownTheSystem-Applicability-End -->
 
 <!-- ShutDownTheSystem-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-webthreatdefense.md b/windows/client-management/mdm/policy-csp-webthreatdefense.md
index 0b01461d1e..96d9296b8a 100644
--- a/windows/client-management/mdm/policy-csp-webthreatdefense.md
+++ b/windows/client-management/mdm/policy-csp-webthreatdefense.md
@@ -1,7 +1,7 @@
 ---
 title: WebThreatDefense Policy CSP
 description: Learn more about the WebThreatDefense Area in Policy CSP.
-ms.date: 01/31/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/31/2024
 <!-- WebThreatDefense-Begin -->
 # Policy CSP - WebThreatDefense
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- WebThreatDefense-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!NOTE]
@@ -23,7 +21,7 @@ ms.date: 01/31/2024
 <!-- AutomaticDataCollection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AutomaticDataCollection-Applicability-End -->
 
 <!-- AutomaticDataCollection-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-windowsai.md b/windows/client-management/mdm/policy-csp-windowsai.md
index 1d1a1691af..642e2df000 100644
--- a/windows/client-management/mdm/policy-csp-windowsai.md
+++ b/windows/client-management/mdm/policy-csp-windowsai.md
@@ -1,7 +1,7 @@
 ---
 title: WindowsAI Policy CSP
 description: Learn more about the WindowsAI Area in Policy CSP.
-ms.date: 09/11/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -21,7 +21,7 @@ ms.date: 09/11/2024
 <!-- DisableAIDataAnalysis-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DisableAIDataAnalysis-Applicability-End -->
 
 <!-- DisableAIDataAnalysis-OmaUri-Begin -->
@@ -31,14 +31,12 @@ ms.date: 09/11/2024
 <!-- DisableAIDataAnalysis-OmaUri-End -->
 
 <!-- DisableAIDataAnalysis-Description-Begin -->
-<!-- Description-Source-DDF -->
-This policy setting allows you to determine whether end users have the option to allow snapshots to be saved on their PCs.
+<!-- Description-Source-ADMX -->
+This policy setting allows you to control whether Windows saves snapshots of the screen and analyzes the user's activity on their device.
 
-- If disabled, end users will have a choice to save snapshots of their screen on their PC and then use Recall to find things they've seen.
+- If you enable this policy setting, Windows won't be able to save snapshots and users won't be able to search for or browse through their historical device activity using Recall.
 
-- If the policy is enabled, end users won't be able to save snapshots on their PC.
-
-- If the policy isn't configured, end users may or may not be able to save snapshots on their PC-depending on other policy configurations.
+- If you disable or don't configure this policy setting, Windows will save snapshots of the screen and users will be able to search for or browse through a timeline of their past activities using Recall.
 <!-- DisableAIDataAnalysis-Description-End -->
 
 <!-- DisableAIDataAnalysis-Editable-Begin -->
@@ -70,7 +68,12 @@ This policy setting allows you to determine whether end users have the option to
 | Name | Value |
 |:--|:--|
 | Name | DisableAIDataAnalysis |
-| Path | WindowsAI > AT > WindowsComponents > WindowsAI |
+| Friendly Name | Turn off Saving Snapshots for Windows |
+| Location | User Configuration |
+| Path | Windows Components > Windows AI |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\WindowsAI |
+| Registry Value Name | DisableAIDataAnalysis |
+| ADMX File Name | WindowsCopilot.admx |
 <!-- DisableAIDataAnalysis-GpMapping-End -->
 
 <!-- DisableAIDataAnalysis-Examples-Begin -->
@@ -203,6 +206,58 @@ This policy setting allows you to control whether Image Creator functionality is
 
 <!-- DisableImageCreator-End -->
 
+<!-- SetCopilotHardwareKey-Begin -->
+## SetCopilotHardwareKey
+
+<!-- SetCopilotHardwareKey-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ❌ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+<!-- SetCopilotHardwareKey-Applicability-End -->
+
+<!-- SetCopilotHardwareKey-OmaUri-Begin -->
+```User
+./User/Vendor/MSFT/Policy/Config/WindowsAI/SetCopilotHardwareKey
+```
+<!-- SetCopilotHardwareKey-OmaUri-End -->
+
+<!-- SetCopilotHardwareKey-Description-Begin -->
+<!-- Description-Source-DDF -->
+This policy setting determines which app opens when the user presses the Copilot key on their keyboard.
+
+- If the policy is enabled, the specified app will open when the user presses the Copilot key. Users can change the key assignment in Settings.
+
+- If the policy isn't configured, Copilot will open if it's available in that country or region.
+<!-- SetCopilotHardwareKey-Description-End -->
+
+<!-- SetCopilotHardwareKey-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- SetCopilotHardwareKey-Editable-End -->
+
+<!-- SetCopilotHardwareKey-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+<!-- SetCopilotHardwareKey-DFProperties-End -->
+
+<!-- SetCopilotHardwareKey-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | SetCopilotHardwareKey |
+| Path | WindowsCopilot > AT > WindowsComponents > WindowsCopilot |
+<!-- SetCopilotHardwareKey-GpMapping-End -->
+
+<!-- SetCopilotHardwareKey-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- SetCopilotHardwareKey-Examples-End -->
+
+<!-- SetCopilotHardwareKey-End -->
+
 <!-- TurnOffWindowsCopilot-Begin -->
 ## TurnOffWindowsCopilot
 
diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md
index d9c4d40da1..c7a7fe256c 100644
--- a/windows/client-management/mdm/policy-csp-windowslogon.md
+++ b/windows/client-management/mdm/policy-csp-windowslogon.md
@@ -1,7 +1,7 @@
 ---
 title: WindowsLogon Policy CSP
 description: Learn more about the WindowsLogon Area in Policy CSP.
-ms.date: 04/10/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -380,11 +380,11 @@ This policy setting allows you to control whether users see the first sign-in an
 
 <!-- EnableMPRNotifications-Description-Begin -->
 <!-- Description-Source-ADMX -->
-This policy controls the configuration under which winlogon sends MPR notifications in the system.
+This policy controls whether the user's password is included in the content of MPR notifications sent by winlogon in the system.
 
-- If you enable this setting or don't configure it, winlogon sends MPR notifications if a credential manager is configured.
+- If you disable this setting or don't configure it, winlogon sends MPR notifications with empty password fields of the user's authentication info.
 
-- If you disable this setting, winlogon doesn't send MPR notifications.
+- If you enable this setting, winlogon sends MPR notifications containing the user's password in the authentication info.
 <!-- EnableMPRNotifications-Description-End -->
 
 <!-- EnableMPRNotifications-Editable-Begin -->
@@ -415,7 +415,7 @@ This policy controls the configuration under which winlogon sends MPR notificati
 | Name | Value |
 |:--|:--|
 | Name | EnableMPRNotifications |
-| Friendly Name | Enable MPR notifications for the system |
+| Friendly Name | Configure the transmission of the user's password in the content of MPR notifications sent by winlogon. |
 | Location | Computer Configuration |
 | Path | Windows Components > Windows Logon Options |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\System |
diff --git a/windows/client-management/mdm/policy-csp-windowssandbox.md b/windows/client-management/mdm/policy-csp-windowssandbox.md
index ffa94e847a..a22172669f 100644
--- a/windows/client-management/mdm/policy-csp-windowssandbox.md
+++ b/windows/client-management/mdm/policy-csp-windowssandbox.md
@@ -1,7 +1,7 @@
 ---
 title: WindowsSandbox Policy CSP
 description: Learn more about the WindowsSandbox Area in Policy CSP.
-ms.date: 01/18/2024
+ms.date: 09/27/2024
 ---
 
 <!-- Auto-Generated CSP Document -->
@@ -9,8 +9,6 @@ ms.date: 01/18/2024
 <!-- WindowsSandbox-Begin -->
 # Policy CSP - WindowsSandbox
 
-[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
-
 <!-- WindowsSandbox-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- WindowsSandbox-Editable-End -->
@@ -149,7 +147,7 @@ This policy setting enables or disables clipboard sharing with the sandbox.
 <!-- AllowMappedFolders-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowMappedFolders-Applicability-End -->
 
 <!-- AllowMappedFolders-OmaUri-Begin -->
@@ -159,8 +157,18 @@ This policy setting enables or disables clipboard sharing with the sandbox.
 <!-- AllowMappedFolders-OmaUri-End -->
 
 <!-- AllowMappedFolders-Description-Begin -->
-<!-- Description-Source-DDF -->
-Allow mapping folders into Windows Sandbox.
+<!-- Description-Source-ADMX -->
+This policy setting enables or disables mapping folders into sandbox.
+
+- If you enable this policy setting, mapping folders from the host into Sandbox will be permitted.
+
+- If you enable this policy setting and disable write to mapped folders, mapping folders from the host into Sandbox will be permitted, but Sandbox will only have permission to read the files.
+
+- If you disable this policy setting, mapping folders from the host into Sandbox won't be permitted.
+
+- If you don't configure this policy setting, mapped folders will be enabled.
+
+Note that there may be security implications of exposing folders from the host into the container.
 <!-- AllowMappedFolders-Description-End -->
 
 <!-- AllowMappedFolders-Editable-Begin -->
@@ -184,7 +192,12 @@ Allow mapping folders into Windows Sandbox.
 | Name | Value |
 |:--|:--|
 | Name | AllowMappedFolders |
-| Path | WindowsSandbox > AT > WindowsComponents > WindowsSandboxCat |
+| Friendly Name | Allow mapping folders into Windows Sandbox |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Sandbox |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\Sandbox |
+| Registry Value Name | AllowMappedFolders |
+| ADMX File Name | WindowsSandbox.admx |
 <!-- AllowMappedFolders-GpMapping-End -->
 
 <!-- AllowMappedFolders-Examples-Begin -->
@@ -457,7 +470,7 @@ Note that there may be security implications of exposing host video input to the
 <!-- AllowWriteToMappedFolders-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowWriteToMappedFolders-Applicability-End -->
 
 <!-- AllowWriteToMappedFolders-OmaUri-Begin -->
@@ -467,8 +480,18 @@ Note that there may be security implications of exposing host video input to the
 <!-- AllowWriteToMappedFolders-OmaUri-End -->
 
 <!-- AllowWriteToMappedFolders-Description-Begin -->
-<!-- Description-Source-DDF -->
-Allow Sandbox to write to mapped folders.
+<!-- Description-Source-ADMX -->
+This policy setting enables or disables mapping folders into sandbox.
+
+- If you enable this policy setting, mapping folders from the host into Sandbox will be permitted.
+
+- If you enable this policy setting and disable write to mapped folders, mapping folders from the host into Sandbox will be permitted, but Sandbox will only have permission to read the files.
+
+- If you disable this policy setting, mapping folders from the host into Sandbox won't be permitted.
+
+- If you don't configure this policy setting, mapped folders will be enabled.
+
+Note that there may be security implications of exposing folders from the host into the container.
 <!-- AllowWriteToMappedFolders-Description-End -->
 
 <!-- AllowWriteToMappedFolders-Editable-Begin -->
@@ -492,8 +515,13 @@ Allow Sandbox to write to mapped folders.
 
 | Name | Value |
 |:--|:--|
-| Name | AllowWriteToMappedFolders |
-| Path | WindowsSandbox > AT > WindowsComponents > WindowsSandboxCat |
+| Name | AllowMappedFolders |
+| Friendly Name | Allow mapping folders into Windows Sandbox |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Sandbox |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\Sandbox |
+| Registry Value Name | AllowMappedFolders |
+| ADMX File Name | WindowsSandbox.admx |
 <!-- AllowWriteToMappedFolders-GpMapping-End -->
 
 <!-- AllowWriteToMappedFolders-Examples-Begin -->
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index eba37a1745..3011ad91da 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -48,12 +48,12 @@ items:
     - name: Protocol
       expanded: true
       items:
-        - name: Overview
-          href: ../declared-configuration.md
-        - name: Discovery
-          href: ../declared-configuration-discovery.md
-        - name: Enrollment
-          href: ../declared-configuration-enrollment.md
+      - name: Overview
+        href: ../declared-configuration.md
+      - name: Discovery
+        href: ../declared-configuration-discovery.md
+      - name: Enrollment
+        href: ../declared-configuration-enrollment.md
     - name: Extensibility
       href: ../declared-configuration-extensibility.md
     - name: Resource access
@@ -387,7 +387,7 @@ items:
           href: policy-csp-authentication.md
         - name: Autoplay
           href: policy-csp-autoplay.md
-        - name: BitLocker
+        - name: Bitlocker
           href: policy-csp-bitlocker.md
         - name: BITS
           href: policy-csp-bits.md
@@ -537,6 +537,8 @@ items:
           href: policy-csp-settingssync.md
         - name: SmartScreen
           href: policy-csp-smartscreen.md
+        - name: SpeakForMe
+          href: policy-csp-speakforme.md
         - name: Speech
           href: policy-csp-speech.md
         - name: Start
diff --git a/windows/configuration/assigned-access/overview.md b/windows/configuration/assigned-access/overview.md
index 12ed03cf42..29d6b948b2 100644
--- a/windows/configuration/assigned-access/overview.md
+++ b/windows/configuration/assigned-access/overview.md
@@ -298,35 +298,6 @@ To change the default time for Assigned Access to resume, add *IdleTimeOut* (DWO
 
 The Breakout Sequence of <kbd>Ctrl</kbd> + <kbd>Alt</kbd> + <kbd>Del</kbd> is the default, but this sequence can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence is <kbd>CTRL</kbd> + <kbd>ALT</kbd> + <kbd>A</kbd>, where <kbd>CTRL</kbd> + <kbd>ALT</kbd> are the modifiers, and <kbd>A</kbd> is the key value. To learn more, see [Create an Assigned Access configuration XML file](configuration-file.md).
 
-### Keyboard shortcuts
-
-The following keyboard shortcuts are blocked for the user accounts with Assigned Access:
-
-| Keyboard shortcut                                    | Action                                                                                        |
-|------------------------------------------------------|-----------------------------------------------------------------------------------------------|
-| <kbd>Ctrl</kbd> + <kbd>Shift</kbd>  + <kbd>Esc</kbd> | Open Task Manager                                                                             |
-| <kbd>WIN</kbd> + <kbd>,</kbd> (comma)                | Temporarily peek at the desktop                                                               |
-| <kbd>WIN</kbd> + <kbd>A</kbd>                        | Open Action center                                                                            |
-| <kbd>WIN</kbd> + <kbd>Alt</kbd>  + <kbd> D</kbd>     | Display and hide the date and time on the desktop                                             |
-| <kbd>WIN</kbd> + <kbd>Ctrl</kbd>  + <kbd> F</kbd>    | Find computer objects in Active Directory                                                     |
-| <kbd>WIN</kbd> + <kbd>D</kbd>                        | Display and hide the desktop                                                                  |
-| <kbd>WIN</kbd> + <kbd>E</kbd>                        | Open File Explorer                                                                            |
-| <kbd>WIN</kbd> + <kbd>F</kbd>                        | Open Feedback Hub                                                                             |
-| <kbd>WIN</kbd> + <kbd>G</kbd>                        | Open Game bar when a game is open                                                             |
-| <kbd>WIN</kbd> + <kbd>I</kbd>                        | Open Settings                                                                                 |
-| <kbd>WIN</kbd> + <kbd>J</kbd>                        | Set focus to a Windows tip when one is available                                              |
-| <kbd>WIN</kbd> + <kbd>O</kbd>                        | Lock device orientation                                                                       |
-| <kbd>WIN</kbd> + <kbd>Q</kbd>                        | Open search                                                                                   |
-| <kbd>WIN</kbd> + <kbd>R</kbd>                        | Open the Run dialog box                                                                       |
-| <kbd>WIN</kbd> + <kbd>S</kbd>                        | Open search                                                                                   |
-| <kbd>WIN</kbd> + <kbd>Shift</kbd>  + <kbd> C</kbd>   | Open Cortana in listening mode                                                                |
-| <kbd>WIN</kbd> + <kbd>X</kbd>                        | Open the Quick Link menu                                                                      |
-| <kbd>LaunchApp1</kbd>                                | Open the app that is assigned to this key                                                     |
-| <kbd>LaunchApp2</kbd>                                | Open the app that is assigned to this key. On many Microsoft keyboards, the app is Calculator |
-| <kbd>LaunchMail</kbd>                                | Open the default mail client                                                                  |
-
-For information on how to customize keyboard shortcuts, see [Assigned Access recommendations](recommendations.md#keyboard-shortcuts).
-
 ## Remove Assigned Access
 
 Deleting the restricted user experience removes the policy settings associated with the users, but it can't revert all the configurations. For example, the Start menu configuration is maintained.
diff --git a/windows/configuration/assigned-access/policy-settings.md b/windows/configuration/assigned-access/policy-settings.md
index 0bf8a93e30..9e9794304b 100644
--- a/windows/configuration/assigned-access/policy-settings.md
+++ b/windows/configuration/assigned-access/policy-settings.md
@@ -112,3 +112,32 @@ The deny list is used to prevent the user from accessing the apps, which are cur
 1. The default rule is to allow all users to launch the desktop programs signed with *Microsoft Certificate* for the system to boot and function. The rule also allows the admin user group to launch all desktop programs.
 1. There's a predefined inbox desktop app deny list for the Assigned Access user account, which is updated based on the *desktop app allow list* that you defined in the Assigned Access configuration
 1. Enterprise-defined allowed desktop apps are added in the AppLocker allow list
+
+## Keyboard shortcuts
+
+The following keyboard shortcuts are blocked for the user accounts with Assigned Access:
+
+| Keyboard shortcut                                    | Action                                                                                        |
+|------------------------------------------------------|-----------------------------------------------------------------------------------------------|
+| <kbd>Ctrl</kbd> + <kbd>Shift</kbd>  + <kbd>Esc</kbd> | Open Task Manager                                                                             |
+| <kbd>WIN</kbd> + <kbd>,</kbd> (comma)                | Temporarily peek at the desktop                                                               |
+| <kbd>WIN</kbd> + <kbd>A</kbd>                        | Open Action center                                                                            |
+| <kbd>WIN</kbd> + <kbd>Alt</kbd>  + <kbd> D</kbd>     | Display and hide the date and time on the desktop                                             |
+| <kbd>WIN</kbd> + <kbd>Ctrl</kbd>  + <kbd> F</kbd>    | Find computer objects in Active Directory                                                     |
+| <kbd>WIN</kbd> + <kbd>D</kbd>                        | Display and hide the desktop                                                                  |
+| <kbd>WIN</kbd> + <kbd>E</kbd>                        | Open File Explorer                                                                            |
+| <kbd>WIN</kbd> + <kbd>F</kbd>                        | Open Feedback Hub                                                                             |
+| <kbd>WIN</kbd> + <kbd>G</kbd>                        | Open Game bar when a game is open                                                             |
+| <kbd>WIN</kbd> + <kbd>I</kbd>                        | Open Settings                                                                                 |
+| <kbd>WIN</kbd> + <kbd>J</kbd>                        | Set focus to a Windows tip when one is available                                              |
+| <kbd>WIN</kbd> + <kbd>O</kbd>                        | Lock device orientation                                                                       |
+| <kbd>WIN</kbd> + <kbd>Q</kbd>                        | Open search                                                                                   |
+| <kbd>WIN</kbd> + <kbd>R</kbd>                        | Open the Run dialog box                                                                       |
+| <kbd>WIN</kbd> + <kbd>S</kbd>                        | Open search                                                                                   |
+| <kbd>WIN</kbd> + <kbd>Shift</kbd>  + <kbd> C</kbd>   | Open Cortana in listening mode                                                                |
+| <kbd>WIN</kbd> + <kbd>X</kbd>                        | Open the Quick Link menu                                                                      |
+| <kbd>LaunchApp1</kbd>                                | Open the app that is assigned to this key                                                     |
+| <kbd>LaunchApp2</kbd>                                | Open the app that is assigned to this key. On many Microsoft keyboards, the app is Calculator |
+| <kbd>LaunchMail</kbd>                                | Open the default mail client                                                                  |
+
+For information on how to customize keyboard shortcuts, see [Assigned Access recommendations](recommendations.md#keyboard-shortcuts).
diff --git a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
index 3ffeaa9b73..97c7612c30 100644
--- a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
+++ b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
@@ -12,7 +12,7 @@ You can install multiple Universal Windows Platform (UWP) apps and Windows deskt
 When you add an app in a Windows Configuration Designer wizard, the appropriate settings are displayed based on the app that you select. For instructions on adding an app using the advanced editor in Windows Configuration Designer, see [Add an app using advanced editor](#add-a-windows-desktop-application-using-advanced-editor).
 
 > [!IMPORTANT]
-> If you plan to use Intune to manage your devices, we recommend using Intune to install Microsoft 365 Apps for enterprise. Apps that are installed using a provisioning package cannot be managed or modified using Intune. [Learn how to add Microsoft 365 Apps to Windows devices with Microsoft Intune.](/intune/apps-add-office365)
+> If you plan to use Intune to manage your devices, we recommend using Intune to install Microsoft 365 Apps for enterprise. Apps that are installed using a provisioning package cannot be managed or modified using Intune. [Learn how to add Microsoft 365 Apps to Windows devices with Microsoft Intune.](/mem/intune/apps/apps-add-office365)
 
 ## Settings for UWP apps
 
diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index 99c636d922..e816d252d7 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -317,7 +317,7 @@ items:
           href: configure-a-pxe-server-to-load-windows-pe.md
         - name: Windows Deployment Services (WDS) boot.wim support
           href: wds-boot-support.md
-        - name: Windows ADK for Windows 10 scenarios for IT Pros
+        - name: Windows ADK for Windows scenarios for IT Pros
           href: windows-adk-scenarios-for-it-pros.md
         - name: User State Migration Tool (USMT) technical reference
           items:
diff --git a/windows/deployment/do/TOC.yml b/windows/deployment/do/TOC.yml
index fe1b2a0cf3..5fdeb51d86 100644
--- a/windows/deployment/do/TOC.yml
+++ b/windows/deployment/do/TOC.yml
@@ -38,13 +38,37 @@
       - name: MCC for Enterprise and Education Overview
         href: mcc-ent-edu-overview.md
       - name: Requirements
-        href: mcc-enterprise-prerequisites.md
-      - name: Deploy Microsoft Connected Cache
-        href: mcc-enterprise-deploy.md
-      - name: Update or uninstall MCC
-        href: mcc-enterprise-update-uninstall.md
-      - name: Appendix
-        href: mcc-enterprise-appendix.md
+        href: mcc-ent-prerequisites.md
+      - name: How-to guides
+        items:
+        - name: Create MCC resource and cache node
+          href: mcc-ent-create-resource-and-cache.md
+        - name: Configure, provision and deploy cache node
+          items:
+          - name: Deploy MCC to Linux
+            href: mcc-ent-deploy-to-linux.md
+          - name: Deploy MCC to Windows
+            href: mcc-ent-deploy-to-windows.md
+        - name: Using CLI to create and manage cache nodes
+          href: mcc-ent-manage-cache-using-cli.md 
+        - name: Verify cache node functionality
+          href: mcc-ent-verify-cache-node.md
+        - name: Monitor cache node
+          href: mcc-ent-monitoring.md
+        - name: Update MCC
+          href: mcc-ent-update-cache-node.md 
+        - name: Uninstall cache node
+          href: mcc-ent-uninstall-cache-node.md     
+      - name: Resources
+        items:
+        - name: Frequent Asked Questions
+          href: mcc-ent-faq.yml
+        - name: Support and troubleshooting
+          href: mcc-ent-support-and-troubleshooting.md
+        - name: MCC for Enterprise and Education (early preview)
+          href: mcc-ent-private-preview.md
+      - name: Release notes
+        href: mcc-ent-release-notes.md        
     - name: MCC for ISPs
       items:
       - name: MCC for ISPs Overview
diff --git a/windows/deployment/do/delivery-optimization-endpoints.md b/windows/deployment/do/delivery-optimization-endpoints.md
index aa1c2a6abf..79e8211757 100644
--- a/windows/deployment/do/delivery-optimization-endpoints.md
+++ b/windows/deployment/do/delivery-optimization-endpoints.md
@@ -32,6 +32,7 @@ Use the table below to reference any particular content types or services endpoi
 | *.officecdn.microsoft.com.edgesuite.net, *.officecdn.microsoft.com, *.cdn.office.net |  HTTP / 80  | Office CDN updates | [Complete list](/office365/enterprise/office-365-endpoints) of endpoints for Office CDN updates. | Both |
 | *.manage.microsoft.com, *.swda01.manage.microsoft.com, *.swda02.manage.microsoft.com, *.swdb01.manage.microsoft.com, *.swdb02.manage.microsoft.com, *.swdc01.manage.microsoft.com, *.swdc02.manage.microsoft.com, *.swdd01.manage.microsoft.com, *.swdd02.manage.microsoft.com, *.swda01-mscdn.manage.microsoft.com, *.swda02-mscdn.manage.microsoft.com, *.swdb01-mscdn.manage.microsoft.com, *.swdb02-mscdn.manage.microsoft.com, *.swdc01-mscdn.manage.microsoft.com, *.swdc02-mscdn.manage.microsoft.com, *.swdd01-mscdn.manage.microsoft.com, *.swdd02-mscdn.manage.microsoft.com |  HTTP / 80 </br> HTTPs / 443  | Intune Win32 Apps | [Complete list](/mem/intune/fundamentals/intune-endpoints) of endpoints for Intune Win32 Apps updates. | Both |
 | *.statics.teams.cdn.office.net |  HTTP / 80 </br> HTTPs / 443  | Teams | Future support is planned for peering and Connected Cache | TBD |
+| *.res.cdn.office.net |  HTTP / 80 </br> HTTPs / 443  | Outlook | Future support is planned for peering and Connected Cache | TBD |
 | *.assets1.xboxlive.com, *.assets2.xboxlive.com, *.dlassets.xboxlive.com, *.dlassets2.xboxlive.com, *.d1.xboxlive.com, *.d2.xboxlive.com, *.assets.xbox.com, *.xbl-dlassets-origin.xboxlive.com, *.assets-origin.xboxlive.com, *.xvcb1.xboxlive.com, *.xvcb2.xboxlive.com, *.xvcf1.xboxlive.com, *.xvcf2.xboxlive.com |  HTTP / 80 | Xbox | | Both |
 | *.tlu.dl.adu.microsoft.com, *.nlu.dl.adu.microsoft.com, *.dcsfe.prod.adu.microsoft.com |  HTTP / 80 | Device Update | [Complete list](/azure/iot-hub-device-update/) of endpoints for Device Update updates.  |  Both |
 | *.do.dsp.mp.microsoft.com |  HTTP / 80 </br> HTTPs / 443 | Microsoft Connected Cache -> Delivery Optimization Services communication | [Complete list](../do/waas-delivery-optimization-faq.yml) of endpoints for Delivery Optimization only.  | Connected Cache Managed in Azure |
diff --git a/windows/deployment/do/images/mcc_ent_publicpreview.png b/windows/deployment/do/images/mcc_ent_publicpreview.png
new file mode 100644
index 0000000000..6f6f292d58
Binary files /dev/null and b/windows/deployment/do/images/mcc_ent_publicpreview.png differ
diff --git a/windows/deployment/do/mcc-ent-create-resource-and-cache.md b/windows/deployment/do/mcc-ent-create-resource-and-cache.md
new file mode 100644
index 0000000000..8d79298b6a
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-create-resource-and-cache.md
@@ -0,0 +1,266 @@
+---
+title: Create and configure MCC cache nodes
+description: Details on how to create and configure Microsoft Connected Cache for Enterprise and Education (MCC) cache nodes.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+manager: naengler
+ms.author: nidos
+author: doshnid
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise</a>	
+ms.date: 06/03/2024
+---
+
+# Create Microsoft Connected Cache Azure resource and cache nodes
+
+This article outlines how to create and configure your Microsoft Connected Cache for Enterprise and Education (MCC) cache nodes. The creation and configuration of your cache node takes place in Azure. The deployment of your cache node requires downloading and running an OS-specific provisioning package on your host machine.
+
+## Prerequisites
+
+1. **Azure Pay-As-You-Go subscription**: Microsoft Connected Cache is a free-of-charge service hosted in Azure. You'll need a pay-as-you-go Azure subscription in order to onboard to our service. To create a subscription, go to [pay-as-you-go subscription page](https://azure.microsoft.com/offers/ms-azr-0003p/).
+2. **Hardware to host MCC**: The recommended configuration serves approximately 35,000 managed devices, downloading a 2-GB payload in 24-hour timeframe at a sustained rate of 6.5 Gbps.
+
+For more information on sizing and OS requirements, see [the prerequisites for using MCC](mcc-ent-prerequisites.md).
+
+
+## Create MCC Azure resource
+
+# [Azure portal](#tab/portal)
+
+1. In the [Azure portal](https://portal.azure.com), select **Create a Resource** and search for "Microsoft Connected Cache for Enterprise and Education".
+<!--
+    :::image type="content" source="images/mcc-isp-provision-cache-node-numbered.png" alt-text="Screenshot of the Azure portal depicting the cache node configuration page of a cache node. This screenshot shows all of the fields you can choose to configure the cache node." lightbox="./images/mcc-isp-provision-cache-node-numbered.png":::  
+-->
+
+1. Select the Microsoft Connected Cache for Enterprise resource. When prompted, choose the subscription, resource group, and location for the resource. Then enter a name for the resource and select Review + Create.
+
+1. After a few moments, you'll see a "Validation successful" message, indicating you can move onto the next step and select Create.
+
+1. The creation of the resource might take a few minutes. After a successful creation, you'll see a Deployment complete page as below. Select Go to resource to create cache nodes.
+
+
+# [Azure CLI](#tab/cli)
+
+### Prerequisites
+
+* An Azure CLI environment:
+
+  * Use the Bash environment in [Azure Cloud Shell](/azure/cloud-shell/get-started/classic).
+
+  * Or, if you prefer to run CLI reference commands locally, [install the Azure CLI](/cli/azure/install-azure-cli)
+
+    * Sign in to the Azure CLI by using the [az login](/cli/azure/reference-index#az-login) command.
+
+    * Run [az version](/cli/azure/reference-index#az-version) to find the version and dependent libraries that are installed. To upgrade to the latest version, run [az upgrade](/cli/azure/reference-index#az-upgrade).
+
+    * Install Azure CLI extension **mcc** by following the instructions [here](/cli/azure/azure-cli-extensions-overview#how-to-install-extensions).
+
+    * Resource group under which an MCC resource can be created. Use the [az group create](/cli/azure/group#az-group-create) command to create a new Resource group if you don't already have one.
+
+#### Create MCC Azure resource
+
+Replace the following placeholders with your own information:
+* *\<resource-group>*: An existing resource group in your subscription.
+* *\<mcc-resource-name>*: A name for your Microsoft Connected Cache for Enterprise resource.
+* *\<location>*: The Azure region where your Microsoft Connected Cache will be located.
+
+```azurecli-interactive
+az mcc ent resource create --mcc-resource-name <mymccresource> --resource-group <myrg> --location <region>
+```
+
+---
+
+## Create MCC cache node
+
+# [Azure portal](#tab/portal)
+
+  1. Open Azure portal and navigate to the Microsoft Connected Cache for Enterprise resource that you created.<br>
+  1. Under Cache Node Management, select on Cache Nodes and then on + Create Cache Node.<br>
+  
+  1. Provide a name for your cache node and select the host OS you plan to deploy the cache node on and select create. Note, cache node names have to be unique under the Microsoft Connected Cache resource.
+  <!--
+    :::image type="content" source="images/mcc-isp-provision-cache-node-numbered.png" alt-text="Screenshot of the Azure portal depicting the cache node configuration page of a cache node. This screenshot shows all of the fields you can choose to configure the cache node." lightbox="./images/mcc-isp-provision-cache-node-numbered.png":::  
+    -->
+  The creation of cache node might take a few minutes. Select Refresh to see your recently created cache node.
+Once the cache node state changes to **Not Configured**, you can now configure your cache node.<br>
+To know more about different cache node state, see [Cache node states](#cache-node-states).
+
+
+# [Azure CLI](#tab/cli)
+
+Use the following command to create a new cache node if you don't already have one.
+
+Replace the following placeholders with your own information:
+* *\<resource-group>*: An existing resource group in your subscription.
+* *\<mcc-resource-name>*: A name for your Microsoft Connected Cache for Enterprise resource.
+* *\<cache-node-name>*: The Azure region where your Microsoft Connected Cache will be located.
+* *\<host-os>*: The OS on which cache node will be provisioned.
+  Accepted values: windows, linux
+
+```azurecli-interactive
+az mcc ent node create --cache-node-name <mycachenode> --mcc-resource-name <mymccresource> --resource-group <myrg> --host-os <linux>
+```
+
+<br>
+
+>[!NOTE]
+>To ensure cache node has been created successfully, please run the following command before continuing with cache node configuration.
+>```azurecli-interactive
+>az mcc ent node show --cache-node-name <mycachenode> --mcc-resource-name <mymccresource> --resource-group <myrg>  
+>```
+>In the output look for cacheNodeState. If ***cacheNodeState = Not Configured***, you can continue with cache node configuration.
+>If ***cacheNodeState = Registration in Progress***, then the cache node is still in process of being created. Please wait for a minute or two more and run the command again.
+>To know more about different cache node state, see [Cache node states](#cache-node-states).
+
+---
+
+## Configure MCC cache node
+
+# [Azure portal](#tab/portal)
+Enter required values to configure your cache node. To learn more about the definitions of each field, review the [Configuration](#general-configuration-fields) fields at the bottom of this article.
+Don't forget to select save after adding configuration information.
+
+
+# [Azure CLI](#tab/cli)
+
+### Configure Linux MCC
+Use the following command to configure cache node for deployment to a **Linux** host machine.
+
+Replace the following placeholders with your own information:
+
+* *\<resource-group>*: An existing resource group in your subscription.
+* *\<mcc-resource-name>*: A name for your Microsoft Connected Cache for Enterprise resource.
+* *\<cache-node-name>*: The Azure region where your Microsoft Connected Cache will be located.
+* *\<physical-path>*: The cache drive path. You can add upto nine cache drives.
+* *\<size-in-gb>*: The size of cache drive. Must be at least 50 Gb.
+* *\<proxy>*: If proxy needs to be enabled or not.<br>
+  Accepted values: enabled, disabled<br>
+  Proxy should be set to enabled if the cache node will need to pass through a network proxy to download content. The provided proxy will also be used during deployment of the MCC cache node to your host machine.
+* *\<proxy-host>*: The proxy host name or ip address. Required if proxy is set to enabled.
+* *\<proxy-port>*: Proxy port number. Required if proxy is set to enabled.
+* *\<auto-update-ring>*: Update ring the cache node should have.<br>
+  Accepted values: slow, fast.<br>
+  If update ring is set to slow, you must provide the day of week, time of day and week of month the cache node should be updated.
+* *\<auto-update-day>*: The day of the week cache node should be updated. Week starts from Monday.<br>
+  Accepted values: 1,2,3,4,5,6,7
+* *\<auto-update-time>*: The time of day cache node should be updated in 24 hour format (hh:mm)
+* *\<auto-update-week>*: The week of month cache node should be updated.<br>
+  Accepted values: 1,2,3,4
+
+```azurecli-interactive
+az mcc ent node update --cache-node-name <mycachenode> --mcc-resource-name <mymccresource> --resource-group <myrg>
+--cache-drive "[{physical-path:</physical/path>,size-in-gb:<size of cache drive>},{</physical/path>,size-in-gb:<size of cache drive>}...]"> --proxy <enabled> --proxy-host <"proxy host name"> --proxy-port <proxy port>  --auto-update-day <day of week> --auto-update-time <time of day> --auto-update-week <week of month> --auto-update-ring <update ring>
+```
+
+<br>
+<br>
+
+### Configure Windows MCC
+Use the following command to configure cache node for deployment to a **Windows** host machine.
+
+Replace the following placeholders with your own information:
+  
+* *\<resource-group>*: An existing resource group in your subscription.
+* *\<mcc-resource-name>*: A name for your Microsoft Connected Cache for Enterprise resource.
+* *\<cache-node-name>*: The Azure region where your Microsoft Connected Cache will be located.
+* *\<physical-path>*: The cache drive path.<br>
+  Accepted value: /var/mcc
+* *\<size-in-gb>*: The size of cache drive. Must be at least 50 Gb.
+* *\<proxy>*: If proxy needs to be enabled or not.<br>
+  Accepted values: enabled, disabled<br>
+  Proxy should be set to enabled if the cache node will need to pass through a network proxy to download content. The provided proxy will also be used during deployment of the MCC cache node to your host machine.
+* *\<proxy-host>*: The proxy host name or ip address. Required if proxy is set to enabled.
+* *\<proxy-port>*: Proxy port number. Required if proxy is set to enabled.
+* *\<auto-update-ring>*: Update ring the cache node should have.<br>
+  Accepted values: slow, fast.<br>
+  If update ring is set to slow, you must provide the day of week, time of day and week of month the cache node should be updated.
+* *\<auto-update-day>*: The day of the week cache node should be updated. Week starts from Monday.<br>
+  Accepted values: 1,2,3,4,5,6,7
+* *\<auto-update-time>*: The time of day cache node should be updated in 24 hour format (hh:mm)
+* *\<auto-update-week>*: The week of month cache node should be updated.<br>
+  Accepted values: 1,2,3,4
+  
+```azurecli-interactive
+az mcc ent node update --cache-node-name <mycachenode> --mcc-resource-name <mymccresource> --resource-group <myrg>
+--cache-drive "[{physical-path:/var/mcc,size-in-gb:<size of cache drive>}]" --proxy <enabled> --proxy-host <"proxy host name"> --proxy-port <proxy port>  --auto-update-day <day of week> --auto-update-time <time of day> --auto-update-week <week of month> --auto-update-ring <update ring>
+```
+
+---
+
+## Next step
+
+### [Azure portal](#tab/portal)
+To deploy the cache node to a **Windows** host machine, see 
+>[!div class="nextstepaction"]
+>[Deploy cache node to Windows](mcc-ent-deploy-to-windows.md)
+
+To deploy the cache node to a **Linux** host machine, see 
+>[!div class="nextstepaction"]
+>[Deploy cache node to Linux](mcc-ent-deploy-to-linux.md)
+
+### [Azure CLI](#tab/cli)
+To deploy cache nodes using Azure CLI, see 
+>[!div class="nextstepaction"]
+>[Manage cache nodes using CLI](mcc-ent-manage-cache-using-CLI.md)
+
+---
+<br>
+<br>
+
+
+### General configuration fields
+
+| Field Name |Expected Value |Description|
+|---|---|---|
+|**Cache node name** | Alphanumeric string that contains no spaces| The name of the cache node. You may choose names based on location such as "Seattle-1". This name must be unique and can't be changed later |
+|**Host OS** | Linux or Windows| This is the operating system of the host machine that the cache node will be deployed to.|
+
+### Storage fields
+
+##### Cache node for Linux
+
+>[!Important]
+>All cache drives must have full read/write permissions set or the cache node will not function. For example, in a terminal you can run: sudo chmod 777 /path/to/cachedrivefolder
+<br>
+
+| Field Name |Expected Value |Description|
+|---|---|---|
+|**Cache drive folder**| File path string |Up to nine drive folders accessible by the cache node can be configured for each cache node to configure cache storage. Enter the location of the folder in Ubuntu where the external physical drive is mounted. For example: /dev/sda3/. Each cache drive should have read/write permissions configured. Ensure your disks are mounted and visit Attach a data disk to a Linux VM for more information.|
+|**Cache drive size in gigabytes**| Integer in GB| Set the size of each drive configured for the cache node. Minimum cache drive size is 50 GB.|
+
+##### Cache node for Windows
+
+| Field Name |Expected Value |Description|
+|---|---|---|
+|**Cache drive folder**| File path string /var/mcc| This is the folder path where content is cached. You can't change the folder path.|
+|**Cache drive size in gigabytes**| Integer in GB| Set the size of each drive configured for the cache node. Minimum cache drive size is 50 GB. |
+
+#### Proxy settings
+<br>
+You can choose to enable or disable proxy settings on your cache node. Proxy should be set to enabled if the cache node will need to pass through a network proxy to download content. The provided proxy will also be used during deployment of the MCC cache node to your host machine.
+
+<br>
+
+>[!IMPORTANT]
+>Enabling or disabling the proxy settings after your cache node has been deployed will require running the provisioning script on the host machine again. This will ensure that proxy changes are in effect on the cache node. 
+
+| Field Name	|Expected Value	 |Description|
+|---|---|---|
+|**Proxy host name**|	String or number|	Proxy host name or address|
+|**Proxy port**|	Integer|	Proxy port
+
+<br>
+
+##### Cache node states
+| Cache node state |Description|
+|---|---|
+|Creation in progress| Cache node is being created|
+|Registration in progress| Cache node is being registered|
+|Not configured| Cache node is ready to be configured|
+|Not provisioned| Cache node is ready to be provisioned on host machine|
+|Healthy| Cache node phoning home|
+|Unhealthy| Cache node has stopped phoning home|
+|Never phoned home| Cache node has provisioned but has never phoned home|
\ No newline at end of file
diff --git a/windows/deployment/do/mcc-ent-deploy-to-linux.md b/windows/deployment/do/mcc-ent-deploy-to-linux.md
new file mode 100644
index 0000000000..2c6895762d
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-deploy-to-linux.md
@@ -0,0 +1,60 @@
+---
+title: Deploy MCC cache software to a Linux host machine
+description: Details on how to deploy Microsoft Connected Cache for Enterprise and Education (MCC) cache software to a Linux host machine.
+author: chrisjlin
+ms.author: lichris
+manager: naengler
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+ms.date: 09/27/2024
+appliesto: 
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
+---
+
+# Deploy Microsoft Connected Cache caching software to a Linux host machine
+
+This article describes how to deploy Microsoft Connected Cache for Enterprise and Education (MCC) caching software to a Linux host machine.
+
+Before deploying MCC to a Linux host machine, ensure that the host machine meets all [requirements](mcc-ent-prerequisites.md), and that you have [created and configured your MCC Azure resource and cache node](mcc-ent-create-resource-and-cache.md).
+
+## Steps to deploy MCC cache node to Linux
+
+# [Azure portal](#tab/portal)
+
+1. Within the Azure portal, navigate to the "Provisioning" tab of your cache node and copy the provisioning command.
+1. Download the provisioning package using the button at the top of the Cache Node Configuration page and extract the package onto the host machine.
+1. Open a command line window *as administrator* on the host machine, then change directory to the extracted provisioning package.
+1. Set access permissions to allow the `provisionmcc.sh` script within the provisioning package directory to execute.
+1. Run the provisioning command on the host machine.
+
+# [Azure CLI](#tab/cli)
+
+To deploy a cache node programmatically, you'll need to use Azure CLI to get the cache node's provisioning details and then run the provisioning command on the host machine.
+
+1. To get the cache node's provisioning details, use `az mcc ent node get-provisioning-details`
+
+   ```azurecli-interactive
+   az mcc ent node get-provisioning-details --cache-node-name mycachenode --mcc-resource-name mymccresource --resource-group myrg
+   ```
+
+1. Save the resulting output. These values will be passed as parameters within the provisioning command.
+1. Download and extract the [MCC provisioning package for Linux](https://aka.ms/MCC-Ent-InstallScript-Linux) to your host machine.
+1. Open a command line window *as administrator* on the host machine, then change directory to the extracted provisioning package.
+1. Set access permissions to allow the `provisionmcc.sh` script within the provisioning package directory to execute.
+1. Replace the values in the following provisioning command before running it on the host machine.
+
+   ```azurepowershell-interactive
+   sudo ./provisionmcc.sh customerid="enter mccResourceId here" cachenodeid=" enter cacheNodeId here " customerkey=" enter customerKey here " registrationkey="enter registrationKey here" drivepathandsizeingb="enter physicalPath value,enter sizeInGb value here" shoulduseproxy="enter true if present, enter false if not" proxyurl=http://enter proxy hostname:enter port
+   ```
+
+## Next step
+
+> [!div class="nextstepaction"]
+> [Verify cache node functionality](mcc-ent-verify-cache-node.md)
+
+## Related content
+
+- [Deploy to a Windows host machine](mcc-ent-deploy-to-windows.md)
+- [Uninstall MCC](mcc-ent-uninstall-cache-node.md)
\ No newline at end of file
diff --git a/windows/deployment/do/mcc-ent-deploy-to-windows.md b/windows/deployment/do/mcc-ent-deploy-to-windows.md
new file mode 100644
index 0000000000..50b3544290
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-deploy-to-windows.md
@@ -0,0 +1,70 @@
+---
+title: Deploy MCC cache software to a Windows host machine
+description: Details on how to deploy Microsoft Connected Cache for Enterprise and Education (MCC) cache software to a Windows host machine.
+author: chrisjlin
+ms.author: lichris
+manager: naengler
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+ms.date: 09/27/2024
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
+---
+
+# Deploy Microsoft Connected Cache caching software to a Windows host machine
+
+This article describes how to deploy Microsoft Connected Cache for Enterprise and Education (MCC) caching software to a Windows host machine.
+
+Deploying MCC to a Windows host machine requires designating a [Group Managed Service Account (gMSA)](/windows-server/security/group-managed-service-accounts/getting-started-with-group-managed-service-accounts) or a [Local User Account](https://support.microsoft.com/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d) as the MCC runtime account. This prevents tampering with the MCC container and the cached content on the host machine.
+
+Before deploying MCC to a Windows host machine, ensure that the host machine meets all [requirements](mcc-ent-prerequisites.md), and that you have [created and configured your MCC Azure resource](mcc-ent-create-resource-and-cache.md).
+
+## Steps to deploy MCC cache node to Windows
+
+# [Azure portal](#tab/portal)
+
+1. Within the Azure portal, navigate to the "Provisioning" tab of your cache node and copy the provisioning command.
+1. Download the provisioning package using the button at the top of the Cache Node Configuration page and extract the package onto the host machine.
+1. Open a PowerShell window *as administrator* on the host machine, then change directory to the extracted provisioning package.
+1. Set the Execution Policy to "Unrestricted" to allow the provisioning scripts to run.
+1. Create a `$User` environment variable containing the username of the account you intend to designate as the MCC runtime account. For gMSAs, the value should be formatted as `"Domain\Username$"`. For Local User accounts, `$User` should be formatted as `"LocalMachineName\Username"`.
+
+   If you're using a Local User account as the MCC runtime account, you'll also need to create a [PSCredential Object](/dotnet/api/system.management.automation.pscredential) named `$myLocalAccountCredential`.
+
+1. Run the provisioning command on the host machine.
+
+# [Azure CLI](#tab/cli)
+
+To deploy a cache node programmatically, you'll need to use Azure CLI to get the cache node's provisioning details and then run the provisioning command on the host machine.
+
+1. To get the cache node's provisioning details, use `az mcc ent node get-provisioning-details`.
+
+   ```azurecli-interactive
+   az mcc ent node get-provisioning-details --cache-node-name mycachenode --mcc-resource-name mymccresource --resource-group myrg
+   ```
+
+1. Save the resulting output. These values will be passed as parameters within the provisioning command.
+1. Download and extract the [MCC provisioning package for Windows](https://aka.ms/MCC-Ent-InstallScript-WSL) to your host machine.
+1. Open a PowerShell window *as administrator* on the host machine, then change directory to the extracted provisioning package.
+1. Set the Execution Policy to "Unrestricted" to allow the provisioning scripts to run.
+1. Create a `$User` environment variable containing the username of the account you intend to designate as the MCC runtime account. For gMSAs, the value should be formatted as `"Domain\Username$"`. For Local User accounts, `$User` should be formatted as `"LocalMachineName\Username"`.
+
+   If you're using a Local User account as the MCC runtime account, you'll also need to create a [PSCredential Object](/dotnet/api/system.management.automation.pscredential) named `$myLocalAccountCredential`.
+
+1. Replace the values in the following provisioning command before running it on the host machine. Note that `-mccLocalAccountCredential $myLocalAccountCredential` is only needed if you are using a Local User account as the MCC runtime account.
+
+   ```powershell-interactive
+   ./provisionmcconwsl.ps1 -installationFolder c:\mccwsl01 -customerid [enter mccResourceId here] -cachenodeid [enter cacheNodeId here] -customerkey [enter customerKey here] -registrationkey [enter registration key] -cacheDrives "/var/mcc,enter drive size"  -shouldUseProxy [enter true if present, enter false if not] -proxyurl "http://[enter proxy host name]:[enter port]"  -mccRunTimeAccount $User -mccLocalAccountCredential $myLocalAccountCredential
+   ```
+
+## Next step
+
+> [!div class="nextstepaction"]
+> [Verify cache node functionality](mcc-ent-verify-cache-node.md)
+
+## Related content
+
+- [Deploy to a Linux host machine](mcc-ent-deploy-to-linux.md)
+- [Uninstall MCC](mcc-ent-uninstall-cache-node.md)
diff --git a/windows/deployment/do/mcc-ent-edu-overview.md b/windows/deployment/do/mcc-ent-edu-overview.md
index b17beaa30a..601992fa5b 100644
--- a/windows/deployment/do/mcc-ent-edu-overview.md
+++ b/windows/deployment/do/mcc-ent-edu-overview.md
@@ -1,6 +1,6 @@
 ---
-title: MCC for Enterprise and Education Overview
-description: Overview, supported scenarios, and content types for Microsoft Connected Cache (MCC) for Enterprise and Education.
+title: MCC Overview
+description: Overview, supported scenarios, and content types for Microsoft Connected Cache for Enterprise and Education (MCC).
 ms.service: windows-client
 ms.subservice: itpro-updates
 ms.topic: conceptual
@@ -13,61 +13,83 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 - ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
-ms.date: 05/23/2024
+ms.date: 05/09/2023
 ---
 
 # Microsoft Connected Cache for Enterprise and Education Overview
 
 > [!IMPORTANT]
->
 > - Microsoft Connected Cache is currently a preview feature. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-> - As we near the release of public preview, we have paused onboarding. Please continue to submit the form to express interest so we can follow up with you once public preview of Microsoft Connected Cache for Enteprise and Education is available. To register your interest, fill out the form located at [https://aka.ms/MSConnectedCacheSignup](https://aka.ms/MSConnectedCacheSignup).
 
-Microsoft Connected Cache (MCC) for Enterprise and Education (early preview) is a software-only caching solution that delivers Microsoft content within Enterprise and Education networks. MCC can be deployed to as many Windows servers, bare-metal servers, or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying the client policy using management tools such as Intune.
+Microsoft Connected Cache (MCC) for Enterprise and Education (preview) is a software-only caching solution that delivers Microsoft content within Enterprise and Education networks. MCC can be managed from an Azure portal or through Azure CLI and can be deployed to as many Windows devices, Linux devices, or VMs as needed. Managed Windows devices can be configured to download cloud content from a Connected Cache server by applying the client policy using management tools such as Intune.<br>
 
-Microsoft Connected Cache (MCC) for Enterprise and Education (early preview) is a standalone cache for customers moving towards modern management and away from Configuration Manager distribution points. For information about Microsoft Connected Cache in Configuration Manager (generally available, starting Configuration Manager version 2111), see [Microsoft Connected Cache in Configuration Manager](/mem/configmgr/core/plan-design/hierarchy/microsoft-connected-cache).
+Microsoft Connected Cache (MCC) for Enterprise and Education (preview) is a standalone cache for customers moving towards modern management and away from Configuration Manager distribution points. For information about Microsoft Connected Cache in Configuration Manager (generally available, starting Configuration Manager version 2111), see [Microsoft Connected Cache in Configuration Manager](/configmgr/core/plan-design/hierarchy/microsoft-connected-cache).
 
-## Supported scenarios
+Microsoft Connected Cache deployed directly to Windows relies on [Windows Subsystem for Linux] (windows/wsl/about) and either a [Group Managed Service Account](/windows-server/identity/ad-ds/manage/group-managed-service-accounts/group-managed-service-accounts/getting-started-with-group-managed-service-accounts), local user account, or domain user account are required to run WSL. WSL needs to run in a user context and any user, even if the currently logged-in user, could be used to run WSL and Microsoft Connected Cache.<br>
 
-Connected Cache (early preview) supports the following scenarios:
+### Supported scenarios and deployments
 
-- Pre-provisioning of devices using Windows Autopilot
-- Cloud-only devices, such as Intune-enrolled devices
+Microsoft Connected Cache for Enterprise and Education (preview) is intended to support the following content delivery scenarios:<br>
+* Pre-provisioning of devices using Windows Autopilot<br>
+* Co-managed clients that get monthly update and Win32 apps from Microsoft Intune. For more information, see Support for Intune Win32 apps.<br>
+* Cloud-only managed devices, such as Intune-enrolled devices without the Configuration Manager client, that get monthly update and Win32 apps from Microsoft Intune. For more information, see Support for cloud-managed devices.<br>
 
-## Supported content types
+Microsoft Connected Cache is built for flexible deployments to support a number of enterprise configurations:
 
+##### Branch office
+Customers may have globally dispersed offices that meet the following parameters:
+* 10 – 50 Windows Clients
+* No dedicated server hardware
+* Internet bandwidth is great to limited (satellite internet)
+* Possibly intermittent connectivity
+<br>
+To support the branch the branch office scenario, customers can deploy to a Windows 11 client (see Host machine requirements) device.
+
+##### Large Enterprise
+Customers may have office spaces, data centers, or Azure deployments that meet the following parameters:  
+* 100's or 1,000's of Windows devices (client or server).
+* Existing hardware – Decommissioned DP, file server, cloud print server
+* Azure VMs and Azure Virtual Desktop
+* Internet bandwidth is great to limited (T1)
+
+
+### Supported content types
 When clients download cloud-managed content, they use Delivery Optimization from the cache server installed on a Windows server or VM. Cloud-managed content includes the following types:
+* Windows updates: Windows feature and quality updates
+* Office Click-to-Run apps: Microsoft 365 Apps and updates
+* Client apps: Intune, store apps, and updates
+* Endpoint protection: Windows Defender definition updates
 
-- Windows updates: Windows feature and quality updates
-- Office Click-to-Run apps: Microsoft 365 Apps and updates
-- Client apps: Intune, store apps, and updates
-- Endpoint protection: Windows Defender definition updates
+For the full list of content endpoints that Microsoft Connected Cache for Enterprise and Education supports, see [Microsoft Connected Cache content and services endpoints](delivery-optimization-endpoints.md).<br>
 
-For the full list of content endpoints that Microsoft Connected Cache for Enterprise and Education supports, see [Microsoft Connected Cache content and services endpoints](delivery-optimization-endpoints.md).
+### Hardware or VM Requirements
+See [Host machine requirements](mcc-ent-prerequisites.md) for complete details.
+
+|Deployment Scenarios| Download Speed Range | Download Speeds and Content Volume Delivered in 8 Hours | VM/Hardware Recommendation |
+|---|---|---|---|
+|Branch Office|< 1 Gbps Peak| 500 Mbps - 1,800 GB </br></br> 250 Mbps - 900 GB </br></br> 100 Mbps - 360 GB </br></br> 50 Mbps - 180 GB| 4 Cores </br></br> Up to 8 GB Memory with 4 GB of Free </br></br> 100 GB free disk space|
+|Small to Medium Enterprises/Autopilot Provisioning Center - 50 - 500 devices in a single location|1 - 5 Gbps| 5 Gbps - 18,000 GB </br></br>3 Gbps - 10,800 GB </br></br>1 Gbps - 3,600 GB| 8 Cores </br></br> Up to 16 GB Memory with 4 GB of Free </br></br> 500 GB free disk space|
+|Medium to Large Enterprises/Autopilot Provisioning Center - 500 - 5,000 devices|5 - 101 Gbps Peak|   9 Gbps - 32,400 GB </br></br> 5 Gbps - 18,000 GB </br></br>3 Gbps - 10,800 GB| 16 Cores</br></br> 32 GB Memory with 4 GB of Free </br></br> 2 200-500 GB SSDs|
+
+<br>
 
 ## How it works
 
-MCC is a hybrid (mix of on-premises and cloud resources) SaaS solution built as an Azure IoT Edge module and Docker compatible Linux container deployed to your Windows devices. The Delivery Optimization team chose IoT Edge for Linux on Windows (EFLOW) as a secure, reliable container management infrastructure. EFLOW is a Linux virtual machine, based on Microsoft's first party CBL-Mariner operating system. It's built with the IoT Edge runtime and validated as a tier 1 supported environment for IoT Edge workloads. MCC is a Linux IoT Edge module running on the Windows Host OS.  
+The following diagram displays an overview of how MCC functions:<br>
 
-1. The Azure Management Portal is used to create MCC nodes.
-1. The MCC container is deployed and provisioned to the server using the installer provided in the portal.
-1. Client policy is set in your management solution to point to the IP address or FQDN of the cache server.
-1. Microsoft end-user devices make range requests for content from the MCC node.
-1. The MCC node pulls content from the CDN, seeds its local cache stored on disk, and delivers the content to the client.
-1. Subsequent requests from end-user devices for content will now come from cache.
-1. If the MCC node is unavailable, the client pulls content from CDN to ensure uninterrupted service for your subscribers.
+:::image type="content" source="./images/mcc_ent_publicpreview.png" alt-text="Diagram displaying the components of MCC." lightbox="./images/mcc_ent_publicpreview.png":::
 
-The following diagram displays an overview of how MCC functions:
 
-:::image type="content" source="./images/waas-mcc-diag-overview.png" alt-text="Diagram displaying the components of MCC." lightbox="./images/waas-mcc-diag-overview.png":::
+1. The Azure management portal for Microsoft Connected Cache or CLI are used to create cache nodes, configure deployments, including unauthenticated proxy settings.
+1. Prepare Windows or Linux devices. If deploying to Windows devices, prepare accounts - gMSA, local user account, domain account. Deploy to Windows or Linux devices using scripts.
+1. The Microsoft Connected Cache container is deployed to the device using Azure IoT Edge container management services and the cache server begins reporting status and metrics to Delivery Optimization services.
+1. The DOCacheHost setting is configured using Intune or other MDM, DHCP custom option, or registry key.
+1. Devices request content from the cache server, the cache server forwards the requests to the CDN and fills the cache, the cache server delivers the content requested to the devices, and uses Peer to Peer (depending on DO Download mode settings) for all DO content. 
+1. Devices can fallback to CDN if cache server is unavailable for any reason or use Delivery Optimization delay fallback to http (CDN )settings to prefer the local cache server.
+Customers can view data regarding Microsoft Connected Cache downloads on management portal and Windows Update for Business reports
 
-## IoT Edge
 
-Even though your MCC scenario isn't related to IoT, Azure IoT Edge is used as a more generic Linux container deployment and management infrastructure. The Azure IoT Edge runtime sits on your designated MCC device and performs management and communication operations. The runtime performs several functions important to manage MCC on your edge device:
+## Next step
 
-1. Installs and updates MCC on your edge device.
-1. Maintains Azure IoT Edge security standards on your edge device.
-1. Ensures that MCC is always running.
-1. Reports MCC health and usage to the cloud for remote monitoring.
-  
-For more information on Azure IoT Edge, see the Azure IoT Edge [documentation](/azure/iot-edge/about-iot-edge).
+>[!div class="nextstepaction"]
+>[Create MCC Azure resources](mcc-ent-create-resource-and-cache.md)
\ No newline at end of file
diff --git a/windows/deployment/do/mcc-ent-faq.yml b/windows/deployment/do/mcc-ent-faq.yml
new file mode 100644
index 0000000000..390275b4b8
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-faq.yml
@@ -0,0 +1,72 @@
+### YamlMime:FAQ
+metadata:
+  title: MCC Frequently Asked Questions
+  description: The following article is a list of frequently asked questions for Microsoft Connected Cache for Enterprise (MCC).
+  ms.service: windows-client
+  ms.subservice: itpro-updates
+  ms.topic: faq
+  ms.author: nidos
+  author: doshnid
+  ms.reviewer: mstewart
+  manager: aaroncz
+  ms.collection:
+    - highpri
+    - tier3
+  appliesto: 
+    - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+    - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
+  ms.date: 06/03/2024
+title: Microsoft Connected Cache for Enterprise Frequently Asked Questions
+summary: |
+  Frequently asked questions about Microsoft Connected Cache for Enterprise
+  
+sections:
+  - name: Ignored
+    questions:
+      - question: Is this product a free service?
+        answer: Yes. Microsoft Connected Cache is a free service.  
+      - question: Is there a nondisclosure agreement to sign?
+        answer: No, a nondisclosure agreement isn't required.
+      - question: What are the prerequisites and hardware requirements?
+        answer:  | 
+         - [Azure pay-as-you-go subscription](https://azure.microsoft.com/offers/ms-azr-0003p/).
+         - [Hardware to host Microsoft Connected Cache](mcc-ent-edu-overview.md)
+         - [Host machine requirements](mcc-ent-prerequisites.md)
+      - question: What host OS do I need to deploy MCC?
+        answer: You can use Linux or Windows OS. Depending on the OS, the provisioning script and certain provisioning steps are different. 
+      - question: What content is cached by Microsoft Connected Cache?
+        answer: For more information about content cached, see [Delivery Optimization and Microsoft Connected Cache content endpoints](delivery-optimization-endpoints.md).
+      - question: Do I need to provide hardware BareMetal server or a virtual machine (VM)?
+        answer: Microsoft Connected Cache is a software-only caching solution and requires you to provide your own server to host the software.   
+      - question: Can we use hard drives instead of SSDs?
+        answer: We highly recommend using SSDs as Microsoft Connected Cache is a read intensive application. We also recommend using multiple drives to improve performance.
+      - question: Where should we install Microsoft Connected Cache?
+        answer: You are in control of your hardware and you can pick the location based on your traffic and end clients. You can choose the location where you have your routers or where you have dense traffic or any other parameters.   
+      - question: How can I set up a gMSA account?
+        answer: For more information about gMSA accounts, see [Learn how to provision a Group Managed Service Account on a Domain Controller](/windows-server/identity/ad-ds/manage/group-managed-service-accounts/group-managed-service-accounts/getting-started-with-group-managed-service-accounts#create-group-managed-service-accounts). Make sure that your gMSA has been granted permissions to "Log on as batch job" within the host machine's [local security policies](/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings).
+      - question: How can I set up a local account?
+        answer: For more information, see [Learn how to provision a Local User Account](https://support.microsoft.com/topic/104dc19f-6430-4b49-6a2b-e4dbd1dcdf32). Make sure that your gMSA has been granted permissions to "Log on as batch job" within the host machine's [local security policies](/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings).
+      - question: Where can I monitor cache node usage?
+        answer: You can monitor your cache node usage on Azure portal. For more information, see [Monitor cache node usage Info on Reporting Capabilities](mcc-ent-monitoring.md).
+      - question: Does Microsoft Connected Cache support Xbox or Microsoft Teams content?
+        answer: Currently, Microsoft Connected Cache doesn't support Xbox or Microsoft Teams content. However, supporting Xbox content is of high priority, and we expect this feature soon. We'll let you know as soon as it becomes available!
+      - question: How does Microsoft Connected Cache populate its content? Can I precache content?
+        answer: Microsoft Connected Cache is a cold cache warmed by client requests at the byte range level so your clients only request the content they need. The client requests content and that is what fills the cache which means there's no cache fill necessary. "Preseeding" can be achieved but use of update rings. A test ring or early adopter ring can be used to fill the cache and all subsequent requests by other clients will come from cache.
+      - question: How long would a piece of content live within the Microsoft Connected Cache? Is content purged from the cache?
+        answer: Once a request for said content is made, NGINX looks at the cache control headers from the original acquisition. If that content is expired, NGINX continues to serve the stale content while it's downloading the new content. We cache the content for 30 days. The content is in the hot cache path (open handles and such) for 24 hrs, but will reside on disk for 30 days. The drive fills up and nginx starts to delete content based on its own algorithm, probably some combination of least recently used.
+      - question: Is it possible to not update the Microsoft Connected Cache software or delay update longer than the timeline provided in the updates configuration?
+        answer: No. It's important to keep the Microsoft Connected Cache software up to date, especially when it comes to security issues. Microsoft validates updates prior to releasing Enterprises Connected Cache updates and will only release updates when it's necessary to keep customers secure or to ensure the continued successful operation of Connected Cache nodes for customers.  
+      - question: How do I set up CLI?
+        answer: For more information, see [How to install the Azure CLI](/cli/azure/install-azure-cli).
+      - question: How do I install MCC extension?
+        answer: For more information, see [Install the Microsoft Connected Cache extension](mcc-ent-install-extension.md).
+      - question: What do I do if I have to set up or change existing proxy?
+        answer: You can enable proxy and provide proxy information on Azure portal or use the CLI. Don't forget to rerun the provisioning script after making any proxy changes. For more information, see [Set up or change existing proxy](mcc-ent-proxy.md).
+      - question: How do we set up Microsoft Connected Cache if we support multiple countries or regions?
+        answer: Microsoft Connected Cache isn't a service that has dependency on a specific Azure region, and there isn't personal or organizational identifiable information stored in the resource that necessitates data residency. The three regions that the Connected Cache resource can be deployed to are (Europe) North Europe, (Asia Pacific) Korea Central, and (US) West US.
+      - question: Should I use a gMSA, local user, or domain account to deploy Microsoft Connected Cache to Windows?
+        answer: There are pros and cons to the account options available to customers. We anticipate that security and manageability are top priories for customers. Microsoft provides guidance on both Active Directory and Microsoft Entra-based service accounts ([Introduction to Active Directory service accounts - Choose the right type of service account](/entra/architecture/service-accounts-on-premises#types-of-on-premises-service-accounts)) and user-based service accounts ([Secure user-based service accounts in Active Directory)](/entra/architecture/service-accounts-user-on-premises#assess-on-premises-user-account-security)).
+      - question: Does the user have to be logged using the account that installed Microsoft Connected Cache on Windows or Linux?
+        answer: No. As part of the installation on Windows a scheduled task is created using the account used to install Connected Cache. Regardless of which user is logged in or not logged in, the schedule task remains running. On Linux Connected Cache is installed by the user and remains running regardless of which user is logged in to the OS.
+      - question: What do I do if I need more support and have more questions even after reading this FAQ page?
+        answer: For further support for Microsoft Connected Cache, see [Troubleshooting issues for Microsoft Connected Cache for Enterprise and Education](mcc-ent-support-and-troubleshooting.md). If you still need more support, you can contact customer support.
\ No newline at end of file
diff --git a/windows/deployment/do/mcc-ent-manage-cache-using-cli.md b/windows/deployment/do/mcc-ent-manage-cache-using-cli.md
new file mode 100644
index 0000000000..c48dd5e04b
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-manage-cache-using-cli.md
@@ -0,0 +1,209 @@
+---
+title: Manage MCC cache nodes using CLI
+description: Details on how to manage Microsoft Connected Cache for Enterprise (MCC) cache nodes via Azure CLI commands.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+manager: aaroncz
+ms.author: nidos
+author: doshnid
+ms.reviewer: mstewart
+ms.collection: tier3
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise</a>	
+ms.date: 06/03/2024
+---
+
+# Manage cache nodes using CLI
+
+<br>
+
+This article outlines how to create, configure, and deploy Microsoft Connected Cache for Enterprise (MCC) cache nodes using Azure CLI.
+
+ 
+## Prerequisites:
+1. **Install Azure CLI**: [How to install the Azure CLI](/cli/azure/install-azure-cli)
+1. **Install MCC extension**: Install MCC extension via the command below
+
+```azurecli-interactive
+az extension add --name mcc
+```
+
+To learn more about installting extensions, visit [Install the MCC extension.](/cli/azure/azure-cli-extensions-overview#how-to-install-extensions)
+
+<br>
+<br>
+
+### 1. Create a Resource group
+
+The first step is to create a resource group if you don't already have one.
+An Azure resource group is a logical container into which Azure resources are deployed and managed.
+
+To create a resource group, use `az group create`. You can find more details on this CLI command [here](/cli/azure/group#az-group-create).
+<br>
+
+```azurecli-interactive
+az group create --name myrg --location westus
+```
+
+Once the resource group is created, you'll need to create a Microsoft Connected Cache for Enterprise resource.
+
+### 2. Create an MCC Azure resource
+
+An MCC Azure resource is a top-level Azure resource under which cache nodes can be created.
+
+To create an MCC Azure resource, use `az mcc ent resource create`
+
+```azurecli-interactive
+az mcc ent resource create --mcc-resource-name mymccresource --resource-group myrg
+```
+
+<br>
+
+>[!IMPORTANT]
+>In the output, look for operationStatus. **operationStatus = Succeeded** indicates that our services have successfully started creating MCC resource.
+
+<br>
+
+The next step is to create a cache node under this resource.
+
+
+### 3. Create a cache node
+
+To create a cache node, use `az mcc ent node create`
+
+```azurecli-interactive
+az mcc ent node create --cache-node-name mycachenode --mcc-resource-name mymccresource --resource-group myrg --host-os <linux or windows>
+```
+
+<br>
+
+>[!IMPORTANT]
+>In the output, look for operationStatus. **operationStatus = Succeeded** indicates that our services have successfully started creating cache node.
+
+<br>
+
+### 4. Confirm cache node creation
+
+Before you can start configuring your cache node, you need to confirm that the cache node was successfully created.
+
+To confirm cache node creation, use `az mcc ent node show`
+
+<br>
+
+```azurecli-interactive
+az mcc ent node show --cache-node-name mycachenode --mcc-resource-name mymccresource --resource-group myrg  
+```
+
+>[!IMPORTANT]
+>In the output look for cacheNodeState. If **cacheNodeState = Not Configured**, you can continue with cache node configuration.
+>If **cacheNodeState = Registration in Progress**, then the cache node is still in process of being created. Please wait for a minute or two more and run the command again.
+
+<br>
+
+Once successful cache node creation is confirmed, you can proceed to configure the cache node.
+
+
+### 5. Configure cache node
+
+To configure your cache node, use `az mcc ent node update`
+
+The below example configures a Linux cache node with proxy enabled:
+
+```azurecli-interactive
+az mcc ent node update --cache-node-name <mycachenode> --mcc-resource-name <mymccresource> --resource-group <myrg>
+--cache-drive "[{physical-path:</physical/path>,size-in-gb:<size of cache drive>},{</physical/path>,size-in-gb:<size of cache drive>}...]"> --proxy <enabled> --proxy-host <"proxy host name"> --proxy-port <proxy port>  --auto-update-day <day of week> --auto-update-time <time of day> --auto-update-week <week of month> --auto-update-ring <update ring>
+```
+
+>[!Note]
+>* For a cache node that is to be deployed on Windows host OS, the physical path of the cache drive <u>must</u> be **/var/mcc**.<br>
+>* In the output, look for operationStatus. **operationStatus = Succeeded** indicates that our services have successfully updated the cache node. You will also see that cacheNodeState will show "Not Provisioned". <br>
+>* Please save values for <u>physicalPath, sizeInGb, proxyPort, proxyHostName</u> as these values will be needed to construct the provisioning script.
+
+
+<br>
+
+### 6. Get provisioning details for the cache node
+
+After successfully configuring the cache node, the next step is to deploy the cache node to a host machine. To deploy the cache node, you'll need to create a provisioning script with relevant information.
+
+To get the relevant information for provisioning script, use `az mcc ent node get-provisioning-details`
+
+```azurecli-interactive
+az mcc ent node get-provisioning-details --cache-node-name mycachenode --mcc-resource-name mymccresource --resource-group myrg
+```
+
+>[!IMPORTANT]
+>* Save the resulting values for cacheNodeId, customerKey, mccResourceId, registrationKey. These GUIDs are needed to create the provisioning script.
+>* In the output look for cacheNodeState. If **cacheNodeState = Not Provisioned**, you can continue with cache node provisioning.
+>* If **cacheNodeState = Not Configured**, then the cache node has not been configured. Please configure the cache node before provisioning.
+
+### Example script:
+
+Below is a pseudocode example of how to script bulk creation and configuration of an MCC Azure resource and multiple MCC cache nodes.
+
+<!--# [Bash](#tab/bash)
+
+:::code language="azurecli" source="~/azure_cli_scripts/azure-cli/create-azure-resources-at-scale/bash/create-azure-resources-at-scale.sh" id="step4":::
+
+In your console output, are you missing the last row in your CSV file?  This can be caused by a missing line continuation character after the last line. Add a blank line at the end of your CSV file to fix the issue.
+
+# [PowerShell](#tab/powershell)
+
+:::code language="azurecli" source="~/azure_cli_scripts/azure-cli/create-azure-resources-at-scale/powershell/create-azure-resources-at-scale.ps1" id="step4":::
+
+-->
+
+# [PowerShell](#tab/powershell)
+
+```powershell
+#Define variables
+$mccResourceName = "myMCCResource"
+$cacheNodeName = "demo-node"
+$cacheNodeOperatingSystem = "Windows"
+$resourceGroup = "myRG"
+$resourceLocation = "westus"
+$cacheNodesToCreate = 2
+$proxyHost = "myProxy.com"
+$proxyPort = "8080"
+$waitTime = 3
+
+#Create MCC Az resource
+az mcc ent resource create --mcc-resource-name $mccResourceName --location $resourceLocation --resource-group $resourceGroup
+
+#Loop through $cacheNodesToCreate iterations
+for ($cacheNodeNumber = 1; $cacheNodeNumber -le $cacheNodesToCreate; $cacheNodeNumber++) {
+    $iteratedCacheNodeName = $cacheNodeName + "-" + $cacheNodeNumber
+    
+    #Create cache node
+    az mcc ent node create --cache-node-name $iteratedCacheNodeName --mcc-resource-name $mccResourceName --host-os $cacheNodeOperatingSystem --resource-group $resourceGroup
+
+    #Get cache node state
+    $cacheNodeState = $(az mcc ent node show --cache-node-name $iteratedCacheNodeName --mcc-resource-name $mccResourceName --resource-group $resourceGroup --query "cacheNodeState") | ConvertFrom-Json
+
+    $howLong = 0
+    #Wait until cache node state returns "Not Configured"
+    while ($cacheNodeState -ne "Not Configured") {
+        Write-Output "Waiting for cache node creation to complete...$howLong seconds"
+        Start-Sleep -Seconds $waitTime
+        $howLong += $waitTime
+    
+        $cacheNodeState = $(az mcc ent node show --cache-node-name $iteratedCacheNodeName --mcc-resource-name $mccResourceName --resource-group $resourceGroup --query "cacheNodeState") | ConvertFrom-Json
+    }
+
+    #Configure cache node
+    az mcc ent node update --cache-node-name $iteratedCacheNodeName --mcc-resource-name $mccResourceName --resource-group $resourceGroup --cache-drive  "[{physical-path:/var/mcc,size-in-gb:50}]" --proxy enabled --proxy-host $proxyHost --proxy-port $proxyPort
+}
+```
+
+## Next step
+
+To deploy the cache node to a **Windows** host machine, see 
+>[!div class="nextstepaction"]
+>[Deploy cache node to Windows](mcc-ent-deploy-to-windows.md)
+
+To deploy the cache node to a **Linux** host machine, see 
+>[!div class="nextstepaction"]
+>[Deploy cache node to Linux](mcc-ent-deploy-to-linux.md)
diff --git a/windows/deployment/do/mcc-ent-monitoring.md b/windows/deployment/do/mcc-ent-monitoring.md
new file mode 100644
index 0000000000..fd1e2c5e51
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-monitoring.md
@@ -0,0 +1,61 @@
+---
+title: Monitor usage of MCC cache nodes
+description: Details on how to monitor the usage of Microsoft Connected Cache for Enterprise (MCC) cache nodes.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+manager: naengler
+ms.author: lichris
+author: chrisjlin
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise</a>	
+ms.date: 09/04/2024
+---
+
+# Monitor Microsoft Connected Cache cache node usage
+
+Tracking the status and performance of your MCC cache node is essential to making sure that you're getting the most out of the service.
+
+<!-- Add standard metrics
+
+      Add scenarios for creating custom metrics -->
+
+## Cache node summary
+
+The Cache Node Summary box on your Azure portal 
+
+| Metric | Description |
+| --- | --- |
+| Healthy nodes | The MCC service will periodically request heartbeat messages from your MCC node to determine if it's functioning as expected. |
+| Unhealthy nodes | If the cache node doesn't respond, it is labeled as unhealthy. |
+| Max in | The maximum egress (in Mb/sec.) that your node has pulled in at any given time. This statistic isn't dependent on the time filter near the charts. |
+| Max out | The minimum egress (in Mb/sec.) that your node has pushed out at any given time. |
+| Average in | The average ingress (in Mb/sec.) that your node has pulled in over its lifetime. This statistic isn't dependent on the time filter near the charts. |
+| Average out | The average egress (in Mb/sec.) that your node has pushed out over its lifetime. |
+| Cache efficiency | The percentage of all requests that your MCC node receives that are ultimately delivered by your MCC node. An effective node is generally expected to have an efficiency >95%. |
+
+## Charts
+
+### Filters
+
+- Will only filter the data shown in the two charts, scalable from 1 hour to 30 days
+- Can view data by individual cache nodes or the average of all your active MCC nodes.
+
+### Outbound traffic
+
+- The egress (in Mb/sec) that your MCC node is pushing out at specific time intervals
+
+### Volume by Content Type
+
+- The volume of content that your MCC cache node is distributing, broken down by the hostname used to download said content
+
+## Additional metrics
+
+### Custom metrics
+
+- Navigate to the "Metrics" tab in the left-hand toolbar
+- Configure chart as desired using the provided metrics
+
+<!-- ### Windows Update for Business (WUfB) reports -->
\ No newline at end of file
diff --git a/windows/deployment/do/mcc-ent-prerequisites.md b/windows/deployment/do/mcc-ent-prerequisites.md
new file mode 100644
index 0000000000..f95d8fb53d
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-prerequisites.md
@@ -0,0 +1,72 @@
+---
+title: MCC prerequisites
+description: Details of prerequisites and recommendations for using Microsoft Connected Cache for Enterprise and Education (MCC).
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: conceptual
+ms.author: lichris
+author: chrisjlin
+manager: naengler
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>
+ms.date: 09/27/2024
+---
+
+# Microsoft Connected Cache for Enterprise and Education Requirements
+
+This article details the requirements and recommendations for using Microsoft Connected Cache for Enterprise and Education (MCC).
+
+## Licensing requirements
+
+- **Valid Azure subscription**: To use the Microsoft Connected Cache for Enterprise and Education (MCC) service, you'll need a valid Azure subscription that can be used to provision the necessary [Azure resources](/azure/cloud-adoption-framework/govern/resource-consistency/resource-access-management).
+
+    If you don't have an Azure subscription already, you can create an Azure [pay-as-you-go](https://azure.microsoft.com/offers/ms-azr-0003p/) account, which requires a credit card for verification purposes. For more information, see the [Azure Free Account FAQ](https://azure.microsoft.com/free/free-account-faq/).
+
+    The Azure resources used for MCC will be free to you during this public preview.
+
+- **E3/E5 or A3/A5 license**: Your organization must have one of the following license subscriptions for each device that downloads content from an MCC cache node.
+
+    - [Windows Enterprise E3 or E5](/windows/whats-new/windows-licensing#windows-11-enterprise), included in [Microsoft 365 F3, E3, or E5](https://www.microsoft.com/microsoft-365/enterprise/microsoft365-plans-and-pricing?msockid=32c407b43d5968050f2b13443c746916)
+    - Windows Education A3 or A5, included in [Microsoft 365 A3 or A5](https://www.microsoft.com/education/products/microsoft-365?msockid=32c407b43d5968050f2b13443c746916#Education-plans)
+
+## Cache node host machine requirements
+
+### General requirements
+
+- Any previous installations of MCC must be [uninstalled](mcc-ent-uninstall-cache-node.md) before installing the latest version of MCC.
+- [These listed endpoints](delivery-optimization-endpoints.md) must be reachable by the host machine.
+- The host machine must have no other services / applications utilizing port 80 (for example, ConfigManager or Distribution Point).
+- The host machine must have at least 4 GB of free memory.
+
+### Additional requirements for Windows host machines
+
+- The Windows host machine must be using Windows 11 or Windows Server 2022 with the Latest Cumulative Update (LCU) applied.
+    - Windows 11 must have [OS Build 22631.3296](https://support.microsoft.com/topic/march-12-2024-kb5035853-os-builds-22621-3296-and-22631-3296-a69ac07f-e893-4d16-bbe1-554b7d9dd39b) or later
+    - Windows Server 2022 must have [OS Build 20348.2227](https://support.microsoft.com/topic/january-9-2024-kb5034129-os-build-20348-2227-6958a36f-efaf-4ef5-a576-c5931072a89a) or later
+- The Windows host machine must support nested virtualization.
+- The Windows host machine must have [WSL2 installed](/windows/wsl/install#install-wsl-command).
+
+### Additional requirements for Linux host machines
+
+- The Linux host machine must be using one of the following Operating Systems:
+
+    - Ubuntu 20.04
+    - Red Hat Enterprise Linux (RHEL) 8.* or 9.*
+        - If using RHEL, the default container engine (Podman) must be replaced with [Moby](https://github.com/moby/moby#readme)
+
+### Networking recommendations for host machines
+
+- Multiple network interface cards (NICs) on a single MCC instance aren't supported.
+- 1 Gbps NIC is the minimum speed recommended but any NIC is supported.
+- The NIC and BIOS should support SR-IOV for best performance.
+
+### Host machine sizing recommendations
+
+| Component  | Branch Office / Small Enterprise | Large Enterprise |
+| --- | --- | --- |
+| OS|  Windows Server 2022 <br> Windows 11 (Pro or Enterprise) | Same |
+|NIC | 1 Gbps | 5 Gbps |
+|Disk | SSD <br>1 drive <br>50 GB each  |SSD <br>1 drive <br>200 GB each  |
+|Memory | 4 GB | 8 GB |
+|Cores | 4 | 8  |
diff --git a/windows/deployment/do/mcc-ent-private-preview.md b/windows/deployment/do/mcc-ent-private-preview.md
new file mode 100644
index 0000000000..03c549f395
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-private-preview.md
@@ -0,0 +1,26 @@
+---
+title: MCC Private Preview
+description: Details on Microsoft Connected Cache for Enterprise (MCC) Private Preview
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: conceptual
+manager: naengler
+ms.author: lichris
+author: chrisjlin
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise</a>	
+ms.date: 06/03/2024
+---
+
+# Microsoft Connected Cache for Enterprise and Education (MCC) Private Preview
+
+If you participated in the MCC early preview, thank you for your collaboration and feedback.
+
+To continue using MCC, we strongly recommend that you upgrade your existing cache nodes to the Public Preview release. Cache nodes created and deployed during early preview should still function but can no longer be managed or monitored remotely via the MCC Azure service.
+
+As such, we strongly recommend you [recreate your existing resources in Azure](mcc-ent-create-resource-and-cache.md) and then [redeploy the MCC caching software to your host machines](mcc-ent-deploy-to-windows.md) using the latest OS-specific installer.
+
+## Next step
+
+> [!div class="nextstepaction"]
+> [View documentation for MCC Public Preview](mcc-ent-edu-overview.md)
diff --git a/windows/deployment/do/mcc-ent-release-notes.md b/windows/deployment/do/mcc-ent-release-notes.md
new file mode 100644
index 0000000000..45efd09f1b
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-release-notes.md
@@ -0,0 +1,40 @@
+---
+title: MCC Release Notes
+description: Release Notes for Microsoft Connected Cache for Enterprise and Education (MCC).
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: conceptual
+ms.author: lichris
+author: chrisjlin
+manager: naengler
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
+ms.date: 09/27/2024
+---
+
+# Release Notes for Microsoft Connected Cache for Enterprise and Education (MCC)
+
+This article contains details about the latest releases of MCC. Since MCC is a Preview service, some releases may contain breaking changes that will be highlighted as such.
+
+## Release v0.1.0 (Public Preview launch)
+
+- Released on **10/17/2024**
+- Contains breaking changes
+- Contains service changes
+- Contains client changes
+- Affects Linux, Windows host machines
+
+### Changenotes
+
+- Added new "Outbound egress" and "Volume by Content type" monitoring charts to Azure portal user interface
+- Added ability to create custom monitoring charts under the Metrics tab in the Azure portal user interface
+- Added support for creating both Windows-hosted and Linux-hosted cache nodes under the same MCC Azure resource
+- Added Azure CLI support for programmatic creation and management of MCC Azure resources and cache nodes
+- Added support for unauthenticated proxy and cloud proxy integration
+- Added ability to set each cache node's Update Ring to govern cadence of MCC container updates
+
+## Related content
+
+- [Overview of MCC](mcc-ent-edu-overview.md)
diff --git a/windows/deployment/do/mcc-ent-support-and-troubleshooting.md b/windows/deployment/do/mcc-ent-support-and-troubleshooting.md
new file mode 100644
index 0000000000..4199588658
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-support-and-troubleshooting.md
@@ -0,0 +1,73 @@
+---
+title: MCC support and troubleshooting
+description: Details on how to troubleshoot and seek support for Microsoft Connected Cache for Enterprise (MCC).
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+manager: naengler
+ms.author: lichris
+author: chrisjlin
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise</a>	
+ms.date: 09/27/2024
+---
+
+
+# Troubleshoot Microsoft Connected Cache for Enterprise and Education (MCC)
+
+This article contains instructions on how to troubleshoot different issues you may encounter while using MCC. These issues are categorized by the task in which they may be encountered. For example, this next section covers troubleshooting [MCC Azure resource creation](mcc-ent-create-resource-and-cache.md).
+
+## Steps to obtain an Azure subscription ID
+
+<!--Using include file, get-azure-subscription.md, do/mcc-isp.md for shared content-->
+[!INCLUDE [Get Azure subscription](includes/get-azure-subscription.md)]
+
+## Troubleshooting Azure resource creation
+
+MCC Azure resource creation can be initiated using either the Azure portal or the Azure CLI command set. If you're encountering an error during resource creation, check that you have the necessary RPaaS permissions and have filled out all required fields.
+
+## Troubleshooting cache node issue
+If you are facing issues with your cache node, it could be due to cache node being on the early preview version of MCC. Cache nodes belonging to early preview version will be under MCC resource that will have 'early preview' in its name. Please delete these cache nodes and associated MCC resource and create a new MCC resource on the new version.
+For detailed instructions on creating MCC resource, see [Create MCC Azure resources](mcc-ent-create-resource-and-cache.md)
+
+
+## Troubleshooting cache node deployment
+TODO: Add introduction sentence(s)
+[Include a sentence or two to explain only what is needed to complete the procedure.]
+TODO: Add ordered list of procedure steps
+
+1. Step 1
+1. Step 2
+1. Step 3
+
+## Troubleshooting cache node monitoring
+TODO: Add introduction sentence(s)
+[Include a sentence or two to explain only what is needed to complete the procedure.]
+TODO: Add ordered list of procedure steps
+
+1. Step 1
+1. Step 2
+1. Step 3
+
+<!-- 5. Next step/Related content------------------------------------------------------------------------
+
+Optional: You have two options for manually curated links in this pattern: Next step and Related content. You don't have to use either, but don't use both.
+  - For Next step, provide one link to the next step in a sequence. Use the blue box format
+  - For Related content provide 1-3 links. Include some context so the customer can determine why they would click the link. Add a context sentence for the following links.
+
+-->
+
+## Diagnose and Solve
+
+If this article isn't resolving the issue you're facing with your cache node, you can use the **Diagnose and solve problems** functionality within your MCC resource to continue troubleshooting. **Diagnose and solve problems** contains solutions to most common problems that users might face as they onboard.
+
+You can find **Diagnose and solve problems** on the left pane within your MCC resource.
+
+Within **Diagnose and solve problems**, select **Troubleshoot** under the type of problem you're facing and follow the prompts that narrow down the solution to the issue.
+
+
+## Filing a support request
+
+TODO: Add steps for filling out a CSS ticket.
diff --git a/windows/deployment/do/mcc-ent-uninstall-cache-node.md b/windows/deployment/do/mcc-ent-uninstall-cache-node.md
new file mode 100644
index 0000000000..3d554c99a0
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-uninstall-cache-node.md
@@ -0,0 +1,35 @@
+---
+title: Uninstall MCC cache nodes
+description: Details on how to uninstall Microsoft Connected Cache for Enterprise and Education (MCC) from a host machine.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+ms.author: lichris
+author: chrisjlin
+manager: naengler
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a> 
+ms.date: 09/27/2024
+---
+
+# Uninstall MCC caching software from a host machine
+
+This article describes how to uninstall Microsoft Connected Cache for Enterprise and Education (MCC) caching software from a host machine. These steps should be taken after deleting the cache node in the Azure portal.
+
+## Steps to uninstall MCC from a Windows host machine
+
+1. Launch a PowerShell window *as administrator* and navigate to the MCC installation directory (C:\mcconwsl01 by default)
+1. Run the `uninstallmcconwsl.ps1` script
+
+## Steps to uninstall MCC from a Linux host machine
+
+The `uninstallmcc.sh` script within the provisioning package uninstalls the MCC caching software and all related components, including:
+
+- IoT Edge
+- IoT Edge Agent
+- IoT Edge Hub
+- MCC
+- Moby CLI
+- Moby engine
diff --git a/windows/deployment/do/mcc-ent-update-cache-node.md b/windows/deployment/do/mcc-ent-update-cache-node.md
new file mode 100644
index 0000000000..604ac96ddd
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-update-cache-node.md
@@ -0,0 +1,58 @@
+---
+title: Update MCC cache nodes
+description: Details on how Microsoft Connected Cache for Enterprise and Education (MCC) cache nodes are updated by Microsoft.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+ms.author: andyriv
+author: chrisjlin
+manager: naengler
+appliesto: 
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ Supported Linux distributions
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a> 
+ms.date: 09/27/2024
+---
+# Configure container update frequency for Microsoft Connected Cache for Enterprise and Education (MCC)
+
+Microsoft Connected Cache for Enterprise and Education (MCC) caching software is deployed to host machines as a container. The container OS and any software component within the container need to be updated to address security vulnerabilities and improve quality and performance. These Microsoft-published container updates are referred to as "MCC updates" in this article.
+
+Microsoft silently deploys MCC updates to your cache nodes based on the Update Ring setting you configure for each cache node.
+
+## Update rings
+
+MCC cache nodes can be configured to either the "Fast" or "Slow" update ring. If configured to update as part of the Fast ring, the cache node will be silently updated by Microsoft soon after the update is made available. If configured to update as part of the Slow ring, the cache node is silently updated by Microsoft within five weeks of the update becoming available.
+
+In other words, configuring cache nodes to update as part of the Slow ring provides users with the option to delay the update process until they have validated that the latest MCC update works within their environment. For example, a user could configure a test cache node to update as part of the Fast ring and validate that clients can successfully interact with the test cache node after the latest MCC update has been applied. This builds confidence that service won't be interrupted when the production cache nodes are updated as part of the Slow ring.
+
+### Update ring options
+
+>[!IMPORTANT]
+>In the event of a critical security patch, Microsoft may elect to initiate an MCC update to your cache node as soon as possible (even if the cache node has been set to the Slow Ring). Visit the [Release notes](mcc-ent-release-notes.md) page for a detailed changelog of each MCC update.
+
+#### Fast Ring
+All MCC cache nodes are configured to update as part of the Fast ring by default. MCC cache nodes in the Fast ring will be updated soon after an update is made available. Microsoft will silently update cache nodes at a time of day when update traffic is likely to be minimal, such as 3:00 AM (local time) on Saturday.
+
+#### Slow Ring
+Configuring an MCC cache node to update as part of the Slow ring provides users with the option to delay MCC software updates until the update can be validated. There are three settings that control when MCC updates will be applied to MCC cache nodes. All update ring settings can be managed from the Azure portal or through Azure CLI.
+
+| Setting | Description |
+| --- | --- |
+| Week of the month | 1st to 4th week can be selected. There are three to four months in a year that could have a 5th week. If there's a 5th week, the update could be applied during that 5th week if the day of the week falls near the last day of the month.|
+| Day of the week | Monday through Sunday can be selected. |
+| Time of day | Time of day is based on UTC and a 24 hour clock. |
+
+## Update process
+
+When Microsoft publishes an MCC update, the MCC service attempts to update all MCC cache nodes based on their Update Ring membership. If a cache node can't complete the silent MCC update within 6 hours of starting, an error message is surfaced in the Azure portal.
+
+## Update terminology, criteria, and SLA
+
+MCC updates will be released based on need instead of on a set cadence.
+
+| Update type | Criteria and SLA |
+| --- | --- |
+| Security | Security updates are the highest priority and will be released based on the severity rating of the vulnerability. [Critical and High](https://nvd.nist.gov/vuln-metrics/cvss) vulnerabilities will be released by Microsoft within 60 days of discovery. [Medium and Low](https://nvd.nist.gov/vuln-metrics/cvss) vulnerabilities will be released by Microsoft within 120 days |
+| Quality | Quality updates fix a specific problem and addresses a noncritical, non-security-related bug. Quality updates could include performance fixes for a specific problem or changes related to cache efficiency or maximum egress for example. Quality updates are released along with security updates or when necessary to ensure proper functioning of the Microsoft Connected Cache software. |
+
+For information on all released Microsoft Connected Cache updates, see the [MCC release notes](mcc-ent-release-notes.md).
diff --git a/windows/deployment/do/mcc-ent-verify-cache-node.md b/windows/deployment/do/mcc-ent-verify-cache-node.md
new file mode 100644
index 0000000000..bf7720bce4
--- /dev/null
+++ b/windows/deployment/do/mcc-ent-verify-cache-node.md
@@ -0,0 +1,46 @@
+---
+title: Verify MCC cache node functionality
+description: Details on how to verify functionality of Microsoft Connected Cache for Enterprise and Education (MCC) cache nodes.
+author: chrisjlin
+ms.author: lichris
+manager: naengler
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: how-to
+ms.date: 09/27/2024
+appliesto: 
+- ✅ Windows-hosted MCC cache nodes
+- ✅ Linux-hosted MCC cache nodes
+- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
+---
+
+# Verify MCC cache node functionality
+
+This article describes how to verify that a Microsoft Connected Cache for Enterprise and Education (MCC) cache node is functioning correctly.
+
+These steps should be taken after deploying MCC caching software to a [Windows](mcc-ent-deploy-to-windows.md) or [Linux](mcc-ent-deploy-to-linux.md) host machine.
+
+## Steps to verify functionality of MCC cache node
+
+1. To verify that the MCC container on the host machine is running and reachable, run the following command from the host machine:
+
+    ```powershell
+    wget http://localhost/filestreamingservice/files/7bc846e0-af9c-49be-a03d-bb04428c9bb5/Microsoft.png?cacheHostOrigin=dl.delivery.mp.microsoft.com
+    ```
+
+    If successful, there should be an HTTP response with StatusCode 200.
+
+1. To verify that Windows clients in your network can reach the MCC cache node, visit the following address from a web browser on a Windows client device:
+
+    `http://[HostMachine-IP-address]/filestreamingservice/files/7bc846e0-af9c-49be-a03d-bb04428c9bb5/Microsoft.png?cacheHostOrigin=dl.delivery.mp.microsoft.com`
+
+    If successful, the Windows client device should begin to download a small image file from the MCC cache node.
+
+1. To check how much content an individual Windows client has pulled from an MCC cache node, open the [Delivery Optimization activity monitor](/microsoft-365-apps/updates/delivery-optimization#viewing-data-about-the-use-of-delivery-optimization) on the Windows client device.
+
+    You should see a donut chart titled Download Statistics. If the Windows client has pulled content from the cache node, you'll see a segment of the donut labeled "From Microsoft cache server".
+
+## Related content
+
+- [Monitor cache node usage](mcc-ent-monitoring.md)
+- [Troubleshoot cache node](mcc-ent-support-and-troubleshooting.md)
diff --git a/windows/deployment/do/mcc-enterprise-appendix.md b/windows/deployment/do/mcc-enterprise-appendix.md
deleted file mode 100644
index 6264ea32c4..0000000000
--- a/windows/deployment/do/mcc-enterprise-appendix.md
+++ /dev/null
@@ -1,138 +0,0 @@
----
-title: Appendix for MCC for Enterprise and Education
-description: This article contains reference information for Microsoft Connected Cache (MCC) for Enterprise and Education.
-ms.service: windows-client
-ms.subservice: itpro-updates
-ms.topic: reference
-ms.author: carmenf
-author: cmknox
-manager: aaroncz
-ms.reviewer: mstewart
-ms.collection:
-  - tier3
-  - must-keep
-appliesto: 
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>
-ms.date: 05/23/2024
----
-
-# Appendix
-
-## Steps to obtain an Azure subscription ID
-
-<!--Using include file, get-azure-subscription.md, do/mcc-isp.md for shared content-->
-[!INCLUDE [Get Azure subscription](includes/get-azure-subscription.md)]
-
-### Troubleshooting
-
-If you're not able to sign up for a Microsoft Azure subscription with the **Account belongs to a directory that cannot be associated with an Azure subscription. Please sign in with a different account.** error, see the following articles:
-
-- [Can't sign up for a Microsoft Azure subscription](/troubleshoot/azure/general/cannot-sign-up-subscription).
-- [Troubleshoot issues when you sign up for a new account in the Azure portal](/azure/cost-management-billing/manage/troubleshoot-azure-sign-up).
-
-## Hardware specifications
-
-Most customers choose to install their cache node on a Windows Server with a nested Hyper-V VM. If this isn't supported in your network, some customers have also opted to install their cache node using VMware. At this time, a Linux-only solution isn't available and Azure VMs don't support the standalone Microsoft Connected Cache.
-
-### Installing on VMware
-
-Microsoft Connected Cache for Enterprise and Education can be successfully installed on VMware. To do so, there are a couple of additional configurations to be made. Ensure the VM is turned off before making the following configuration changes:
-
-1. Ensure that you're using ESX. In the VM settings, turn on the option **Expose hardware assisted virtualization to the guest OS**.
-1. Using the Hyper-V Manager, create an external switch. For the external switch to have internet connection, ensure **"Allow promiscuous mode"** and **"Forged transmits"** are switched to **Yes**.
-
-### Installing on Hyper-V
-
-To learn more about how to configure Intel and AMD processors to support nested virtualization, see [Run Hyper-V in a Virtual Machine with Nested Virtualization](/virtualization/hyper-v-on-windows/user-guide/nested-virtualization).
-
-## Diagnostics Script
-
-If you're having issues with your MCC, we included a diagnostics script. The script collects all your logs and zips them into a single file. You can then send us these logs via email for the MCC team to debug.
-
-To run this script:
-
-1. Navigate to the following folder in the MCC installation files:
-
-    mccinstaller > Eflow > Diagnostics
-
-1. Run the following commands:
-
-   ```powershell
-   Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process
-   .\collectMccDiagnostics.ps1
-   ```
-
-1. The script stores all the debug files into a folder and then creates a tar file. After the script is finished running, it will output the path of the tar file, which you can share with us. The location should be **\<currentpath\>**\mccdiagnostics\support_bundle_\$timestamp.tar.gz
-
-1. [Email the MCC team](mailto:mccforenterprise@microsoft.com?subject=Debugging%20Help%20Needed%20for%20MCC%20for%20Enterprise) and attach this file asking for debugging support. Screenshots of the error along with any other warnings you saw will be helpful during out debugging process.
-
-## IoT Edge runtime
-
-The Azure IoT Edge runtime enables custom and cloud logic on IoT Edge devices.
-The runtime sits on the IoT Edge device, and performs management and
-communication operations. The runtime performs several functions:
-
-- Installs and update workloads (Docker containers) on the device.
-- Maintains Azure IoT Edge security standards on the device.
-- Ensures that IoT Edge modules (Docker containers) are always running.
-- Reports module (Docker containers) health to the cloud for remote monitoring.
-- Manages communication between an IoT Edge device and the cloud.
-
-For more information on Azure IoT Edge, see the [Azure IoT Edge documentation](/azure/iot-edge/about-iot-edge).
-
-## Routing local Windows clients to an MCC
-
-### Get the IP address of your MCC using ifconfig
-
-There are multiple methods that can be used to apply a policy to PCs that should participate in downloading from the MCC.
-
-#### Registry key
-
-You can either set your MCC IP address or FQDN using:
-
-1. Registry key (version 1709 and later):  
-    `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization`
-</br>
-    "DOCacheHost"=" "  
-
-    From an elevated command prompt:
-
-    ```powershell
-        reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v DOCacheHost /t REG_SZ /d "10.137.187.38" /f
-    ```
-
-1. MDM path (version 1809 and later):
-
-    `.Vendor/MSFT/Policy/Config/DeliveryOptimization/DOCacheHost`
-
-1. In Windows (release version 1809 and later), you can apply the policy via Group Policy Editor. The policy to apply is **DOCacheHost**. To configure the clients to pull content from the MCC using Group Policy, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. Set the **Cache Server Hostname** to the IP address of your MCC, such as `10.137.187.38`.
-
-   :::image type="content" source="./images/ent-mcc-group-policy-hostname.png" alt-text="Screenshot of the Group Policy editor showing the Cache Server Hostname Group Policy setting." lightbox="./images/ent-mcc-group-policy-hostname.png":::
-
-## Verify content using the DO client
-
-To verify that the Delivery Optimization client can download content using MCC, you can use the following steps:
-
-1. Download a game or application from the Microsoft Store.
-
-   :::image type="content" source="./images/ent-mcc-store-example-download.png" alt-text="Screenshot of the Microsoft Store with the game, Angry Birds 2, selected.":::
-
-1. Verify downloads came from MCC by one of two methods:
-
-    - Using the PowerShell Cmdlet Get-DeliveryOptimizationStatus you should see *BytesFromCacheServer*.
-
-      :::image type="content" source="./images/ent-mcc-get-deliveryoptimizationstatus.png" alt-text="Screenshot of the output of Get-DeliveryOptimization | FT from PowerShell." lightbox="./images/ent-mcc-get-deliveryoptimizationstatus.png":::
-
-    - Using the Delivery Optimization Activity Monitor
-
-      :::image type="content" source="./images/ent-mcc-delivery-optimization-activity.png" alt-text="Screenshot of the Delivery Optimization Activity Monitor.":::
-
-## EFLOW
-
-- [What is Azure IoT Edge for Linux on Windows](/azure/iot-edge/iot-edge-for-linux-on-windows)
-- [Install Azure IoT Edge for Linux on Windows](/azure/iot-edge/how-to-provision-single-device-linux-on-windows-symmetric#install-iot-edge)
-- [PowerShell functions for Azure IoT Edge for Linux on Windows](/azure/iot-edge/reference-iot-edge-for-linux-on-windows-functions)
-- EFLOW FAQ and Support: [Support · Azure/iotedge-eflow Wiki (github.com)](https://github.com/Azure/iotedge-eflow/wiki/Support#how-can-i-apply-updates-to-eflow)
-- [Now ready for Production: Linux IoT Edge Modules on Windows - YouTube](https://www.youtube.com/watch?v=pgqVCg6cxVU&ab_channel=MicrosoftIoTDevelopers)
diff --git a/windows/deployment/do/mcc-enterprise-deploy.md b/windows/deployment/do/mcc-enterprise-deploy.md
deleted file mode 100644
index 5cc7236b51..0000000000
--- a/windows/deployment/do/mcc-enterprise-deploy.md
+++ /dev/null
@@ -1,418 +0,0 @@
----
-title: Deploying your cache node
-description: How to deploy a Microsoft Connected Cache (MCC) for Enterprise and Education cache node from the Azure portal.
-ms.service: windows-client
-ms.subservice: itpro-updates
-ms.topic: how-to
-ms.author: carmenf
-author: cmknox
-ms.reviewer: mstewart
-manager: aaroncz
-ms.collection: tier3
-appliesto: 
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>	
-ms.date: 05/23/2024
----
-
-# Deploy your cache node
-
-This article describes how to deploy a Microsoft Connected Cache (MCC) for Enterprise and Education cache node.
-
-## Steps to deploy MCC
-
-To deploy MCC to your server:
-
-1. [Provide Microsoft with the Azure subscription ID](#provide-microsoft-with-the-azure-subscription-id)
-1. [Create the MCC Resource in Azure](#create-the-mcc-resource-in-azure)
-1. [Create an MCC Node](#create-an-mcc-node-in-azure)
-1. [Edit Cache Node Information](#edit-cache-node-information)
-1. [Install MCC on a physical server or VM](#install-mcc-on-windows)
-1. [Verify MCC functionality](#verify-mcc-server-functionality)
-1. [Review common Issues](#common-issues) if needed.
-
-### Provide Microsoft with the Azure subscription ID
-
-As part of the MCC preview onboarding process an Azure subscription ID must be provided to Microsoft.
-
-> [!IMPORTANT]
-> As we near the release of public preview, we have paused onboarding. Please continue to submit the form to express interest so we can follow up with you once public preview of Microsoft Connected Cache for Enteprise and Education is available. To register your interest, fill out the form located at [https://aka.ms/MSConnectedCacheSignup](https://aka.ms/MSConnectedCacheSignup).
-
-For information about creating or locating your subscription ID, see [Steps to obtain an Azure subscription ID](mcc-enterprise-appendix.md#steps-to-obtain-an-azure-subscription-id).
-
-### Create the MCC resource in Azure
-
-The MCC Azure management portal is used to create and manage MCC nodes. An Azure subscription ID is used to grant access to the preview and to create the MCC resource in Azure and Cache nodes.
-
-Once you take the survey above and the MCC team adds your subscription ID to the allowlist, you'll be given a link to the Azure portal where you can create the resource described below.
-
-1. In the Azure portal home page, choose **Create a resource**:  
-
-   :::image type="content" source="./images/ent-mcc-create-azure-resource.png" alt-text="Screenshot of the Azure portal. The create a resource option is outlined in red.":::
-
-1. Type **Microsoft Connected Cache** into the search box, and hit **Enter** to show search results.
-
-   > [!NOTE]
-   > You won't see Microsoft Connected Cache in the drop-down list. You'll need to type the string and press enter to see the result.
-
-1. Select **Microsoft Connected Cache Enterprise** and choose **Create** on the next screen to start the process of creating the MCC resource.
-
-   :::image type="content" source="./images/ent-mcc-azure-search-result.png" alt-text="Screenshot of the Azure portal search results for Microsoft Connected Cache.":::
-
-   :::image type="content" source="./images/ent-mcc-azure-marketplace.png" alt-text="Screenshot of Microsoft Connected Cache Enterprise within the Azure Marketplace.":::
-
-1. Fill in the required fields to create the MCC resource.
-
-    - Choose the subscription that you provided to Microsoft.
-    - Azure resource groups are logical groups of resources. Create a new resource group and choose a name for your resource group.
-    - Choose **(US) West US** for the location of the resource. This choice won't impact MCC if the physical location isn't in the West US, it's just a limitation of the preview.
-
-       > [!IMPORTANT]
-       > Your MCC resource will not be created properly if you do not select **(US) West US**
-
-    - Choose a name for the MCC resource.
-      - Your MCC resource must not contain the word **Microsoft** in it.
-
-      :::image type="content" source="./images/ent-mcc-azure-create-connected-cache.png" alt-text="Screenshot of the Create a Connected Cache page within the Azure Marketplace.":::
-
-1. Once all the information has been entered, select the **Review + Create** button. Once validation is complete, select the **Create** button to start the resource creation.
-
-    :::image type="content" source="./images/ent-mcc-azure-cache-created.png" alt-text="Screenshot of the completed cache deployment within the Azure." lightbox="./images/ent-mcc-azure-cache-created.png":::
-
-#### Error: Validation failed
-
-- If you get a Validation failed error message on your portal, it's likely because you selected the **Location** as **US West 2** or some other location that isn't **(US) West US**.
-  - To resolve this error, go to the previous step and choose **(US) West US**.
-
-    :::image type="content" source="./images/ent-mcc-create-cache-failed.png" alt-text="Screenshot of a failed cache deployment due to an incorrect location.":::
-
-### Create an MCC node in Azure
-
-Creating an MCC node is a multi-step process and the first step is to access the MCC early preview management portal.
-
-1. After the successful resource creation, select  **Go to resource**.
-1. Under **Cache Node Management** section on the leftmost panel, select **Cache Nodes**.
-
-    :::image type="content" source="./images/ent-mcc-cache-nodes.png" alt-text="Screenshot of the Cache Node Management section with the navigation link to the Cache Nodes page outlined in red.":::
-
-1. On the **Cache Nodes** blade, select the **Create Cache Node** button.
-
-    :::image type="content" source="./images/ent-mcc-create-cache-node.png" alt-text="Screenshot of the Cache Nodes page with the Create Cache Node option outlined in red.":::
-
-1. Selecting the **Create Cache Node** button will open the **Create Cache Node** page; **Cache Node Name** is the only field required for cache node creation.
-
-   | Field Name | Expected Value | Description |
-   |---|---|---|
-   | **Cache Node Name** | Alphanumeric name that doesn't include any spaces. | The name of the cache node. You may choose names based on location such as `Seattle-1`. This name must be unique and can't be changed later. |
-
-1. Enter the information for the **Cache Node** and select the **Create** button.
-
-   :::image type="content" source="./images/ent-mcc-create-cache-node-name.png" alt-text="Screenshot of the Cache Nodes page displaying the Cache Node Name text entry during the creation process.":::
-
-If there are errors, the form will provide guidance on how to correct the errors.
-
-Once the MCC node has been created, the installer instructions will be exposed. More details on the installer instructions will be addressed later in this article, in the [Install Connected Cache](#install-mcc-on-windows) section.
-
-:::image type="content" source="./images/ent-mcc-connected-cache-installer-download.png" alt-text="Screenshot of the Connected Cache installer download button, installer instructions, and script.":::
-
-#### Edit cache node information
-
-Cache nodes can be deleted here by selecting the check box to the left of a **Cache Node Name** and then selecting the delete toolbar item. Be aware that if a cache node is deleted, there's no way to recover the cache node or any of the information related to the cache node.
-
-:::image type="content" source="./images/ent-mcc-delete-cache-node.png" alt-text="Screenshot of deleting a cache node from the Cache Nodes page.":::
-
-### Install MCC on Windows
-
-Installing MCC on your Windows device is a simple process. A PowerShell script performs the following tasks:
-
-- Installs the Azure CLI
-- Downloads, installs, and deploys EFLOW
-- Enables Microsoft Update so EFLOW can stay up to date
-- Creates a virtual machine
-- Enables the firewall and opens ports 80 and 22 for inbound and outbound traffic. Port 80 is used by MCC, and port 22 is used for SSH communications.
-- Configures Connected Cache tuning settings.
-- Creates the necessary *FREE* Azure resource - IoT Hub/IoT Edge.
-- Deploys the MCC container to server.
-
-#### Run the installer
-
-1. Download and unzip `mccinstaller.zip` from the create cache node page or cache node configuration page, both of which contain the necessary installation files.
-
-   :::image type="content" source="./images/ent-mcc-download-installer.png" alt-text="Screenshot of the download installer option on the Create Cache Node page.":::
-
-   The following files are contained in the `mccinstaller.zip` file:
-
-   - **installmcc.ps1**: Main installer file.
-   - **installEflow.ps1**: Installs the necessary prerequisites such as the Linux VM, IoT Edge runtime, and Docker, and makes necessary host OS settings to optimize caching performance.
-   - **resourceDeploymentForConnectedCache.ps1**: Creates Azure cloud resources required to support MCC control plane.
-   - **mccdeployment.json**: Deployment manifest used by IoT Edge to deploy the MCC container and configure settings on the container, such as cache drive location sizes.
-   - **updatemcc.ps1**: The update script used to upgrade MCC to a particular version.
-   - **mccupdate.json**: Used as part of the update script
-
-1. Open Windows PowerShell as administrator then navigate to the location of these files.
-
-   > [!NOTE]
-   > Ensure that Hyper-V is enabled on your device.
-   > - **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v)
-   > - **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server)'
-   >
-   > Don't use PowerShell ISE, PowerShell 6.x, or PowerShell 7.x. Only Windows PowerShell version 5.x is supported.
-
-1. **If you're installing MCC on a local virtual machine**, turn the virtual machine **off** while you enable nested virtualization and MAC spoofing.
-   1. Enable nested virtualization:
-
-      ```powershell
-      Set-VMProcessor -VMName "VM name" -ExposeVirtualizationExtensions $true
-      ```
-
-   1. Enable MAC spoofing:
-
-      ```powershell
-      Get-VMNetworkAdapter -VMName "VM name" | Set-VMNetworkAdapter -MacAddressSpoofing On
-      ```
-
-1. Set the execution policy.
-
-    ```powershell
-    Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process
-    ```
-
-    > [!NOTE]
-    > After setting the execution policy, you'll see a warning asking if you wish to change the execution policy. Choose **[A] Yes to All**.
-
-1. Copy the command from the Azure portal and run it in Windows PowerShell.
-
-    :::image type="content" source="./images/ent-mcc-installer-script.png" alt-text="Screenshot of the installer script for the connected cache node.":::
-
-    > [!NOTE]
-    > After running the command, and multiple times throughout the installation process, you'll receive the following notice. Select **[R] Run once** to proceed.
-    > </br>
-    > </br> Security warning
-    > </br> Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message. Do you want to run C:\Users\mccinstaller\Eflow\installmcc.ps1?
-    > </br>
-    > </br> [D] Do not run **[R] Run once** [S] Suspend [?] Help (default is "D"):
-
-1. Choose whether you would like to create a new external virtual switch or select an existing external virtual switch.
-
-   If creating a new external virtual switch, name your switch and be sure to choose a Local Area Connection (USB adapters work as well however, we do not recommend using Wi-Fi). A computer restart will be required if you're creating a new switch.
-
-   > [!NOTE]
-   > Restarting your computer after creating a switch is recommended. You'll notice network delays during installation if the computer has not been restarted.
-
-   If you restarted your computer after creating a switch, start from step 2 above and skip to step 5.
-
-   If you opt to use an existing external switch, select the switch from the presented options. Local Area Connection (or USB) is preferable to Wi-Fi.
-
-   :::image type="content" source="./images/ent-mcc-script-new-switch.png" alt-text="Screenshot of the installer script running in PowerShell when a new switch is created." lightbox="./images/ent-mcc-script-new-switch.png":::
-
-1. Rerun the script after the restart. This time, choose **No** when asked to create a new switch. Enter the number corresponding to the switch you previously created.
-
-     :::image type="content" source="./images/ent-mcc-script-existing-switch.png" alt-text="Screenshot of the installer script running in PowerShell when using an existing switch." lightbox="./images/ent-mcc-script-existing-switch.png":::
-
-1. Decide whether you would like to use dynamic or static address for the Eflow VM. If you choose to use a static IP, do not use the IP address of the server. It is a VM, and it will have its own IP.
-
-    :::image type="content" source="./images/ent-mcc-script-dynamic-address.png" alt-text="Screenshot of the installer script running in PowerShell asking if you'd like to use a dynamic address." lightbox="./images/ent-mcc-script-dynamic-address.png":::
-
-    > [!NOTE]
-    > Choosing a dynamic IP address might assign a different IP address when the MCC restarts. A static IP address is recommended so you don't have to change this value in your management solution when MCC restarts.
-
-   The IP address you assign to the EFLOW VM should be within the same subnet as the host server (based on the subnet mask) and not used by any other machine on the network.
-   For example, for host configuration where the server IP Address is 192.168.1.202 and the subnet mask is 255.255.255.0, the static IP can be anything 192.168.1.* except 192.168.1.202.
-   <!-- Insert Image 1 & 2. Remove ent-mcc-script-dynamic-address.png image (it is replaced by image 2) -->
-    :::image type="content" source="./images/external-switch-1.jpg" alt-text="Screenshot of a sample output of ipconfig command showing example of subnet mask." lightbox="./images/external-switch-1.jpg":::
-
-    :::image type="content" source="./images/assigning-ip-2.png" alt-text="Screenshot of multiple installer questions about ipv4 address for Eflow." lightbox="./images/assigning-ip-2.png":::
-
-   If you would like to use your own DNS server instead of Google DNS 8.8.8.8, select **n** and set your own DNS server IP.
-
-   :::image type="content" source="./images/use-custom-dns-3.png" alt-text="Screenshot of multiple installer questions about setting an alternate DNS server." lightbox="./images/use-custom-dns-3.png":::
-
-   If you use a dynamic IP address, the DHCP server will automatically configure the IP address and DNS settings.
-
-1. Choose where you would like to download, install, and store the virtual hard disk for EFLOW. You'll also be asked how much memory, storage, and how many cores you would like to allocate for the VM. For this example, we chose the default values for download path, install path, and virtual hard disk path.
-
-   <!-- Insert Image 4 -->
-   :::image type="content" source="./images/installation-info-4.png" alt-text="Screenshot of multiple installer questions about memory and storage for EFLOW." lightbox="./images/installation-info-4.png":::
-
-   For more information, see [Sizing Recommendations](mcc-enterprise-prerequisites.md#sizing-recommendations) for memory, virtual storage, and CPU cores. For this example we chose the recommended values for a Branch Office/Small Enterprise deployment.
-
-   <!-- Insert Image 5 -->
-   :::image type="content" source="./images/memory-storage-5.png" alt-text="Screenshot of multiple installer questions about memory and storage." lightbox="./images/memory-storage-5.png":::
-   <!-- Remove: If this is your first MCC deployment, select **n** so that a new IoT Hub can be created. If you have already configured MCC before, choose **y** so that your MCCs are grouped in the same IoT Hub.
-
-    1. You'll be shown a list of existing IoT Hubs in your Azure subscription. Enter the number corresponding to the IoT Hub to select it. **You'll likely have only 1 IoT Hub in your subscription, in which case you want to enter "1"**
-
-       :::image type="content" source="./images/ent-mcc-script-select-hub.png" alt-text="Screenshot of the installer script running in PowerShell prompting you to select which IoT Hub to use." lightbox="./images/ent-mcc-script-select-hub.png":::
-       -->
-1. When the installation is complete, you should see the following output (the values below will be your own)
-
-    :::image type="content" source="./images/ent-mcc-script-complete.png" alt-text="Screenshot of the installer script displaying the completion summary in PowerShell." lightbox="./images/ent-mcc-script-complete.png":::
-       <!-- Insert Image 7 -->
-
-    :::image type="content" source="./images/installation-complete-7.png" alt-text="Screenshot of expected output when installation is complete." lightbox="./images/installation-complete-7.png":::
-
-1. Your MCC deployment is now complete.
-
-   If you don't see any errors, continue to the next section to validate your MCC deployment. Your VM will not appear in Hyper-V Manager as it is an EFLOW VM.
-   - After validating your MCC is properly functional, review your management solution documentation, such as [Intune](/mem/intune/configuration/delivery-optimization-windows), to set the cache host policy to the IP address of your MCC.
-   - If you had errors during your deployment, see the [Common Issues](#common-issues) section in this article.
-
-## Verify MCC server functionality
-
-#### Verify client side
-
-Connect to the EFLOW VM and check if MCC is properly running:
-
-1. Open PowerShell as an Administrator.
-2. Enter the following commands:
-
-   ```powershell
-   Connect-EflowVm
-   sudo -s
-   iotedge list
-   ```
-
-   :::image type="content" source="./images/ent-mcc-connect-eflowvm.png" alt-text="Screenshot of running connect-EflowVm, sudo -s, and iotedge list from PowerShell." lightbox="./images/ent-mcc-connect-eflowvm.png":::
-
-You should see MCC, edgeAgent, and edgeHub running. If you see edgeAgent or edgeHub but not MCC, try this command in a few minutes. The MCC container can take a few minutes to deploy. If iotedge list times out, you can run docker ps -a to list the running containers.
-If the 3 containers are still not running, run the following commands to check if DNS resolution is working correctly:
-
-```bash
-ping www.microsoft.com
-resolvectl query microsoft.com
-```
-
-See the [common issues](#common-issues) section for more information.
-
-#### Verify server side
-
-To validate that MCC is properly functioning, execute the following command in the EFLOW VM or any device in the network. Replace <CacheServerIP\> with the IP address of the cache server.
-
-```powershell
-wget http://<CacheServerIP>/mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com
-```
-
-A successful test result will display a status code of 200 along with additional information.
-
-:::image type="content" source="./images/ent-mcc-verify-server-ssh.png" alt-text="Screenshot of a successful wget with an SSH client." lightbox="./images/ent-mcc-verify-server-ssh.png":::
-
-:::image type="content" source="./images/ent-mcc-verify-server-powershell.png" alt-text="Screenshot of a successful wget using PowerShell." lightbox="./images/ent-mcc-verify-server-powershell.png":::
-
-Similarly, enter the following URL from a browser in the network:
-
-`http://<YourCacheServerIP>/mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com`
-
-If the test fails, see the [common issues](#common-issues) section for more information.
-
-### Intune (or other management software) configuration for MCC
-
-For an [Intune](/mem/intune/) deployment, create a **Configuration Profile** and include the Cache Host eFlow IP Address or FQDN:
-
-:::image type="content" source="./images/ent-mcc-intune-do.png" alt-text="Screenshot of Intune showing the Delivery Optimization cache server host names.":::
-
-## Common Issues
-
-#### PowerShell issues
-
-If you're seeing errors similar to this error: `The term Get-<Something> isn't recognized as the name of a cmdlet, function, script file, or operable program.`
-
-1. Ensure you're running Windows PowerShell version 5.x.
-
-1. Run \$PSVersionTable and ensure you're running version 5.x and *not version 6 or 7*.
-
-1. Ensure you have Hyper-V enabled:
-
-   **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v)
-
-   **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server)
-
-#### Verify Running MCC Container
-
-Connect to the Connected Cache server and check the list of running IoT Edge modules using the following commands:
-
-```bash
-Connect-EflowVm
-sudo iotedge list
-```
-
-:::image type="content" source="./images/ent-mcc-iotedge-list.png" alt-text="Screenshot of the iotedge list command." lightbox="./images/ent-mcc-iotedge-list.png":::
-
-If edgeAgent and edgeHub containers are listed, but not "MCC", you may view the status of the IoT Edge security manager by using the command:
-
-```bash
-sudo journalctl -u iotedge -f
-```
-
-This command will provide the current status of the starting, stopping of a container, or the container pull and start.  
-
-:::image type="content" source="./images/ent-mcc-journalctl.png" alt-text="Screenshot of the output from journalctl -u iotedge -f." lightbox="./images/ent-mcc-journalctl.png":::
-
-> [!NOTE]
-> You should consult the IoT Edge troubleshooting guide ([Common issues and resolutions for Azure IoT Edge](/azure/iot-edge/troubleshoot)) for any issues you may encounter configuring IoT Edge, but we've listed a few issues that we encountered during our internal validation.
-
-
-### DNS needs to be configured
-
-Run the following IoT Edge install state check:
-
-```bash
-sudo iotedge check --verbose
-```
-
-If you see issues with ports 5671, 443, and 8883, your IoT Edge device needs to update the DNS for Docker.
-
-To configure the device to work with your DNS, use the following steps:
-
-1. Use `ifconfig` to find the appropriate NIC adapter name.
-
-   ```bash
-   ifconfig
-   ```
-
-1. Run `nmcli device show <network adapter name>` to show the DNS name for the ethernet adapter. For example, to show DNS information for **eno1**:
-
-   ```bash
-   nmcli device show eno1 
-   ```
-
-   :::image type="content" source="images/mcc-isp-nmcli.png" alt-text="Screenshot of a sample output of nmcli command to show network adapter information." lightbox="./images/mcc-isp-nmcli.png":::
-
-1. Open or create the Docker configuration file used to configure the DNS server.
-
-   ```bash
-   sudo nano /etc/docker/daemon.json
-   ```
-
-1. Paste the following string into the **daemon.json** file, and include the appropriate DNS server address. For example, in the previous screenshot, `IP4.DNS[1]` is `10.50.10.50`.
-
-   ```bash
-   { "dns": ["x.x.x.x"]}
-   ```
-
-1. Save the changes to daemon.json. If you need to change permissions on this file, use the following command:
-
-   ```bash
-   sudo chmod 555 /etc/docker/daemon.json
-   ```
-
-1. Restart Docker to pick up the new DNS setting. Then restart IoT Edge.
-
-   ```bash
-   sudo systemctl restart docker
-   sudo systemctl daemon-reload
-   sudo restart IoTEdge
-   ```
-
-### Resolve DNS issues
-
-Follow these steps if you see a DNS error when trying to resolve hostnames during the provisioning or download of container:
-Run `Get-EflowVmEndpoint` to get interface name
-
-Once you get the name:
-
-```bash
-Set-EflowVmDNSServers -vendpointName "interface name from above" -dnsServers @("DNS_IP_ADDRESS")
-Stop-EflowVm
-Start-EflowVm
-```
diff --git a/windows/deployment/do/mcc-enterprise-prerequisites.md b/windows/deployment/do/mcc-enterprise-prerequisites.md
deleted file mode 100644
index 1e33e85158..0000000000
--- a/windows/deployment/do/mcc-enterprise-prerequisites.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-title: Requirements for MCC for Enterprise and Education
-description: Overview of prerequisites and recommendations for using Microsoft Connected Cache (MCC) for Enterprise and Education.
-ms.service: windows-client
-ms.subservice: itpro-updates
-ms.topic: conceptual
-ms.author: carmenf
-author: cmknox
-manager: aaroncz
-ms.reviewer: mstewart
-ms.collection: tier3
-appliesto: 
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-- - ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a>
-ms.date: 05/23/2024
----
-
-# Requirements of Microsoft Connected Cache for Enterprise and Education (early preview)
-
-> [!NOTE]
-> As we near the release of public preview, we have paused onboarding. Please continue to submit the form to express interest so we can follow up with you once public preview of Microsoft Connected Cache for Enteprise and Education is available. To register your interest, fill out the form located at [https://aka.ms/MSConnectedCacheSignup](https://aka.ms/MSConnectedCacheSignup).
-
-## Enterprise requirements for MCC
-
-1. **Azure subscription**: MCC management portal is hosted within Azure and is used to create the Connected Cache [Azure resource](/azure/cloud-adoption-framework/govern/resource-consistency/resource-access-management) and IoT Hub resource. Both are free services.
-
-    Your Azure subscription ID is first used to provision MCC services, and enable access to the preview. The MCC server requirement for an Azure subscription costs you nothing. If you don't have an Azure subscription already, you can create an Azure [pay-as-you-go](https://azure.microsoft.com/offers/ms-azr-0003p/) account, which requires a credit card for verification purposes. For more information, see the [Azure Free Account FAQ](https://azure.microsoft.com/free/free-account-faq/).
-
-    The resources used for the preview and in the future when this product is ready for production will be free to you, like other caching solutions.
-1. **Hardware to host MCC**: The recommended configuration serves approximately 35,000 managed devices, downloading a 2-GB payload in 24-hour timeframe at a sustained rate of 6.5 Gbps.
-  
-   > [!NOTE]
-   > Azure VMs are not currently supported. If you'd like to install your cache node on VMWare, see the [Appendix](mcc-enterprise-appendix.md) for a few additional configurations.
-
-    **EFLOW requires Hyper-V support**
-    - On Windows client, enable the Hyper-V feature.
-    - On Windows Server, install the Hyper-V role and create a default network switch.
-    - For more requirements, see [EFLOW requirements](/azure/iot-edge/iot-edge-for-linux-on-windows#prerequisites).
-
-    Disk recommendations:
-    - Using an SSD is recommended as cache read speed of SSD is superior to HDD
-
-    NIC requirements:
-    - Multiple NICs on a single MCC instance aren't supported.
-    - 1 Gbps NIC is the minimum speed recommended but any NIC is supported.
-    - For best performance, NIC and BIOS should support SR-IOV.
-
-    VM networking:
-    -  An external virtual switch to support outbound and inbound network communication (created during the installation process)
-1. **Content endpoints**: If you're using a proxy or firewall, certain endpoints must be allowed through in order for your MCC to cache and serve content. See [Delivery Optimization and Microsoft Connected Cache content type endpoints](delivery-optimization-endpoints.md) for the list of required endpoints. 
-
-## Sizing recommendations
-
-| Component  | Branch Office / Small Enterprise | Large Enterprise |
-| -- | --- | --- |
-| OS|  Windows Server 2019*/2022 <br> Windows 10*/11 (Pro or Enterprise) with Hyper-V Support <br><br>* Windows 10 and Windows Server 2019 build 17763 or later | Same |
-|NIC | 1 Gbps | 5 Gbps |
-|Disk | SSD <br>1 drive <br>50 GB each  |SSD <br>1 drive <br>200 GB each  |
-|Memory | 4 GB | 8 GB |
-|Cores | 4 | 8  |
diff --git a/windows/deployment/do/mcc-enterprise-update-uninstall.md b/windows/deployment/do/mcc-enterprise-update-uninstall.md
deleted file mode 100644
index 8ffa3c50c7..0000000000
--- a/windows/deployment/do/mcc-enterprise-update-uninstall.md
+++ /dev/null
@@ -1,55 +0,0 @@
----
-title: Uninstall MCC for Enterprise and Education
-description: Details on how to uninstall Microsoft Connected Cache (MCC) for Enterprise and Education for your environment.
-ms.service: windows-client
-ms.subservice: itpro-updates
-ms.topic: how-to
-ms.author: carmenf
-author: cmknox
-manager: aaroncz
-ms.reviewer: mstewart
-ms.collection:
-  - tier3
-  - must-keep
-appliesto: 
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
-- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-- ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for Enterprise and Education</a> 
-ms.date: 05/23/2024
----
-
-<!-- Customers will no longer update the private preview and instead install public preview
-# Update or uninstall Microsoft Connected Cache for Enterprise and Education
-
-Throughout the preview phase, we'll send you security and feature updates for MCC. Follow these steps to perform the update.
-
-## Update MCC
-
-Run the following command with the **arguments** we provided in the email to update your MCC:
-
-```powershell
-# .\updatemcc.ps1 version="**\<VERSION\>**" tenantid="**\<TENANTID\>**" customerid="**\<CUSTOMERID\>**" cachenodeid="**\<CACHENODEID\>**" customerkey="**\<CUSTOMERKEY\>**"
-```
-
-For example:
-
-```powershell
-# .\updatemcc.ps1 version="msconnectedcacheprod.azurecr.io/mcc/linux/iot/mcc-ubuntu-iot-amd64:1.2.1.659" tenantid="799a999aa-99a1-99aa-99aa-9a9aa099db99" customerid="99a999aa-99a1-99aa-99aa-9aaa9aaa0saa" cachenodeid=" aa99aaaa-999a-9aas-99aa99daaa99 " customerkey="a99d999a-aaaa-aa99-0999aaaa99a"
-```
--->
-# Uninstall MCC
-
-Contact the MCC Team before uninstalling to let us know if you're facing issues.
-
-This script removes the following items:
-
-1. EFLOW + Linux VM
-1. IoT Edge
-1. Edge Agent
-1. Edge Hub
-1. MCC
-1. Moby CLI
-1. Moby Engine
-
-To delete MCC, go to Control Panel \> Uninstall a program \> Select Azure IoT
-Edge LTS \> Uninstall
diff --git a/windows/deployment/do/waas-delivery-optimization-faq.yml b/windows/deployment/do/waas-delivery-optimization-faq.yml
index 1f78efa270..cda14c3e5e 100644
--- a/windows/deployment/do/waas-delivery-optimization-faq.yml
+++ b/windows/deployment/do/waas-delivery-optimization-faq.yml
@@ -17,7 +17,7 @@ metadata:
     - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
     - ✅ <a href=https://learn.microsoft.com/en-us/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019, and later</a>
     - ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-delivery-optimization target=_blank>Delivery Optimization</a>	
-  ms.date: 09/10/2024
+  ms.date: 10/15/2024
 title: Frequently Asked Questions about Delivery Optimization
 summary: |
   This article answers frequently asked questions about Delivery Optimization.
@@ -42,6 +42,7 @@ summary: |
    **Peer-to-peer related questions**: 
 
   - [How does Delivery Optimization determine which content is available for peering?](#how-does-delivery-optimization-determine-which-content-is-available-for-peering)
+  - [Where does Delivery Optimization get content from first?](#where-does-delivery-optimization-get-content-from-first)
   - [Does Delivery Optimization use multicast?](#does-delivery-optimization-use-multicast)
   - [How does Delivery Optimization deal with congestion on the router from peer-to-peer activity on the LAN?](#how-does-delivery-optimization-deal-with-congestion-on-the-router-from-peer-to-peer-activity-on-the-lan)
   - [How does Delivery Optimization handle VPNs?](#how-does-delivery-optimization-handle-vpns)
@@ -128,6 +129,11 @@ sections:
       - question: How does Delivery Optimization determine which content is available for peering?
         answer: |
           Delivery Optimization uses the cache content on the device to determine what's available for peering. For the upload source device, there's a limited number (4) of slots for cached content that's available for peering at a given time. Delivery Optimization contains logic that rotates the cached content in those slots.
+      - question: Where does Delivery Optimization get content from first?
+        answer: |
+          When Delivery Optimization client is configured to use peers and Microsoft Connected Cache (MCC), the client connects to both MCC and peers in parallel. There is no prioritization between the two. Once downloading starts in parallel, Delivery Optimization 
+          will taper off requests to the HTTP source (CDN or MCC) when the peer connections are able to reach the target download speed. For background downloads, Delivery Optimization will drop HTTP connections if peers are meeting the minimum QoS speed. To manage delaying the default behavior
+          there are a collection of policies that can be used. For more information, see [Delivery Optimization delay policies](waas-delivery-optimization-reference.md#policies-to-prioritize-the-use-of-peer-to-peer-and-cache-server-sources).
       - question: Does Delivery Optimization use multicast?
         answer: |
          No. It relies on the cloud service for peer discovery, resulting in a list of peers and their IP addresses. Client devices then connect to their peers to obtain download files over TCP/IP.    
diff --git a/windows/deployment/do/waas-delivery-optimization-reference.md b/windows/deployment/do/waas-delivery-optimization-reference.md
index f43982a7c5..a8f8a4b517 100644
--- a/windows/deployment/do/waas-delivery-optimization-reference.md
+++ b/windows/deployment/do/waas-delivery-optimization-reference.md
@@ -14,7 +14,7 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 - ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-delivery-optimization target=_blank>Delivery Optimization</a>
-ms.date: 05/23/2024
+ms.date: 10/15/2024
 ---
 
 # Delivery Optimization reference
@@ -106,7 +106,7 @@ When Delivery Optimization client is configured to use peers and Microsoft Conne
 ##### Microsoft Connected Cache (MCC) delay fallback settings
 
 - [Delay foreground download cache server fallback (in secs)](#delay-foreground-download-cache-server-fallback-in-secs) allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use a cache server.
-- [Delay background download from HTTP (in secs)](#delay-background-download-from-http-in-secs) allows you to delay the use of an HTTP source in a background  download that is allowed to use a cache server.
+- [Delay background download cache server fallback (in secs)](#delay-background-download-cache-server-fallback-in-secs) allows you to delay the use of an HTTP source in a background  download that is allowed to use a cache server.
 
 **If both peer-to-peer and MCC are configured, the peer-to-peer delay settings will take precedence over the cache server delay settings.** This setting allows Delivery Optimization to discover peers first then recognize the fallback setting for the MCC cache server.
 
@@ -245,13 +245,13 @@ The default behaviors differ between Windows 10 and Windows 11. In Windows 10, t
 
 MDM Setting: **DODelayForegroundDownloadFromHttp**
 
-Starting in Windows 10, version 1803, allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer. The maximum value is 4294967295 seconds. **By default, this policy isn't configured.**
+Starting in Windows 10, version 1803, allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer. **By default, this policy isn't configured.**
 
 ### Delay background download from HTTP (in secs)
 
 MDM Setting: **DODelayBackgroundDownloadFromHttp**
 
-Starting in Windows 10, version 1803, this allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer. The maximum value is 4294967295 seconds. **By default, this policy isn't configured.**
+Starting in Windows 10, version 1803, this allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer. **By default, this policy isn't configured.**
 
 ### Delay foreground download cache server fallback (in secs)
 
diff --git a/windows/deployment/do/waas-microsoft-connected-cache.md b/windows/deployment/do/waas-microsoft-connected-cache.md
index a1cd9a0ca8..2be96841a2 100644
--- a/windows/deployment/do/waas-microsoft-connected-cache.md
+++ b/windows/deployment/do/waas-microsoft-connected-cache.md
@@ -24,7 +24,7 @@ ms.date: 05/23/2024
 Microsoft Connected Cache is a software-only caching solution that delivers Microsoft content. Microsoft Connected Cache has two main offerings:
 
 - Microsoft Connected Cache for Internet Service Providers
-- Microsoft Connected Cache for Enterprise and Education (early preview)
+- Microsoft Connected Cache for Enterprise and Education (preview)
 
 Both products are created and managed in the cloud portal.
 
@@ -35,14 +35,14 @@ Both products are created and managed in the cloud portal.
 
 Microsoft Connected Cache (MCC) for Internet Service Providers is currently in preview. MCC can be deployed to as many bare-metal servers or VMs as needed and is managed from a cloud portal. When deployed, MCC can help to reduce your network bandwidth usage for Microsoft software content and updates. Cache nodes are created in the cloud portal and are configured to deliver traffic to customers by manual CIDR or BGP routing. Learn more at [Microsoft Connected Cache for ISPs Overview](mcc-isp-overview.md).
 
-## Microsoft Connected Cache for Enterprise and Education (early preview)
+## Microsoft Connected Cache for Enterprise and Education (preview)
 
 > [!NOTE]
-> As we near the release of public preview, we have paused onboarding. Please continue to submit the form to express interest so we can follow up with you once public preview of Microsoft Connected Cache for Enteprise and Education is available. To register your interest, fill out the form located at [https://aka.ms/MSConnectedCacheSignup](https://aka.ms/MSConnectedCacheSignup).
+> Microsoft Connected Cache (MCC) for Enterprise and Education is now in public preview. To get started, follow the instructions in the [Create Microsoft Connected Cache Azure resource and cache nodes](mcc-ent-create-resource-and-cache.md) article.
 
-Microsoft Connected Cache (MCC) for Enterprise and Education (early preview) is a software-only caching solution that delivers Microsoft content within Enterprise and Education networks. MCC can be deployed to as many Windows servers, bare-metal servers, or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying the client policy using management tools such as Intune. Learn more at [Microsoft Connected Cache for Enterprise and Education Overview](mcc-ent-edu-overview.md).
+Microsoft Connected Cache (MCC) for Enterprise and Education is a software-only caching solution that delivers Microsoft content within Enterprise and Education networks. MCC can be deployed to as many Windows servers, bare-metal servers, or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying the client policy using management tools such as Intune. Learn more at [Microsoft Connected Cache for Enterprise and Education Overview](mcc-ent-edu-overview.md).
 
-Microsoft Connected Cache (MCC) for Enterprise and Education (early preview) is a standalone cache for customers moving towards modern management and away from Configuration Manager distribution points. For Microsoft Connected Cache in Configuration Manager (generally available starting Configuration Manager version 2111), see [Microsoft Connected Cache in Configuration Manager](/mem/configmgr/core/plan-design/hierarchy/microsoft-connected-cache)
+Microsoft Connected Cache (MCC) for Enterprise and Education (preview) is a standalone cache for customers moving towards modern management and away from Configuration Manager distribution points. For Microsoft Connected Cache in Configuration Manager (generally available starting Configuration Manager version 2111), see [Microsoft Connected Cache in Configuration Manager](/mem/configmgr/core/plan-design/hierarchy/microsoft-connected-cache)
 
 ## Next steps
 
diff --git a/windows/deployment/do/whats-new-do.md b/windows/deployment/do/whats-new-do.md
index 0b167097fa..496d1240c1 100644
--- a/windows/deployment/do/whats-new-do.md
+++ b/windows/deployment/do/whats-new-do.md
@@ -43,8 +43,8 @@ There are two different versions:
 
 ### Windows 11 22H2
 
-- New setting: Customize vpn detection by choosing custom keywords. Now, you don't have to rely on Delivery Optimization keywords to detect your Vpn. By using the new VpnKeywords configuration you can add keywords for Delivery Optimization to use when detecting a Vpn when in use. You can find this configuration **[VPN Keywords](waas-delivery-optimization-reference.md#vpn-keywords)** in Group Policy or MDM under **DOVpnKeywords**.
-- New setting: Use the disallow downloads from a connected cache server, when a Vpn is detected and you want to prevent the download from the connected cache server. You can find this configuration **[Disallow download from MCC over VPN](waas-delivery-optimization-reference.md#disallow-cache-server-downloads-on-vpn) in Group Policy or MDM under **DODisallowCacheServerDownloadsOnVPN**.
+- New setting: Customize VPN detection by choosing custom keywords. Now, you don't have to rely on Delivery Optimization keywords to detect your VPN. By using the new VpnKeywords setting, you can add keywords for Delivery Optimization to use to detect when a VPN is in use. You can find this configuration **[VPN Keywords](waas-delivery-optimization-reference.md#vpn-keywords)** in Group Policy or MDM under **DOVpnKeywords**.
+- New setting: Use the disallow downloads from a connected cache server, when a VPN is detected and you want to prevent the download from the connected cache server. You can find this configuration **[Disallow download from MCC over VPN](waas-delivery-optimization-reference.md#disallow-cache-server-downloads-on-vpn)** in Group Policy or MDM under **DODisallowCacheServerDownloadsOnVPN**.
 - Delivery Optimization introduced support for receiver side ledbat (rLEDBAT).
 - New setting: Local Peer Discovery, a new option for **[Restrict Peer Selection By](waas-delivery-optimization-reference.md#select-a-method-to-restrict-peer-selection)** in Group Policy or MDM **DORestrictPeerSelectionBy**. This option restricts the discovery of local peers using the DNS-SD protocol. When you set Option 2, Delivery Optimization restricts peer selection to peers that are locally discovered (using DNS-SD).
 
diff --git a/windows/deployment/update/fod-and-lang-packs.md b/windows/deployment/update/fod-and-lang-packs.md
index 87d5304815..f9ece8c2d3 100644
--- a/windows/deployment/update/fod-and-lang-packs.md
+++ b/windows/deployment/update/fod-and-lang-packs.md
@@ -13,7 +13,7 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 - ✅ <a href=https://learn.microsoft.com/mem/configmgr/ > Microsoft Configuration Manager</a>
 - ✅ <a href=https://learn.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus > WSUS </a>
-ms.date: 04/22/2024
+ms.date: 10/01/2024
 ---
 
 # How to make Features on Demand and language packs available when you're using WSUS or Configuration Manager
@@ -31,11 +31,13 @@ Due to these changes, the **Specify settings for optional component installation
 
 The introduction of the **Specify source service for specific classes of Windows Updates** ([SetPolicyDrivenUpdateSourceFor<UpdateClass\>](/windows/client-management/mdm/policy-csp-update#setpolicydrivenupdatesourceforfeatureupdates)) policy in Windows 10, version 2004 further complicated configuring settings for FoD and language pack content. 
 
-Starting in Windows 11, version 22H2, on-premises Unified Update Platform (UUP) updates were introduced. FoDs and language packs are available from WSUS again. It's no longer necessary to use the **Specify settings for optional component installation and component repair** policy for FoD and language pack content.  
+Starting in Windows 11, version 22H2, on-premises Unified Update Platform (UUP) updates were introduced. FoDs and language packs are available from WSUS again. It's no longer necessary to use the **Specify settings for optional component installation and component repair** policy for FoD and language pack content. This policy was modified starting in Windows 11, version 24H2 and the following options were removed:<!--8914508-->
+- Never attempt to download payload from Windows Update
+- Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)
 
 ## Version specific information for Features on Demand and language packs
 
-Windows 11, version 22H2, and later clients use on-premises Unified Update Platform (UUP) updates with WSUS and Microsoft Configuration Manager. These clients don't need to use **Specify settings for optional component installation and component repair** for FoDs and language packs since the content is available in WSUS due to on-premises UUP.
+Windows 11, version 22H2, and later clients use on-premises Unified Update Platform (UUP) updates with WSUS and Microsoft Configuration Manager. These clients don't need to use **Specify settings for optional component installation and component repair** for FoDs and language packs since the content is available in WSUS due to on-premises UUP. The policy was modified starting in Windows 11, version 24H2 to remove the unneeded options.<!--8914508--> 
 
 For Windows 10, version 2004 through Windows 11, version 21H2, clients can't download FoDs or language packs when **Specify settings for optional component installation and component repair** is set to Windows Update and **Specify source service for specific classes of Windows Updates** ([SetPolicyDrivenUpdateSourceFor<FeatureUpdates/QualityUpdates>](/windows/client-management/mdm/policy-csp-update#setpolicydrivenupdatesourceforfeatureupdates)) for either feature or quality updates is set to WSUS. If you need this content, you can set **Specify settings for optional component installation and component repair** to Windows Update and then either:
 - Change the source selection for feature and quality updates to Windows Update 
diff --git a/windows/deployment/update/waas-restart.md b/windows/deployment/update/waas-restart.md
index 9d859d31c3..46c69eb5b6 100644
--- a/windows/deployment/update/waas-restart.md
+++ b/windows/deployment/update/waas-restart.md
@@ -14,7 +14,7 @@ ms.localizationpriority: medium
 appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-ms.date: 10/10/2023
+ms.date: 10/04/2024
 ---
 
 # Manage device restarts after updates
@@ -215,4 +215,4 @@ There are three different registry combinations for controlling restart behavior
 - [Configure Windows Update for Business](waas-configure-wufb.md)
 - [Integrate Windows Update for Business with management solutions](waas-integrate-wufb.md)
 - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md)
-- [Walkthrough: use Intune to configure Windows Update for Business](/intune/windows-update-for-business-configure)
\ No newline at end of file
+- [Manage Windows 10 and Windows 11 software updates in Intune](/mem/intune/protect/windows-update-for-business-configure)
diff --git a/windows/deployment/upgrade/windows-edition-upgrades.md b/windows/deployment/upgrade/windows-edition-upgrades.md
index f09b8e67cc..b1fc50c67b 100644
--- a/windows/deployment/upgrade/windows-edition-upgrades.md
+++ b/windows/deployment/upgrade/windows-edition-upgrades.md
@@ -11,7 +11,7 @@ ms.collection:
   - highpri
   - tier2
 ms.subservice: itpro-deploy
-ms.date: 10/02/2023
+ms.date: 10/04/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10</a>
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
@@ -56,7 +56,7 @@ The following table shows the methods and paths available to change the edition
 >
 > - Each desktop edition in the table also has an N and KN SKU. These editions have had media-related functionality removed. Devices with N or KN SKUs installed can be upgraded to corresponding N or KN SKUs using the same methods.
 >
-> - Edition upgrades via Microsoft Store for Business are no longer available with the retirement of the Microsoft Store for Business. For more information, see [Microsoft Store for Business and Education retiring March 31, 2023](/lifecycle/announcements/microsoft-store-for-business-education-retiring) and [Microsoft Store for Business and Microsoft Store for Education overview](/microsoft-store/microsoft-store-for-business-overview).
+> - Edition upgrades via Microsoft Store for Business are no longer available with the retirement of the Microsoft Store for Business. For more information, see [Microsoft Store for Business and Education retiring March 31, 2023](/lifecycle/announcements/microsoft-store-for-business-education-retiring).
 
 > [!TIP]
 > Edition upgrade is also possible using edition upgrade policy in Microsoft Configuration Manager. For more information, see [Upgrade Windows devices to a new edition with Configuration Manager](/mem/configmgr/compliance/deploy-use/upgrade-windows-version).
diff --git a/windows/deployment/usmt/usmt-recognized-environment-variables.md b/windows/deployment/usmt/usmt-recognized-environment-variables.md
index be9096cf54..0d2153bbaa 100644
--- a/windows/deployment/usmt/usmt-recognized-environment-variables.md
+++ b/windows/deployment/usmt/usmt-recognized-environment-variables.md
@@ -66,8 +66,8 @@ These variables can be used within sections in the **.xml** files with `context=
 |*CSIDL_DEFAULT_TEMPLATES*|Refers to the Templates folder inside `%DEFAULTUSERPROFILE%`.|
 |*CSIDL_DEFAULT_QUICKLAUNCH*|Refers to the Quick Launch folder inside `%DEFAULTUSERPROFILE%`.|
 |*CSIDL_FONTS*|A virtual folder containing fonts. A typical path is `C:\Windows\Fonts`.|
-|*CSIDL_PROGRAM_FILESX86*|The Program Files folder on 64-bit systems. A typical path is `C:\Program Files(86)`.|
-|*CSIDL_PROGRAM_FILES_COMMONX86*|A folder for components that are shared across applications on 64-bit systems. A typical path is `C:\Program Files(86)\Common`.|
+|*CSIDL_PROGRAM_FILESX86*|The Program Files folder on 64-bit systems. A typical path is `C:\Program Files (x86)`.|
+|*CSIDL_PROGRAM_FILES_COMMONX86*|A folder for components that are shared across applications on 64-bit systems. A typical path is `C:\Program Files (x86)\Common`.|
 |*CSIDL_PROGRAM_FILES*|The Program Files folder. A typical path is `C:\Program Files`.|
 |*CSIDL_PROGRAM_FILES_COMMON*|A folder for components that are shared across applications. A typical path is `C:\Program Files\Common`.|
 |*CSIDL_RESOURCES*|The file-system directory that contains resource data. A typical path is `C:\Windows\Resources`.|
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
index b484ef3547..b65c4701ea 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
@@ -41,7 +41,7 @@ The overall device registration process is as follows:
 :::image type="content" source="../media/windows-autopatch-device-registration-overview.png" alt-text="Overview of the device registration process" lightbox="../media/windows-autopatch-device-registration-overview.png":::
 
 1. IT admin reviews [Windows Autopatch device registration prerequisites](#prerequisites-for-device-registration) before registering devices with Windows Autopatch.
-2. IT admin identifies and adds devices or nests other Microsoft Entra device groups into any Microsoft Entra group used with an Autopatch group, imported (WUfB) policies, or direct membership to the **Modern Workplace Devices-Windows-Autopatch-X-groups**.
+2. IT admin identifies and adds devices, or nests other Microsoft Entra device groups when you [create an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#create-an-autopatch-group), [edit an Autopatch group](../manage/windows-autopatch-manage-autopatch-groups.md#edit-an-autopatch-group), or import Windows Update for Business (WUfB) policies.
 3. Windows Autopatch then:
     1. Performs device readiness prior registration (prerequisite checks).
     2. Calculates the deployment ring distribution.
@@ -77,7 +77,7 @@ The deployment ring distribution is designed to release software update deployme
 
 ### Device record and deployment ring assignment
 
-Registering your devices with Windows Autopatch does the following:
+When you register your devices, Windows Autopatch:
 
 1. Makes a record of devices in the service.
 2. Assign devices to the [deployment ring set](#default-deployment-ring-calculation-logic) and other groups required for software update management.
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-policies.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-policies.md
index 37b1203eff..47810fe194 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-policies.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-policies.md
@@ -42,12 +42,12 @@ These policies control the minimum target version of Windows that a device is me
 
 You can see the following default policies created by the service in the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431):
 
-| Policy name | Phase mapping | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
-| ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Windows Autopatch - DSS Policy [Test] | Phase 1 | Windows 10 21H2 | Make update available as soon as possible | May 9, 2023  | N/A | N/A | June 11, 2024 |
-| Windows Autopatch - DSS Policy [First] | Phase 2 | Windows 10 21H2 | Make update available as soon as possible | May 16, 2023  | N/A | N/A | June 11, 2024 |
-| Windows Autopatch - DSS Policy [Fast] | Phase 3 | Windows 10 21H2 | Make update available as soon as possible | May 23, 2023  | N/A | N/A | June 11, 2024 |
-| Windows Autopatch - DSS Policy [Broad] | Phase 4 | Windows 10 21H2 | Make update available as soon as possible | May 30, 2023  | N/A | N/A | June 11, 2024 |
+| Policy name | Phase mapping | Feature update version | Rollout options | Support end date |
+| ----- | ----- | ----- | ----- | ----- |
+| Windows Autopatch - DSS Policy [Test] | Phase 1 | Windows 10 22H2 | Make update available as soon as possible | October 14, 2025 |
+| Windows Autopatch - DSS Policy [First] | Phase 2 | Windows 10 22H2 | Make update available as soon as possible | October 14, 2025 |
+| Windows Autopatch - DSS Policy [Fast] | Phase 3 | Windows 10 22H2 | Make update available as soon as possible | October 14, 2025 |
+| Windows Autopatch - DSS Policy [Broad] | Phase 4 | Windows 10 22H2 | Make update available as soon as possible | October 14, 2025 |
 
 > [!NOTE]
 > Gradual rollout settings aren't configured in the default Windows Update feature policy. If the date of the final group availability is changed to a past date, all remaining devices are offered the update as soon as possible. For more information, see [rollout options for Windows Updates in Microsoft Intune](/mem/intune/protect/windows-update-rollout-options#make-updates-available-gradually).
@@ -56,9 +56,9 @@ You can see the following default policies created by the service in the [Micros
 
 Windows Autopatch configures the values for its global Windows feature update policy. See the following default policies created by the service in the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431):
 
-| Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
-| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Windows Autopatch - Global DSS Policy [Test] | Windows 10 21H2 | Make update available as soon as possible | N/A  | N/A | N/A | June 11, 2024 |
+| Policy name | Feature update version | Rollout options | Support end date |
+| ----- | ----- | ----- | ----- |
+| Windows Autopatch - Global DSS Policy [Test] | Windows 10 22H2 | Make update available as soon as possible | October 14, 2025 |
 
 > [!NOTE]
 > Gradual rollout settings aren't configured in the default Windows Update feature policy. If the date of the final group availability is changed to be a past date, all remaining devices are offered the update as soon as possible. For more information, see [rollout options for Windows Updates in Microsoft Intune](/mem/intune/protect/windows-update-rollout-options#make-updates-available-gradually).
@@ -101,11 +101,11 @@ These policies can be viewed in the [Microsoft Intune admin center](https://go.m
 
 The following table is an example of the Windows feature update policies that were created for phases within a release:
 
-| Policy name | Feature update version | Rollout options | First deployment date| Final deployment date availability | Day between groups | Support end date |
-| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Windows Autopatch - DSS Policy - My feature update release - Phase 1  | Windows 10 21H2 | Make update available as soon as possible | April 24, 2023 | April 24, 2023 | N/A | June 11, 2024 |
-| Windows Autopatch - DSS Policy - My feature update release - Phase 2  | Windows 10 21H2 | Make update available as soon as possible | June 26, 2023 | July 17, 2023 | 7 | June 11, 2024 |
-| Windows Autopatch - DSS Policy - My feature update release - Phase 3 | Windows 10 21H2 | Make update available as soon as possible | July 24, 2023 | August 14, 2023 | 7 | June 11, 2024 |
-| Windows Autopatch - DSS Policy - My feature update release - Phase 4  | Windows 10 21H2 | Make update available as soon as possible | August 28, 2023 | September 10, 2023 | 7 | June 11, 2024 |
-| Windows Autopatch - DSS Policy - My feature update release - Phase 5  | Windows 10 21H2 | Make update available as soon as possible | September 25, 2023 | October 16, 2023 | 7 | June 11, 2024 |
+| Policy name | Feature update version | Rollout options| Day between groups | Support end date |
+| ----- | ----- | ----- | ----- | ----- |
+| Windows Autopatch - DSS Policy - My feature update release - Phase 1  | Windows 10 22H2 | Make update available as soon as possible| N/A | October 14, 2025 |
+| Windows Autopatch - DSS Policy - My feature update release - Phase 2  | Windows 10 22H2 | Make update available as soon as possible | 7 | October 14, 2025 |
+| Windows Autopatch - DSS Policy - My feature update release - Phase 3  | Windows 10 22H2 | Make update available as soon as possible | 7 | October 14, 2025 |
+| Windows Autopatch - DSS Policy - My feature update release - Phase 4  | Windows 10 22H2 | Make update available as soon as possible | 7 | October 14, 2025 |
+| Windows Autopatch - DSS Policy - My feature update release - Phase 5  | Windows 10 22H2 | Make update available as soon as possible | 7 | October 14, 2025 |
 
diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
index 665fc298c0..8e56b5f267 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-end-user-exp.md
@@ -1,7 +1,7 @@
 ---
 title: Windows quality update end user experience
 description: This article explains the Windows quality update end user experience
-ms.date: 09/16/2024
+ms.date: 10/07/2024
 ms.service: windows-client
 ms.subservice: autopatch
 ms.topic: conceptual
@@ -32,9 +32,7 @@ In this section we review what an end user would see in the following three scen
 
 ### Typical update experience
 
-The Windows quality update is published and devices in the Broad ring have a deferral period of nine days. Devices wait nine days before downloading the latest quality update.
-
-In the following example, the user:
+In the following example, the Windows quality update is published and devices in the Broad ring have a deferral period of seven days. Devices wait seven days before downloading the latest quality update.
 
 | Day | Description |
 | --- | --- |
@@ -46,7 +44,7 @@ In the following example, the user:
 
 ### Quality update deadline forces an update
 
-In the following example, the user:
+In the following example:
 
 | Day | Description |
 | --- | --- |
@@ -58,7 +56,7 @@ In the following example, the user:
 
 ### Quality update grace period
 
-In the following example, the user:
+In the following example:
 
 | Day | Description |
 | --- | --- |
diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
index 6666b1fe35..8ba74fe797 100644
--- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
+++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-configure-network.md
@@ -63,7 +63,7 @@ The following URLs must be on the allowed list of your proxy and firewall so tha
 
 | Microsoft service | URLs required on allowlist |
 | ----- | ----- |
-| Windows Autopatch | <ul><li>mmdcustomer.microsoft.com</li><li>mmdls.microsoft.com</li><li>logcollection.mmd.microsoft.com</li><li>support.mmd.microsoft.com</li><li>devicelistenerprod.microsoft.com</li><li>login.windows.net</li><li>payloadprod*.blob.core.windows.net</li></ul>|
+| Windows Autopatch | <ul><li>mmdcustomer.microsoft.com</li><li>mmdls.microsoft.com</li><li>logcollection.mmd.microsoft.com</li><li>support.mmd.microsoft.com</li><li>devicelistenerprod.microsoft.com</li><li>login.windows.net</li><li>payloadprod*.blob.core.windows.net</li><li>device.autopatch.microsoft.com</li></ul>|
 
 ## Delivery Optimization
 
diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
index 5492f63c14..c4cac7212b 100644
--- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
+++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md
@@ -1,7 +1,7 @@
 ---
 title: What's new 2023
 description: This article lists the 2023 feature releases and any corresponding Message center post numbers.
-ms.date: 12/14/2023
+ms.date: 10/07/2024
 ms.service: windows-client
 ms.subservice: autopatch
 ms.topic: whats-new
diff --git a/windows/deployment/windows-enterprise-e3-overview.md b/windows/deployment/windows-enterprise-e3-overview.md
index 5d58a929ec..7be5082ac3 100644
--- a/windows/deployment/windows-enterprise-e3-overview.md
+++ b/windows/deployment/windows-enterprise-e3-overview.md
@@ -105,7 +105,6 @@ For more information about implementing Credential Guard, see the following reso
 - [Security considerations for Original Equipment Manufacturers](/windows-hardware/design/device-experiences/oem-security-considerations)
 - [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337)
 
-
 ### AppLocker management
 
 AppLocker in Windows Enterprise can be managed by using Group Policy. Group Policy requires having AD DS and that the Windows Enterprise devices are joined to an AD DS domain. AppLocker rules can be created by using Group Policy. The AppLocker rules can then be targeted to the appropriate devices.
diff --git a/windows/hub/index.yml b/windows/hub/index.yml
index 6fbeb4df3b..a20075e2cf 100644
--- a/windows/hub/index.yml
+++ b/windows/hub/index.yml
@@ -15,7 +15,7 @@ metadata:
   author: aczechowski
   ms.author: aaroncz
   manager: aaroncz
-  ms.date: 08/27/2024
+  ms.date: 10/01/2024
 
 highlightedContent:
 # itemType: architecture | concept | deploy | download | get-started | how-to-guide | training | overview | quickstart | reference | sample | tutorial | video | whats-new
@@ -25,13 +25,13 @@ highlightedContent:
     itemType: get-started
     url: /windows/whats-new/windows-11-overview
 
-  - title: Windows 11, version 23H2
+  - title: Windows 11, version 24H2
     itemType: whats-new
-    url: /windows/whats-new/whats-new-windows-11-version-23h2
+    url: /windows/whats-new/whats-new-windows-11-version-24h2
 
-  - title: Windows 11, version 23H2 group policy settings reference
+  - title: Windows 11, version 24H2 group policy settings reference
     itemType: download
-    url: https://www.microsoft.com/download/details.aspx?id=105668
+    url: https://www.microsoft.com/download/details.aspx?id=106255
 
   - title: Windows administrative tools
     itemType: concept
@@ -73,7 +73,7 @@ conceptualContent:
 
     - title: Privacy in Windows
       links:
-      - url: /windows/privacy/required-diagnostic-events-fields-windows-11-22h2
+      - url: /windows/privacy/required-diagnostic-events-fields-windows-11-24h2
         itemType: reference
         text: Windows 11 required diagnostic data
       - url: /windows/privacy/configure-windows-diagnostic-data-in-your-organization
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 92ce858c06..da212c5802 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -7,7 +7,7 @@ ms.localizationpriority: high
 author: DHB-MSFT
 ms.author: danbrown
 manager: laurawi
-ms.date: 04/24/2024
+ms.date: 10/01/2024
 ms.topic: reference
 ms.collection: privacy-windows
 ---
@@ -27,6 +27,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Required diagnostic events and fields for Windows 11, version 24H2](required-diagnostic-events-fields-windows-11-24H2.md)
 - [Required diagnostic events and fields for Windows 11, versions 23H2 and 22H2](required-diagnostic-events-fields-windows-11-22H2.md)
 - [Required diagnostic events and fields for Windows 11, version 21H2](required-windows-11-diagnostic-events-and-fields.md)
 - [Required diagnostic events and fields for Windows 10, versions 22H2 and 21H2](required-windows-diagnostic-data-events-and-fields-2004.md)
@@ -903,7 +904,7 @@ The following fields are available:
 - **DriverAvailableInbox**  Is a driver included with the operating system for this PNP device?
 - **DriverAvailableOnline**  Is there a driver for this PNP device on Windows Update?
 - **DriverAvailableUplevel**  Is there a driver on Windows Update or included with the operating system for this PNP device?
-- **DriverBlockOverridden**  Is there's a driver block on the device that has been overridden?
+- **DriverBlockOverridden**  Is there a driver block on the device that has been overridden?
 - **NeedsDismissAction**  Will the user would need to dismiss a warning during Setup for this device?
 - **NotRegressed**  Does the device have a problem code on the source OS that is no better than the one it would have on the target OS?
 - **SdbDeviceBlockUpgrade**  Is there an SDB block on the PNP device that blocks upgrade?
@@ -949,7 +950,6 @@ The following fields are available:
 - **DriverShouldNotMigrate**  Should the driver package be migrated during upgrade?
 - **SdbDriverBlockOverridden**  Does the driver package have an SDB block that blocks it from migrating, but that block has been overridden?
 
-
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
 This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
@@ -1763,7 +1763,6 @@ The following fields are available:
 
 The SystemProcessorPopCntStartSync event indicates that a new set of SystemProcessorPopCntAdd events will be sent. This event is used to understand if the system supports the PopCnt CPU requirement for newer versions of Windows.
 
-
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
 The following fields are available:
@@ -2186,7 +2185,7 @@ The following fields are available:
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
 - **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an enterprise Configuration Manager environment.
-- **ServerFeatures**  Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
+- **ServerFeatures**  Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
 - **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
 
 
@@ -2626,7 +2625,7 @@ Fires when the compatibility check completes. Gives the results from the check.
 The following fields are available:
 
 - **IsRecommended**  Denotes whether all compatibility checks have passed and, if so, returns true. Otherwise returns false.
-- **Issues**  If compatibility checks failed, provides bit indexed indicators of issues detected. Table located here: [Check results of HVCI default enablement](/windows-hardware/design/device-experiences/oem-hvci-enablement#check-results-of-hvci-default-enablement).
+- **Issues**  If compatibility checks failed, provides bit indexed indicators of issues detected. Table located here: [Check results of HVCI default enablement](/windows-hardware/design/device-experiences/oem-hvci-enablement#check-results-of-memory-integrity-default-enablement).
 
 
 ### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.Enabled
@@ -4759,6 +4758,7 @@ The following fields are available:
 
 - **InventoryVersion**  The version of the inventory file generating the events.
 
+
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
 This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
@@ -5375,7 +5375,7 @@ This Ping event sends a detailed inventory of software and hardware information
 The following fields are available:
 
 - **appAp**  Any additional parameters for the specified application. Default: ''.
-- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Please see the wiki for additional information. Default: undefined.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Default: undefined.
 - **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
 - **appChannel**  An integer indicating the channel of the installation (i.e. Canary or Dev).
 - **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
@@ -5383,11 +5383,11 @@ The following fields are available:
 - **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
-- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known. Please see the wiki for additional information. Default: '-2'.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known. Default: '-2'.
 - **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client shouldn't transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
 - **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
 - **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
-- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
 - **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
 - **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
 - **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
@@ -5398,8 +5398,8 @@ The following fields are available:
 - **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
 - **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
 - **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
-- **appPingEventEventResult**  An enum indicating the result of the event. Please see the wiki for additional information. Default: '0'.
-- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. Please see the wiki for additional information.
+- **appPingEventEventResult**  An enum indicating the result of the event. Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. 
 - **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
 - **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
 - **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
@@ -5409,9 +5409,9 @@ The following fields are available:
 - **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they haven't.
 - **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server shouldn't return an update instruction to a version number that doesn't match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it isn't a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
 - **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
-- **appVersion**  The version of the product install. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **appVersion**  The version of the product install. Default: '0.0.0.0'.
 - **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
-- **eventType**  A string indicating the type of the event. Please see the wiki for additional information.
+- **eventType**  A string indicating the type of the event. 
 - **hwHasAvx**  '1' if the client's hardware supports the AVX instruction set. '0' if the client's hardware doesn't support the AVX instruction set. '-1' if unknown. Default: '-1'.
 - **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware doesn't support the SSE instruction set. '-1' if unknown. Default: '-1'.
 - **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware doesn't support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
@@ -9069,7 +9069,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours
 
-This event indicates that update activity was blocked because it is within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
+This event indicates that update activity was blocked because it's within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -10231,7 +10231,4 @@ The following fields are available:
 - **LicenseType**  The type of licensed used to authorize the app (0 - Unknown, 1 - User, 2 - Subscription, 3 - Offline, 4 - Disc).
 - **LicenseXuid**  If the license type is 1 (User), this field contains the XUID (Xbox User ID) of the registered owner of the license.
 - **ProductGuid**  The Xbox product GUID (Globally-Unique ID) of the application.
-- **UserId**  The XUID (Xbox User ID) of the current user.
-
-
-
+- **UserId**  The XUID (Xbox User ID) of the current user.
\ No newline at end of file
diff --git a/windows/privacy/index.yml b/windows/privacy/index.yml
index f06366e02f..3f854c689e 100644
--- a/windows/privacy/index.yml
+++ b/windows/privacy/index.yml
@@ -39,7 +39,7 @@ productDirectory:
     - title: Windows 11 required diagnostic data
       imageSrc: /media/common/i_extend.svg
       summary: Learn more about basic Windows diagnostic data events and fields collected.
-      url: required-diagnostic-events-fields-windows-11-22H2.md
+      url: required-diagnostic-events-fields-windows-11-24H2.md
     - title: Windows 10 required diagnostic data
       imageSrc: /media/common/i_build.svg
       summary: See what changes Windows is making to align to the new data collection taxonomy
diff --git a/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md b/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
index 97d13f6d72..446a29e39a 100644
--- a/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
+++ b/windows/privacy/required-diagnostic-events-fields-windows-11-22H2.md
@@ -8,7 +8,7 @@ ms.localizationpriority: high
 author: DHB-MSFT
 ms.author: danbrown
 manager: laurawi
-ms.date: 02/29/2024
+ms.date: 10/01/2024
 ms.topic: reference
 ms.collection: privacy-windows
 ---
@@ -28,6 +28,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Required diagnostic events and fields for Windows 11, version 24H2](required-diagnostic-events-fields-windows-11-24H2.md)
 - [Required diagnostic events and fields for Windows 11, version 21H2](required-windows-11-diagnostic-events-and-fields.md)
 - [Required diagnostic events and fields for Windows 10, versions 22H2 and 21H2](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
@@ -128,6 +129,7 @@ The following fields are available:
 
 - **AppraiserVersion**  The version of the appraiser binary generating the events.
 
+
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
 This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
@@ -780,6 +782,7 @@ The following fields are available:
 
 - **AppraiserVersion**  Appraiser version.
 
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWAdd
 
 This event sends data indicating whether the system supports the PrefetchW CPU requirement, to help keep Windows up to date.
@@ -1309,7 +1312,6 @@ The following fields are available:
 - **uts**  A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
 - **xid**  A list of base10-encoded XBOX User IDs.
 
-
 ## Common data fields
 
 ### Ms.Device.DeviceInventoryChange
@@ -1725,7 +1727,7 @@ The following fields are available:
 
 ### Microsoft.Windows.HangReporting.AppHangEvent
 
-This event sends data about hangs for both native and managed applications, to help keep Windows up to date. It doesn't contain any Watson bucketing information. The bucketing information is recorded in a Windows Error Reporting (WER) event that is generated when the WER client reports the hang to the Watson service, and the WER event will contain the same ReportID (see field 13 of hang event, field 19 of WER event) as the hang event for the hang being reported. AppHang is reported only on PC devices. It handles classic Win32 hangs and is emitted only once per report. Some behaviors that may be perceived by a user as a hang are reported by app managers (e.g. PLM/RM/EM) as Watson Generics and will not produce AppHang events.
+This event sends data about hangs for both native and managed applications, to help keep Windows up to date. It doesn't contain any Watson bucketing information. The bucketing information is recorded in a Windows Error Reporting (WER) event that is generated when the WER client reports the hang to the Watson service, and the WER event will contain the same ReportID (see field 13 of hang event, field 19 of WER event) as the hang event for the hang being reported. AppHang is reported only on PC devices. It handles classic Win32 hangs and is emitted only once per report. Some behaviors that may be perceived by a user as a hang are reported by app managers (e.g. PLM/RM/EM) as Watson Generics and won't produce AppHang events.
 
 The following fields are available:
 
@@ -1751,31 +1753,6 @@ The following fields are available:
 
 ## Holographic events
 
-### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Entered
-
-This event sends data indicating the start of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
-
-The following fields are available:
-
-- **SessionID**  Unique value for each attempt.
-- **TargetAsId**  The sequence number for the process.
-- **windowInstanceId**  Unique value for each window instance.
-
-
-### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Leave
-
-This event sends data indicating the end of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
-
-The following fields are available:
-
-- **EventHistory**  Unique number of event history.
-- **ExternalComponentState**  State of external component.
-- **LastEvent**  Unique number of last event.
-- **SessionID**  Unique value for each attempt.
-- **TargetAsId**  The sequence number for the process.
-- **windowInstanceId**  Unique value for each window instance.
-
-
 ### Microsoft.Windows.Analog.Spectrum.TelemetryHolographicSpaceCreated
 
 This event indicates the state of Windows holographic scene. The data collected with this event is used to keep Windows performing properly.
@@ -2247,6 +2224,22 @@ The following fields are available:
 - **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
 
 
+### Microsoft.Edge.Crashpad.HangEvent
+
+This event sends simple Product and Service Performance data on a hanging/frozen Microsoft Edge browser process to help mitigate future instances of the hang.
+
+The following fields are available:
+
+- **app_name**  The name of the hanging process.
+- **app_session_guid**  Encodes the boot session, process, and process start time.
+- **app_version**  The version of the hanging process.
+- **client_id_hash**  Hash of the browser client id to help identify the installation.
+- **etag**  Identifier to help identify running browser experiments.
+- **hang_source**  Identifies how the hang was detected.
+- **process_type**  The type of the hanging browser process, for example, gpu-process, renderer, etc.
+- **stack_hash**  A hash of the hanging stack. Currently not used or set to zero.
+
+
 ## OneSettings events
 
 ### Microsoft.Windows.OneSettingsClient.Status
@@ -2273,105 +2266,29 @@ The following fields are available:
 
 ## Other events
 
-### Microsoft.Edge.Crashpad.HangEvent
+### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Entered
 
-This event sends simple Product and Service Performance data on a hanging/frozen Microsoft Edge browser process to help mitigate future instances of the hang.
+This event sends data indicating the start of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
-- **app_name**  The name of the hanging process.
-- **app_session_guid**  Encodes the boot session, process, and process start time.
-- **app_version**  The version of the hanging process.
-- **client_id_hash**  Hash of the browser client id to help identify the installation.
-- **etag**  Identifier to help identify running browser experiments.
-- **hang_source**  Identifies how the hang was detected.
-- **process_type**  The type of the hanging browser process, for example, gpu-process, renderer, etc.
-- **stack_hash**  A hash of the hanging stack. Currently not used or set to zero.
+- **SessionID**  Unique value for each attempt.
+- **TargetAsId**  The sequence number for the process.
+- **windowInstanceId**  Unique value for each window instance.
 
 
-### Microsoft.Gaming.Critical.Error
+### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Leave
 
-Common error event used by the Gaming Telemetry Library to provide centralized monitoring for critical errors logged by callers using the library.
+This event sends data indicating the end of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
-- **callStack**  List of active subroutines running during error occurrence.
-- **componentName**  Friendly name meant to represent what feature area this error should be attributed to. Used for aggregations and pivots of data.
-- **customAttributes**  List of custom attributes.
-- **errorCode**  Error code.
-- **extendedData**  JSON blob representing additional, provider-level properties common to the component.
-- **featureName**  Friendly name meant to represent which feature this should be attributed to.
-- **identifier**  Error identifier.
-- **message**  Error message.
-- **properties**  List of properties attributed to the error.
-
-### Microsoft.Gaming.Critical.ProviderRegistered
-
-Indicates that a telemetry provider has been registered with the Gaming Telemetry Library.
-
-The following fields are available:
-
-- **providerNamespace**  The telemetry Namespace for the registered provider.
-
-### Microsoft.Gaming.OOBE.HDDBackup
-
-This event describes whether an External HDD back up has been found.
-
-The following fields are available:
-
-- **backupVersion**  version number of backup.
-- **extendedData**  JSON blob representing additional, provider-level properties common to the component.
-- **hasConsoleSettings**  Indicates whether the console settings stored.
-- **hasUserSettings**  Indicates whether the user settings stored.
-- **hasWirelessProfile**  Indicates whether the wireless profile stored.
-- **hddBackupFound**  Indicates whether hdd backup is found.
-- **osVersion**  Operating system version.
-
-### Microsoft.Gaming.OOBE.OobeComplete
-
-This event is triggered when OOBE activation is complete.
-
-The following fields are available:
-
-- **allowAutoUpdate**  Allows auto update.
-- **allowAutoUpdateApps**  Allows auto update for apps.
-- **appliedTransferToken**  Applied transfer token.
-- **connectionType**  Connection type.
-- **curSessionId**  Current session id.
-- **extendedData**  JSON blob representing additional, provider-level properties common to the component.
-- **instantOn**  Instant on.
-- **moobeAcceptedState**  Moobe accepted state.
-- **phaseOneElapsedTimeMs**  Total elapsed time in milliseconds for phase 1.
-- **phaseOneVersion**  Version of phase 1.
-- **phaseTwoElapsedTimeMs**  Total elapsed time in milliseconds for phase 2.
-- **phaseTwoVersion**  Version of phase 2.
-- **systemUpdateRequired**  Indicates whether a system update required.
-- **totalElapsedTimeMs**  Total elapsed time in milliseconds of all phases.
-- **usedCloudBackup**  Indicates whether cloud backup is used.
-- **usedHDDBackup**  Indicates whether HDD backup is used.
-- **usedOffConsole**  Indicates whether off console is used.
-
-
-### Microsoft.Gaming.OOBE.SessionStarted
-
-This event is sent at the start of OOBE session.
-
-The following fields are available:
-
-- **customAttributes**  customAttributes.
-- **extendedData**  extendedData.
-
-### Microsoft.Surface.Mcu.Prod.CriticalLog
-
-Error information from Surface device firmware.
-
-The following fields are available:
-
-- **CrashLog**  MCU crash log
-- **criticalLogSize** Log size
-- **CUtility::GetTargetNameA(target)**  Product identifier.
-- **productId**  Product identifier
-- **uniqueId**  Correlation ID that can be used with Watson to get more details about the failure.
+- **EventHistory**  Unique number of event history.
+- **ExternalComponentState**  State of external component.
+- **LastEvent**  Unique number of last event.
+- **SessionID**  Unique value for each attempt.
+- **TargetAsId**  The sequence number for the process.
+- **windowInstanceId**  Unique value for each window instance.
 
 
 ### Microsoft.Windows.Defender.Engine.Maps.Heartbeat
@@ -2409,6 +2326,7 @@ The following fields are available:
 - **Action**  Action string indicating place of failure
 - **hr**  Return HRESULT code
 
+
 ### Microsoft.Windows.Security.SBServicing.ApplySecureBootUpdateStarted
 
 Event that indicates secure boot update has started.
@@ -2419,22 +2337,6 @@ The following fields are available:
 - **SecureBootUpdateCaller**  Enum value indicating if this is a servicing or an upgrade.
 
 
-### Microsoft.Windows.UpdateAssistantApp.UpdateAssistantStartState
-
-This event marks the start of an Update Assistant State. The data collected with this event is used to help keep Windows up to date.
-
-The following fields are available:
-
-- **CV**  The correlation vector.
-- **GlobalEventCounter**  The global event counter for all telemetry on the device.
-- **UpdateAssistantStateDownloading**  True at the start Downloading.
-- **UpdateAssistantStateInitializingApplication**  True at the start of the state InitializingApplication.
-- **UpdateAssistantStateInitializingStates**  True at the start of InitializingStates.
-- **UpdateAssistantStateInstalling**  True at the start of Installing.
-- **UpdateAssistantStatePostInstall**  True at the start of PostInstall.
-- **UpdateAssistantVersion**  Current package version of UpdateAssistant.
-
-
 ### MicrosoftWindowsCodeIntegrityTraceLoggingProvider.CodeIntegrityHvciSysprepHvciAlreadyEnabled
 
 This event fires when HVCI is already enabled so no need to continue auto-enablement.
@@ -2670,6 +2572,19 @@ The following fields are available:
 - **Ver**  Schema version.
 
 
+### Microsoft.Surface.Mcu.Prod.CriticalLog
+
+Error information from Surface device firmware.
+
+The following fields are available:
+
+- **CrashLog**  MCU crash log
+- **criticalLogSize** Log size
+- **CUtility::GetTargetNameA(target)**  Product identifier.
+- **productId**  Product identifier
+- **uniqueId**  Correlation ID that can be used with Watson to get more details about the failure.
+
+
 ### Microsoft.Surface.SystemReset.Prod.ResetCauseEventV2
 
 This event sends reason for SAM, PCH and SoC reset. The data collected with this event is used to keep Windows performing properly.
@@ -2710,6 +2625,24 @@ The following fields are available:
 - **UpdateAttempted**  Indicates if installation of the current update has been attempted before.
 
 
+## Update Assistant events
+
+### Microsoft.Windows.UpdateAssistantApp.UpdateAssistantStartState
+
+This event marks the start of an Update Assistant State. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **CV**  The correlation vector.
+- **GlobalEventCounter**  The global event counter for all telemetry on the device.
+- **UpdateAssistantStateDownloading**  True at the start Downloading.
+- **UpdateAssistantStateInitializingApplication**  True at the start of the state InitializingApplication.
+- **UpdateAssistantStateInitializingStates**  True at the start of InitializingStates.
+- **UpdateAssistantStateInstalling**  True at the start of Installing.
+- **UpdateAssistantStatePostInstall**  True at the start of PostInstall.
+- **UpdateAssistantVersion**  Current package version of UpdateAssistant.
+
+
 ## Update events
 
 ### Update360Telemetry.FellBackToDownloadingAllPackageFiles
@@ -3574,7 +3507,7 @@ The following fields are available:
 - **flightMetadata**  Contains the FlightId and the build being flighted.
 - **objectId**  Unique value for each Update Agent mode.
 - **relatedCV**  Correlation vector value generated from the latest USO scan.
-- **result**  Result of the initialize phase of the update. 0 = Succeeded, 1 = Failed, 2 = Cancelled, 3 = Blocked, 4 = BlockCancelled.
+- **result**  Result of the initialize phase of the update. 0 = Succeeded, 1 = Failed, 2 = Canceled, 3 = Blocked, 4 = BlockCancelled.
 - **scenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
 - **sessionData**  Contains instructions to update agent for processing FODs and DUICs (Null for other scenarios).
 - **sessionId**  Unique value for each Update Agent mode attempt.
@@ -3758,6 +3691,3 @@ The following fields are available:
 - **SessionId**  The UpdateAgent “SessionId” value.
 - **UpdateId**  Unique identifier for the Update.
 - **WuId**  Unique identifier for the Windows Update client.
-
-
-
diff --git a/windows/privacy/required-diagnostic-events-fields-windows-11-24H2.md b/windows/privacy/required-diagnostic-events-fields-windows-11-24H2.md
new file mode 100644
index 0000000000..cf3ffdba05
--- /dev/null
+++ b/windows/privacy/required-diagnostic-events-fields-windows-11-24H2.md
@@ -0,0 +1,4266 @@
+---
+description: Learn more about the diagnostic data gathered for Windows 11, version 24H2.
+title: Required diagnostic events and fields for Windows 11, version 24H2
+keywords: privacy, telemetry
+ms.service: windows-client
+ms.subservice: itpro-privacy
+ms.localizationpriority: high
+author: DHB-MSFT
+ms.author: danbrown
+manager: laurawi
+ms.date: 10/01/2024
+ms.topic: reference
+ms.collection: privacy-windows
+---
+
+# Required diagnostic events and fields for Windows 11, version 24H2
+
+**Applies to**
+
+- Windows 11, version 24H2
+
+Required diagnostic data gathers a limited set of information that is critical for understanding the device and its configuration including: basic device information, quality-related information, app compatibility, and Microsoft Store.
+
+Required diagnostic data helps to identify problems that can occur on a particular device hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. This helps Microsoft fix operating system or app problems.
+
+Use this article to learn about diagnostic events, grouped by event area, and the fields within each event. A brief description is provided for each field. Every event generated includes common data, which collects device data.
+
+You can learn more about Windows functional and diagnostic data through these articles:
+
+- [Required diagnostic events and fields for Windows 11, versions 23H2 and 22H2](required-diagnostic-events-fields-windows-11-22H2.md)
+- [Required diagnostic events and fields for Windows 11, version 21H2](required-windows-11-diagnostic-events-and-fields.md)
+- [Required diagnostic events and fields for Windows 10, versions 22H2 and 21H2](required-windows-diagnostic-data-events-and-fields-2004.md)
+- [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
+- [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
+- [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md)
+
+
+## Appraiser events
+
+### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
+
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **DatasourceApplicationFile_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceApplicationFile_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_NI22H2**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceApplicationFile_RS1**  The total number of objects of this type present on this device.
+- **DatasourceApplicationFile_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFileBackup**  The count of the number of this particular object type present on this device.
+- **DatasourceBackupApplicationRestore**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_20H1Setup**  The total number of objects of this type present on this device.
+- **DatasourceDevicePnp_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceDevicePnp_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_NI22H2**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceDevicePnp_RS1**  The total DataSourceDevicePnp objects targeting Windows 10 version 1607 on this device.
+- **DatasourceDevicePnp_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_20H1Setup**  The total number of objects of this type present on this device.
+- **DatasourceDriverPackage_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceDriverPackage_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_NI22H2**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceDriverPackage_RS1**  The total number of objects of this type present on this device.
+- **DatasourceDriverPackage_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoBlock_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_NI22H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoBlock_RS1**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoBlock_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPassive_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_NI22H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPassive_RS1**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPassive_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_NI22H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_RS1**  The total number of objects of this type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_20H1Setup**  The total number of objects of this type present on this device.
+- **DatasourceSystemBios_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceSystemBios_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_NI22H2**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DatasourceSystemBios_RS1**  The total DatasourceSystemBios objects targeting Windows 10 version 1607 present on this device.
+- **DatasourceSystemBios_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionApplicationFile_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionApplicationFile_RS1**  The total number of objects of this type present on this device.
+- **DecisionApplicationFile_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_20H1Setup**  The total number of objects of this type present on this device.
+- **DecisionDevicePnp_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionDevicePnp_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionDevicePnp_RS1**  The total number of objects of this type present on this device.
+- **DecisionDevicePnp_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_20H1Setup**  The total number of objects of this type present on this device.
+- **DecisionDriverPackage_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionDriverPackage_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionDriverPackage_RS1**  The total number of objects of this type present on this device.
+- **DecisionDriverPackage_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoBlock_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoBlock_RS1**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoBlock_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoPassive_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoPassive_RS1**  The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1607 on this device.
+- **DecisionMatchingInfoPassive_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoPostUpgrade_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMatchingInfoPostUpgrade_RS1**  The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device.
+- **DecisionMatchingInfoPostUpgrade_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMediaCenter_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionMediaCenter_RS1**  The total number of objects of this type present on this device.
+- **DecisionMediaCenter_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSModeState_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSModeState_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSModeState_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSModeState_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSModeState_RS1**  The total number of objects of this type present on this device.
+- **DecisionSModeState_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSModeState_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSModeState_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_20H1Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemBios_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemBios_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemBios_RS1**  The total number of objects of this type present on this device.
+- **DecisionSystemBios_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemDiskSize_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemDiskSize_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemDiskSize_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemDiskSize_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemDiskSize_RS1**  The total number of objects of this type present on this device.
+- **DecisionSystemDiskSize_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemDiskSize_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSystemDiskSize_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemMemory_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemMemory_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemMemory_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemMemory_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemMemory_RS1**  The total number of objects of this type present on this device.
+- **DecisionSystemMemory_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemMemory_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSystemMemory_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuCores_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuCores_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuCores_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuCores_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuCores_RS1**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuCores_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuCores_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuCores_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuModel_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuModel_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuModel_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuModel_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuModel_RS1**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorCpuModel_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuModel_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuModel_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionSystemProcessorCpuSpeed_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionSystemProcessorPopCnt**  The count of the number of this particular object type present on this device.
+- **DecisionTest_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionTest_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionTest_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionTest_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionTest_RS1**  The total number of objects of this type present on this device.
+- **DecisionTest_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionTest_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionTest_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionTpmVersion_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionTpmVersion_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionTpmVersion_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionTpmVersion_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionTpmVersion_RS1**  The total number of objects of this type present on this device.
+- **DecisionTpmVersion_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionTpmVersion_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionTpmVersion_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionUefiSecureBoot_CO21H2Setup**  The total number of objects of this type present on this device.
+- **DecisionUefiSecureBoot_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **DecisionUefiSecureBoot_NI22H2**  The count of the number of this particular object type present on this device.
+- **DecisionUefiSecureBoot_NI22H2Setup**  The total number of objects of this type present on this device.
+- **DecisionUefiSecureBoot_RS1**  The total number of objects of this type present on this device.
+- **DecisionUefiSecureBoot_ZN23H2**  The count of the number of this particular object type present on this device.
+- **DecisionUefiSecureBoot_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **DecisionUefiSecureBoot_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **InventoryApplicationFile**  The count of the number of this particular object type present on this device.
+- **InventoryLanguagePack**  The count of the number of this particular object type present on this device.
+- **InventoryMediaCenter**  The count of the number of this particular object type present on this device.
+- **InventorySystemBios**  The count of the number of this particular object type present on this device.
+- **InventoryTest**  The count of the number of this particular object type present on this device.
+- **InventoryUplevelDriverPackage**  The count of the number of this particular object type present on this device.
+- **PCFP**  The count of the number of this particular object type present on this device.
+- **SystemMemory**  The count of the number of this particular object type present on this device.
+- **SystemProcessorCompareExchange**  The count of the number of this particular object type present on this device.
+- **SystemProcessorLahfSahf**  The count of the number of this particular object type present on this device.
+- **SystemProcessorNx**  The total number of objects of this type present on this device.
+- **SystemProcessorPopCnt**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPopCnt_NI22H2**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPopCnt_RS1**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPopCnt_ZN23H2**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPopCnt_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPopCnt_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+- **SystemProcessorPrefetchW**  The total number of objects of this type present on this device.
+- **SystemProcessorSse2**  The total number of objects of this type present on this device.
+- **SystemTouch**  The count of the number of this particular object type present on this device.
+- **SystemWim**  The total number of objects of this type present on this device.
+- **SystemWindowsActivationStatus**  The count of the number of this particular object type present on this device.
+- **SystemWlan**  The total number of objects of this type present on this device.
+- **Wmdrm_CO21H2Setup**  The total number of objects of this type present on this device.
+- **Wmdrm_CU23H2Setup**  The count of the number of this particular object type present on this device.
+- **Wmdrm_NI22H2**  The count of the number of this particular object type present on this device.
+- **Wmdrm_NI22H2Setup**  The total number of objects of this type present on this device.
+- **Wmdrm_RS1**  The total number of objects of this type present on this device.
+- **Wmdrm_ZN23H2**  The count of the number of this particular object type present on this device.
+- **Wmdrm_ZN23H2Exp**  The count of the number of this particular object type present on this device.
+- **Wmdrm_ZN23H2Setup**  The count of the number of this particular object type present on this device.
+
+
+### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
+
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.DatasourceBackupApplicationRestoreAdd
+
+Represents the basic metadata about the interesting backed up applications to be restored on the system. This event describes whether the backed up applications are incompatible with upcoming Windows Feature updates. Microsoft uses this information to understand and address problems with computers receiving updates.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the appraiser file that is generating the events.
+- **BackupLabel**  Indicates compatibility information about the application found on the backup device.
+- **CatalogSource**  The type of application.
+- **CreatePlaceholder**  Represents the decision regarding if the application should be restored.
+- **Name**  Name of the application.
+- **ProgramId**  A hash of the Name, Version, Publisher, and Language of an application used to identify it.
+- **SdbEntryGuid**  Indicates the SDB entry that applies to this file.
+- **SdbRestoreAction**  Indicates compatibility information about the application found on the backup device.
+
+### Microsoft.Windows.Appraiser.General.DatasourceBackupApplicationRestoreStartSync
+
+This event indicates that a new set of DatasourceBackupApplicationRestoreAdd events will be sent.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the appraiser binary generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
+
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
+
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveAdd
+
+This event sends compatibility decision data about non-blocking entries on the system that aren't keyed by either applications or devices, to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+- **BlockingApplication**  Are there any application issues that interfere with upgrade due to matching info blocks?
+- **DisplayGenericMessageGated**  Indicates whether a generic offer block message will be shown due to matching info blocks.
+- **MigApplication**  Is there a matching info block with a mig for the current mode of upgrade?
+
+
+### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
+
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.RestoreContext
+
+This event indicates the result of the restore appraisal.
+
+The following fields are available:
+
+- **AppraiserBranch**  The source branch in which the currently-running version of appraiser was built.
+- **AppraiserVersion**  The version of the appraiser binary generating the events.
+- **Context**  Indicates what mode appraiser is running in, this should be Restore.
+- **PCFP**  An ID for the system, calculated by hashing hardware identifiers.
+- **Result**  HRESULT indicating the result of the restore appraisal.
+- **Time**  The client time of the event.
+
+
+### Microsoft.Windows.Appraiser.General.SystemProcessorPopCntAdd
+
+This event sends data indicating whether the system supports the PopCnt CPU requirement for newer versions of Windows, to help keep Windows up-to-date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  Appraiser version
+- **Blocking**  Is the upgrade blocked due to the processor missing the PopCnt instruction?
+- **PopCntPassed**  Whether the machine passes the latest OS hardware requirements or not for the PopCnt instruction.
+
+
+### Microsoft.Windows.Appraiser.General.SystemProcessorPopCntStartSync
+
+The SystemProcessorPopCntStartSync event indicates that a new set of SystemProcessorPopCntAdd events will be sent. This event is used to understand if the system supports the PopCnt CPU requirement for newer versions of Windows.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  Appraiser version.
+
+
+## Census events
+
+### Census.Xbox
+
+This event sends data about the Xbox Console, such as Serial Number and DeviceId, to help keep Windows up to date.
+
+The following fields are available:
+
+- **XboxConsolePreferredLanguage**  Retrieves the preferred language selected by the user on Xbox console.
+- **XboxConsoleSerialNumber**  Retrieves the serial number of the Xbox console.
+- **XboxLiveDeviceId**  Retrieves the unique device ID of the console.
+- **XboxLiveSandboxId**  Retrieves the developer sandbox ID if the device is internal to Microsoft.
+
+## Code Integrity events
+
+### Microsoft.Windows.Security.CodeIntegrity.Driver.AggregatedBlock
+
+AggregatedBlock is an event with non-PII details on drivers blocked by code integrity. Fires no more than once per 25 days per driver.
+
+The following fields are available:
+
+- **CertificateInfo**  Non-PII details about the digital signature(s) and digital countersignatures on driver binary files which was blocked from loading.
+- **DriverInfo**  Non-PII details about the driver binary file and its digital signature(s) and digital countersignature.
+- **EventVersion**  The version of the schema used in the DriverInfo field.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.AutoEnablementIsBlocked
+
+Indicates if OEM attempted to block autoenablement via regkey.
+
+The following fields are available:
+
+- **BlockHvciAutoenablement**  True if auto-enablement was successfully blocked, false otherwise.
+- **BlockRequested**  Whether an autoenablement block was requested.
+- **Scenario**  Used to differentiate VBS and HVCI paths.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.Compatibility
+
+Fires when the compatibility check completes. Gives the results from the check.
+
+The following fields are available:
+
+- **IsRecommended**  Denotes whether all compatibility checks have passed and, if so, returns true. Otherwise returns false.
+- **Issues**  If compatibility checks failed, provides bit indexed indicators of issues detected. Table located here: [Check results of HVCI default enablement](/windows-hardware/design/device-experiences/oem-hvci-enablement#check-results-of-memory-integrity-default-enablement)
+- **Scenario**  Denotes whether SysPrep is attempting to enable HVCI (0) or VBS (1).
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.Enabled
+
+Fires when auto-enablement is successful and HVCI is being enabled on the device.
+
+The following fields are available:
+
+- **Error**  Error code if there was an issue during enablement
+- **Scenario**  Indicates whether enablement was for VBS vs HVCI
+- **SuccessfullyEnabled**  Indicates whether enablement was successful
+- **Upgrade**  Indicates whether the event was fired during upgrade (rather than clean install)
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HVCIActivity
+
+Fires at the beginning and end of the HVCI auto-enablement process in sysprep.
+
+The following fields are available:
+
+- **wilActivity**  Contains the thread ID used to match the begin and end events, and for the end event also a HResult indicating success or failure.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciAlreadyEnabled
+
+Fires when HVCI is already enabled so no need to continue auto-enablement.
+
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciScanGetResultFailed
+
+Fires when driver scanning fails to get results.
+
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciScanningDriverInSdbError
+
+Fires when there's an error checking the SDB for a particular driver.
+
+The following fields are available:
+
+- **DriverPath**  Path to the driver that was being checked in the SDB when checking encountered an error.
+- **Error**  Error encountered during checking the SDB.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciScanningDriverNonCompliantError
+
+Fires when a driver is discovered that is non-compliant with HVCI.
+
+The following fields are available:
+
+- **DriverPath**  Path to driver.
+- **NonComplianceMask**  Error code indicating driver violation.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.IsRegionDisabledLanguage
+
+Fires when an incompatible language pack is detected.
+
+The following fields are available:
+
+- **Language**  String containing the incompatible language pack detected.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.KcetHvciDisabled
+
+This event indicates that kernel-mode Control-flow Enforcement Technology (CET), which is a CPU-based security feature that protects against return address hijacking attacks from malicious software, was unable to be enabled because HVCI (a dependent security feature) wasn't also enabled.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.State.DefenderSwitchedNWOff
+
+This event tracks when Defender turns off Smart App Control via the Cloud.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.State.DefenderSwitchedNWOffIgnored
+
+This event indicates that a request to switch Smart App Control off by Defender from the cloud was ignored as the device was still within the grace period after OOBE.
+
+The following fields are available:
+
+- **Count**  Count of events in the aggregation window.
+- **CurrentTimeMax**  Time of latest event.
+- **CurrentTimeMin**  Time of first event.
+- **NightsWatchDesktopIgnoreAutoOptOut**  Value of NightsWatchDesktopIgnoreAutoOptOut in registry.
+- **OOBECompleteTime**  Value of OOBECompleteTime in registry.
+- **OOBESafetyTime**  Start of timer set by Smart App Control if OOBECompleteTime wasn't set.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.State.SwitchedNWOff
+
+This event tracks when Smart App Control is turned off.
+
+
+### Microsoft.Windows.Security.CodeIntegrity.State.SwitchedNWToEnforcementMode
+
+This event tracks when Smart App Control is changed from evaluation to enforcement mode.
+
+
+
+## Common data extensions
+
+### Common Data Extensions.app
+
+Describes the properties of the running application. This extension could be populated by a client app or a web app.
+
+The following fields are available:
+
+- **asId**  An integer value that represents the app session. This value starts at 0 on the first app launch and increments after each subsequent app launch per boot session.
+- **env**  The environment from which the event was logged.
+- **expId**  Associates a flight, such as an OS flight, or an experiment, such as a web site UX experiment, with an event.
+- **id**  Represents a unique identifier of the client application currently loaded in the process producing the event; and is used to group events together and understand usage pattern, errors by application.
+- **locale**  The locale of the app.
+- **name**  The name of the app.
+- **userId**  The userID as known by the application.
+- **ver**  Represents the version number of the application. Used to understand errors by Version, Usage by Version across an app.
+
+
+### Common Data Extensions.container
+
+Describes the properties of the container for events logged within a container.
+
+The following fields are available:
+
+- **epoch**  An ID that's incremented for each SDK initialization.
+- **localId**  The device ID as known by the client.
+- **osVer**  The operating system version.
+- **seq**  An ID that's incremented for each event.
+- **type**  The container type. Examples: Process or VMHost
+
+
+### Common Data Extensions.device
+
+Describes the device-related fields.
+
+The following fields are available:
+
+- **deviceClass**  The device classification. For example, Desktop, Server, or Mobile.
+- **localId**  A locally-defined unique ID for the device. This isn't the human-readable device name. Most likely equal to the value stored at HKLM\Software\Microsoft\SQMClient\MachineId
+- **make**  Device manufacturer.
+- **model**  Device model.
+
+
+### Common Data Extensions.Envelope
+
+Represents an envelope that contains all of the common data extensions.
+
+The following fields are available:
+
+- **data**  Represents the optional unique diagnostic data for a particular event schema.
+- **ext_app**  Describes the properties of the running application. This extension could be populated by either a client app or a web app. See [Common Data Extensions.app](#common-data-extensionsapp).
+- **ext_container**  Describes the properties of the container for events logged within a container. See [Common Data Extensions.container](#common-data-extensionscontainer).
+- **ext_device**  Describes the device-related fields. See [Common Data Extensions.device](#common-data-extensionsdevice).
+- **ext_mscv**  Describes the correlation vector-related fields. See [Common Data Extensions.mscv](#common-data-extensionsmscv).
+- **ext_os**  Describes the operating system properties that would be populated by the client. See [Common Data Extensions.os](#common-data-extensionsos).
+- **ext_sdk**  Describes the fields related to a platform library required for a specific SDK. See [Common Data Extensions.sdk](#common-data-extensionssdk).
+- **ext_user**  Describes the fields related to a user. See [Common Data Extensions.user](#common-data-extensionsuser).
+- **ext_utc**  Describes the fields that might be populated by a logging library on Windows. See [Common Data Extensions.utc](#common-data-extensionsutc).
+- **ext_xbl**  Describes the fields related to XBOX Live. See [Common Data Extensions.xbl](#common-data-extensionsxbl).
+- **iKey**  Represents an ID for applications or other logical groupings of events.
+- **name**  Represents the uniquely qualified name for the event.
+- **time**  Represents the event date time in Coordinated Universal Time (UTC) when the event was generated on the client. This should be in ISO 8601 format.
+- **ver**  Represents the major and minor version of the extension.
+
+
+### Common Data Extensions.mscv
+
+Describes the correlation vector-related fields.
+
+The following fields are available:
+
+- **cV**  Represents the Correlation Vector: A single field for tracking partial order of related events across component boundaries.
+
+
+### Common Data Extensions.os
+
+Describes some properties of the operating system.
+
+The following fields are available:
+
+- **bootId**  An integer value that represents the boot session. This value starts at 0 on first boot after OS install and increments after every reboot.
+- **expId**  Represents the experiment ID. The standard for associating a flight, such as an OS flight (pre-release build), or an experiment, such as a web site UX experiment, with an event is to record the flight / experiment IDs in Part A of the common schema.
+- **locale**  Represents the locale of the operating system.
+- **name**  Represents the operating system name.
+- **ver**  Represents the major and minor version of the extension.
+
+
+### Common Data Extensions.sdk
+
+Used by platform specific libraries to record fields that are required for a specific SDK.
+
+The following fields are available:
+
+- **epoch**  An ID that is incremented for each SDK initialization.
+- **installId**  An ID that's created during the initialization of the SDK for the first time.
+- **libVer**  The SDK version.
+- **seq**  An ID that is incremented for each event.
+- **ver**  The version of the logging SDK.
+
+
+### Common Data Extensions.user
+
+Describes the fields related to a user.
+
+The following fields are available:
+
+- **authId**  This is an ID of the user associated with this event that is deduced from a token such as a Microsoft Account ticket or an XBOX token.
+- **locale**  The language and region.
+- **localId**  Represents a unique user identity that is created locally and added by the client. This isn't the user's account ID.
+
+
+### Common Data Extensions.utc
+
+Describes the properties that could be populated by a logging library on Windows.
+
+The following fields are available:
+
+- **aId**  Represents the ETW ActivityId. Logged via TraceLogging or directly via ETW.
+- **bSeq**  Upload buffer sequence number in the format: buffer identifier:sequence number
+- **cat**  Represents a bitmask of the ETW Keywords associated with the event.
+- **cpId**  The composer ID, such as Reference, Desktop, Phone, Holographic, Hub, IoT Composer.
+- **epoch**  Represents the epoch and seqNum fields, which help track how many events were fired and how many events were uploaded, and enables identification of data lost during upload and de-duplication of events on the ingress server.
+- **eventFlags**  Represents a collection of bits that describe how the event should be processed by the Connected User Experience and Telemetry component pipeline. The lowest-order byte is the event persistence. The next byte is the event latency.
+- **flags**  Represents the bitmap that captures various Windows specific flags.
+- **loggingBinary**  The binary (executable, library, driver, etc.) that fired the event.
+- **mon**  Combined monitor and event sequence numbers in the format: monitor sequence : event sequence
+- **op**  Represents the ETW Op Code.
+- **pgName**  The short form of the provider group name associated with the event.
+- **popSample**  Represents the effective sample rate for this event at the time it was generated by a client.
+- **providerGuid**  The ETW provider ID associated with the provider name.
+- **raId**  Represents the ETW Related ActivityId. Logged via TraceLogging or directly via ETW.
+- **seq**  Represents the sequence field used to track absolute order of uploaded events. It's an incrementing identifier for each event added to the upload queue.  The Sequence helps track how many events were fired and how many events were uploaded and enables identification of data lost during upload and de-duplication of events on the ingress server.
+- **sqmId**  The Windows SQM (Software Quality Metrics—a precursor of Windows 10 Diagnostic Data collection) device identifier.
+- **stId**  Represents the Scenario Entry Point ID. This is a unique GUID for each event in a diagnostic scenario. This used to be Scenario Trigger ID.
+- **wcmp**  The Windows Shell Composer ID.
+- **wPId**  The Windows Core OS product ID.
+- **wsId**  The Windows Core OS session ID.
+
+
+### Common Data Extensions.xbl
+
+Describes the fields that are related to XBOX Live.
+
+The following fields are available:
+
+- **claims**  Any additional claims whose short claim name hasn't been added to this structure.
+- **did**  XBOX device ID
+- **dty**  XBOX device type
+- **dvr**  The version of the operating system on the device.
+- **eid**  A unique ID that represents the developer entity.
+- **exp**  Expiration time
+- **ip**  The IP address of the client device.
+- **nbf**  Not before time
+- **pid**  A comma separated list of PUIDs listed as base10 numbers.
+- **sbx**  XBOX sandbox identifier
+- **sid**  The service instance ID.
+- **sty**  The service type.
+- **tid**  The XBOX Live title ID.
+- **tvr**  The XBOX Live title version.
+- **uts**  A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
+- **xid**  A list of base10-encoded XBOX User IDs.
+
+
+## Common data fields
+
+### Ms.Device.DeviceInventoryChange
+
+Describes the installation state for all hardware and software components available on a particular device.
+
+The following fields are available:
+
+- **action**  The change that was invoked on a device inventory object.
+- **inventoryId**  Device ID used for Compatibility testing
+- **objectInstanceId**  Object identity which is unique within the device scope.
+- **objectType**  Indicates the object type that the event applies to.
+- **syncId**  A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
+- 
+
+## Component-based servicing events
+
+### CbsServicingProvider.CbsCapabilityEnumeration
+
+This event reports on the results of scanning for optional Windows content on Windows Update to keep Windows up to date.
+
+The following fields are available:
+
+- **architecture**  Indicates the scan was limited to the specified architecture.
+- **capabilityCount**  The number of optional content packages found during the scan.
+- **clientId**  The name of the application requesting the optional content.
+- **duration**  The amount of time it took to complete the scan.
+- **hrStatus**  The HReturn code of the scan.
+- **language**  Indicates the scan was limited to the specified language.
+- **majorVersion**  Indicates the scan was limited to the specified major version.
+- **minorVersion**  Indicates the scan was limited to the specified minor version.
+- **namespace**  Indicates the scan was limited to packages in the specified namespace.
+- **sourceFilter**  A bitmask indicating the scan checked for locally available optional content.
+- **stackBuild**  The build number of the servicing stack.
+- **stackMajorVersion**  The major version number of the servicing stack.
+- **stackMinorVersion**  The minor version number of the servicing stack.
+- **stackRevision**  The revision number of the servicing stack.
+
+
+### CbsServicingProvider.CbsCapabilitySessionFinalize
+
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **capabilities**  The names of the optional content packages that were installed.
+- **clientId**  The name of the application requesting the optional content.
+- **currentID**  The ID of the current install session.
+- **downloadSource**  The source of the download.
+- **highestState**  The highest final install state of the optional content.
+- **hrLCUReservicingStatus**  Indicates whether the optional content was updated to the latest available version.
+- **hrStatus**  The HReturn code of the install operation.
+- **rebootCount**  The number of reboots required to complete the install.
+- **retryID**  The session ID that will be used to retry a failed operation.
+- **retryStatus**  Indicates whether the install will be retried in the event of failure.
+- **stackBuild**  The build number of the servicing stack.
+- **stackMajorVersion**  The major version number of the servicing stack.
+- **stackMinorVersion**  The minor version number of the servicing stack.
+- **stackRevision**  The revision number of the servicing stack.
+
+
+### CbsServicingProvider.CbsCapabilitySessionPended
+
+This event provides information about the results of installing optional Windows content that requires a reboot to keep Windows up to date.
+
+The following fields are available:
+
+- **clientId**  The name of the application requesting the optional content.
+- **pendingDecision**  Indicates the cause of reboot, if applicable.
+
+
+### CbsServicingProvider.CbsFodInventory
+
+This event reports on the state of the current optional Windows content obtained from Windows Update.
+
+The following fields are available:
+
+- **capabilities**  A bitmask with each position indicating if each type of optional Windows content is currently enabled.
+- **initiatedOffline**  A true or false value indicating if the inventory describes an offline WIM file.
+- **stackBuild**  The build number of the servicing stack.
+- **stackMajorVersion**  The major version number of the servicing stack.
+- **stackMinorVersion**  The minor version number of the servicing stack.
+- **stackRevision**  The revision number of the servicing stack.
+
+### CbsServicingProvider.CbsLateAcquisition
+
+This event sends data to indicate if some Operating System packages couldn't be updated as part of an upgrade, to help keep Windows up to date.
+
+The following fields are available:
+
+- **Features**  The list of feature packages that couldn't be updated.
+- **RetryID**  The ID identifying the retry attempt to update the listed packages.
+
+
+### CbsServicingProvider.CbsPackageRemoval
+
+This event provides information about the results of uninstalling a Windows Cumulative Security Update to help keep Windows up to date.
+
+The following fields are available:
+
+- **buildVersion**  The build number of the security update being uninstalled.
+- **clientId**  The name of the application requesting the uninstall.
+- **currentStateEnd**  The final state of the update after the operation.
+- **failureDetails**  Information about the cause of a failure, if applicable.
+- **failureSourceEnd**  The stage during the uninstall where the failure occurred.
+- **hrStatusEnd**  The overall exit code of the operation.
+- **initiatedOffline**  Indicates if the uninstall was initiated for a mounted Windows image.
+- **majorVersion**  The major version number of the security update being uninstalled.
+- **minorVersion**  The minor version number of the security update being uninstalled.
+- **originalState**  The starting state of the update before the operation.
+- **pendingDecision**  Indicates the cause of reboot, if applicable.
+- **primitiveExecutionContext**  The state during system startup when the uninstall was completed.
+- **revisionVersion**  The revision number of the security update being uninstalled.
+- **transactionCanceled**  Indicates whether the uninstall was canceled.
+
+
+### CbsServicingProvider.CbsPostponedReserveInstallDecision
+
+This event reports on the scheduling of installs for Windows cumulative security updates.
+
+The following fields are available:
+
+- **hardReserveSize**  The size of the disk space reserve used to update Windows OS content.
+- **hardReserveUsedSpace**  The disk space currently in use in the reserve used to update Windows OS content.
+- **postponed**  A boolean indicating if updating processing has been delayed to shutdown due to low disk space.
+- **userFreeSpace**  The amount of free disk space available on the OS volume.
+- **usingReserves**  A boolean indicating whether disk space reserves are being used to install the update.
+
+
+### CbsServicingProvider.CbsQualityUpdateInstall
+
+This event reports on the performance and reliability results of installing Servicing content from Windows Update to keep Windows up to date.
+
+The following fields are available:
+
+- **buildVersion**  The build version number of the update package.
+- **clientId**  The name of the application requesting the optional content.
+- **corruptionHistoryFlags**  A bitmask of the types of component store corruption that have caused update failures on the device.
+- **corruptionType**  An enumeration listing the type of data corruption responsible for the current update failure.
+- **currentStateEnd**  The final state of the package after the operation has completed.
+- **doqTimeSeconds**  The time in seconds spent updating drivers.
+- **executeTimeSeconds**  The number of seconds required to execute the install.
+- **failureDetails**  The driver or installer that caused the update to fail.
+- **failureSourceEnd**  An enumeration indicating at what phase of the update a failure occurred.
+- **hrStatusEnd**  The return code of the install operation.
+- **initiatedOffline**  A true or false value indicating whether the package was installed into an offline Windows Imaging Format (WIM) file.
+- **majorVersion**  The major version number of the update package.
+- **minorVersion**  The minor version number of the update package.
+- **originalState**  The starting state of the package.
+- **overallTimeSeconds**  The time (in seconds) to perform the overall servicing operation.
+- **planTimeSeconds**  The time in seconds required to plan the update operations.
+- **poqTimeSeconds**  The time in seconds processing file and registry operations.
+- **postRebootTimeSeconds**  The time (in seconds) to do startup processing for the update.
+- **preRebootTimeSeconds**  The time (in seconds) between execution of the installation and the reboot.
+- **primitiveExecutionContext**  An enumeration indicating at what phase of shutdown or startup the update was installed.
+- **rebootCount**  The number of reboots required to install the update.
+- **rebootTimeSeconds**  The time (in seconds) before startup processing begins for the update.
+- **resolveTimeSeconds**  The time in seconds required to resolve the packages that are part of the update.
+- **revisionVersion**  The revision version number of the update package.
+- **rptTimeSeconds**  The time in seconds spent executing installer plugins.
+- **shutdownTimeSeconds**  The time (in seconds) required to do shutdown processing for the update.
+- **stackRevision**  The revision number of the servicing stack.
+- **stageTimeSeconds**  The time (in seconds) required to stage all files that are part of the update.
+
+
+### CbsServicingProvider.CbsSelectableUpdateChangeV2
+
+This event reports the results of enabling or disabling optional Windows Content to keep Windows up to date.
+
+The following fields are available:
+
+- **applicableUpdateState**  Indicates the highest applicable state of the optional content.
+- **buildVersion**  The build version of the package being installed.
+- **clientId**  The name of the application requesting the optional content change.
+- **downloadSource**  Indicates if optional content was obtained from Windows Update or a locally accessible file.
+- **downloadtimeInSeconds**  Indicates if optional content was obtained from Windows Update or a locally accessible file.
+- **executionID**  A unique ID used to identify events associated with a single servicing operation and not reused for future operations.
+- **executionSequence**  A counter that tracks the number of servicing operations attempted on the device.
+- **firstMergedExecutionSequence**  The value of a pervious executionSequence counter that is being merged with the current operation, if applicable.
+- **firstMergedID**  A unique ID of a pervious servicing operation that is being merged with this operation, if applicable.
+- **hrDownloadResult**  The return code of the download operation.
+- **hrStatusUpdate**  The return code of the servicing operation.
+- **identityHash**  A pseudonymized (hashed) identifier for the Windows Package that is being installed or uninstalled.
+- **initiatedOffline**  Indicates whether the operation was performed against an offline Windows image file or a running instance of Windows.
+- **majorVersion**  The major version of the package being installed.
+- **minorVersion**  The minor version of the package being installed.
+- **packageArchitecture**  The architecture of the package being installed.
+- **packageLanguage**  The language of the package being installed.
+- **packageName**  The name of the package being installed.
+- **rebootRequired**  Indicates whether a reboot is required to complete the operation.
+- **revisionVersion**  The revision number of the package being installed.
+- **stackBuild**  The build number of the servicing stack binary performing the installation.
+- **stackMajorVersion**  The major version number of the servicing stack binary performing the installation.
+- **stackMinorVersion**  The minor version number of the servicing stack binary performing the installation.
+- **stackRevision**  The revision number of the servicing stack binary performing the installation.
+- **updateName**  The name of the optional Windows Operation System feature being enabled or disabled.
+- **updateStartState**  A value indicating the state of the optional content before the operation started.
+- **updateTargetState**  A value indicating the desired state of the optional content.
+
+
+### CbsServicingProvider.CbsUpdateDeferred
+
+This event reports the results of deferring Windows Content to keep Windows up to date.
+
+
+
+## Deployment events
+
+### Microsoft.Windows.Deployment.Imaging.AppExit
+
+This event is sent on imaging application exit. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **hr**  HResult returned from app exit.
+- **totalTimeInMs**  Total time taken in Ms.
+
+
+### Microsoft.Windows.Deployment.Imaging.AppInvoked
+
+This event is sent when the app for image creation is invoked. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **branch**  Corresponding branch for the image.
+- **isInDbg**  Whether the app is in debug mode or not.
+- **isWSK**  Whether the app is building images using WSK or not.
+
+
+## DISM events
+
+### Microsoft.Windows.StartRepairCore.DISMPendingInstall
+
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **dismPendingInstallPackageName**  The name of the pending package.
+
+
+### Microsoft.Windows.StartRepairCore.DISMRevertPendingActions
+
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRepairActionEnd
+
+The SRT Repair Action End event sends information to report repair operation ended for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+- **failedUninstallCount**  The number of driver updates that failed to uninstall.
+- **failedUninstallFlightIds**  The Flight IDs (identifiers of beta releases) of driver updates that failed to uninstall.
+- **foundDriverUpdateCount**  The number of found driver updates.
+- **srtRepairAction**  The scenario name for a repair.
+- **successfulUninstallCount**  The number of successfully uninstalled driver updates.
+- **successfulUninstallFlightIds**  The Flight IDs (identifiers of beta releases) of successfully uninstalled driver updates.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRepairActionStart
+
+The SRT Repair Action Start event sends information to report repair operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **srtRepairAction**  The scenario name for a repair.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagEnd
+
+The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+- **flightIds**  The Flight IDs (identifier of the beta release) of found driver updates.
+- **foundDriverUpdateCount**  The number of found driver updates.
+- **srtRootCauseDiag**  The scenario name for a diagnosis event.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagStart
+
+The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **srtRootCauseDiag**  The scenario name for a diagnosis event.
+
+
+## DxgKernelTelemetry events
+
+### DxgKrnlTelemetry.GPUAdapterInventoryV2
+
+This event sends basic GPU and display driver information to keep Windows and display drivers up-to-date.
+
+The following fields are available:
+
+- **AdapterTypeValue**  The numeric value indicating the type of Graphics adapter.
+- **aiSeqId**  The event sequence ID.
+- **bootId**  The system boot ID.
+- **BrightnessVersionViaDDI**  The version of the Display Brightness Interface.
+- **ComputePreemptionLevel**  The maximum preemption level supported by GPU for compute payload.
+- **DDIInterfaceVersion**  The device driver interface version.
+- **DedicatedSystemMemoryB**  The amount of system memory dedicated for GPU use (in bytes).
+- **DedicatedVideoMemoryB**  The amount of dedicated VRAM of the GPU (in bytes).
+- **Display1UMDFilePath**  The file path to the location of the Display User Mode Driver in the Driver Store.
+- **DisplayAdapterLuid**  The display adapter LUID.
+- **DriverDate**  The date of the display driver.
+- **DriverRank**  The rank of the display driver.
+- **DriverVersion**  The display driver version.
+- **DriverWorkarounds**  Numeric value indicating the driver workarounds that are enabled for this device.
+- **DX10UMDFilePath**  The file path to the location of the DirectX 10 Display User Mode Driver in the Driver Store.
+- **DX11UMDFilePath**  The file path to the location of the DirectX 11 Display User Mode Driver in the Driver Store.
+- **DX12UMDFilePath**  The file path to the location of the DirectX 12 Display User Mode Driver in the Driver Store.
+- **DX9UMDFilePath**  The file path to the location of the DirectX 9 Display User Mode Driver in the Driver Store.
+- **DxDbCurrentVersion**  Version of the DirectX Database on the device.
+- **DxDbVersionCheckStatus**  Numeric value indicating the result of the last check on the DirectX Database version for the device.
+- **GPUDeviceID**  The GPU device ID.
+- **GPUPreemptionLevel**  The maximum preemption level supported by GPU for graphics payload.
+- **GPURevisionID**  The GPU revision ID.
+- **GPUVendorID**  The GPU vendor ID.
+- **HwFlipQueueSupportState**  Numeric value indicating the adapter's support for hardware flip queues.
+- **HwSchSupportState**  Numeric value indicating the adapter's support for hardware scheduling.
+- **IddPairedRenderAdapterLuid**  Identifier for the render adapter paired with this display adapter.
+- **InterfaceFuncPointersProvided1**  Number of device driver interface function pointers provided.
+- **InterfaceFuncPointersProvided2**  Number of device driver interface function pointers provided.
+- **InterfaceFuncPointersProvided3**  Number of device driver interface function pointers provided.
+- **InterfaceId**  The GPU interface ID.
+- **IsCrossAdapterScanOutSupported**  Boolean value indicating whether the adapter supports cross-adapter scanout optimization.
+- **IsDisplayDevice**  Does the GPU have displaying capabilities?
+- **IsHwFlipQueueEnabled**  Boolean value indicating whether hardware flip queues are enabled.
+- **IsHwSchEnabled**  Boolean value indicating whether hardware scheduling is enabled.
+- **IsHybridDiscrete**  Does the GPU have discrete GPU capabilities in a hybrid device?
+- **IsHybridIntegrated**  Does the GPU have integrated GPU capabilities in a hybrid device?
+- **IsLDA**  Is the GPU comprised of Linked Display Adapters?
+- **IsMiracastSupported**  Does the GPU support Miracast?
+- **IsMismatchLDA**  Is at least one device in the Linked Display Adapters chain from a different vendor?
+- **IsMPOSupported**  Does the GPU support Multi-Plane Overlays?
+- **IsMsMiracastSupported**  Are the GPU Miracast capabilities driven by a Microsoft solution?
+- **IsPostAdapter**  Is this GPU the POST GPU in the device?
+- **IsRemovable**  TRUE if the adapter supports being disabled or removed.
+- **IsRenderDevice**  Does the GPU have rendering capabilities?
+- **IsSoftwareDevice**  Is this a software implementation of the GPU?
+- **IsVirtualRefreshRateSupported**  Boolean value indicating whether the adapter supports virtual refresh rates.
+- **KMDFilePath**  The file path to the location of the Display Kernel Mode Driver in the Driver Store.
+- **MdmSupportStatus**  Numeric value indicating support for Microsoft Display Mux.
+- **MeasureEnabled**  Is the device listening to MICROSOFT_KEYWORD_MEASURES?
+- **NodeTypes** Types of execution nodes comprising the graphics adapter.
+- **NumExecutionNodes**  Number of execution nodes comprising the graphics adapter.
+- **NumNonVidPnTargets**  Number of display targets.
+- **NumPhysicalAdapters** Number of physical graphics adapters.
+- **NumVidPnSources**  The number of supported display output sources.
+- **NumVidPnTargets**  The number of supported display output targets.
+- **SharedSystemMemoryB**  The amount of system memory shared by GPU and CPU (in bytes).
+- **SubSystemID**  The subsystem ID.
+- **SubVendorID**  The GPU sub vendor ID.
+- **TelemetryEnabled**  Is the device listening to MICROSOFT_KEYWORD_TELEMETRY?
+- **TelInvEvntTrigger**  What triggered this event to be logged?  Example: 0 (GPU enumeration) or 1 (DxgKrnlTelemetry provider toggling)
+- **version**  The event version.
+- **WDDMVersion**  The Windows Display Driver Model version.
+
+
+### DxgKrnlTelemetry.GPUStartAdapter
+
+This event records information about an attempt to start a graphics adapter.
+
+The following fields are available:
+
+- **DDIInterfaceVersion**  Version of the display driver interface (DDI).
+- **DriverDate**  Date of the display driver.
+- **DriverRank**  Rank for the display driver.
+- **DriverVersion**  Version of the display driver.
+- **FailureReason**  Numeric value indicating the stage in which the startup attempt failed.
+- **GPUDeviceID**  Device identifier for the graphics adapter.
+- **GPURevisionID**  Revision identifier for the graphics adapter.
+- **GPUVendorID**  Vendor identifier for the graphics adapter.
+- **IsSoftwareDevice**  Boolean value indicating whether the graphics adapter is implemented in software only.
+- **StartAdapterFailedSequenceId**  Numeric value indicating the graphics adapter startup attempt count.
+- **Status**  Numeric value indicating the status of the graphics adapter startup attempt.
+- **SubSystemID**  Subsystem identifier for the graphics adapter.
+- **SubVendorID**  Subsystem vendor identifier for the graphics identifier.
+- **version**  Version of the schema for the event.
+
+
+## Failover Clustering events
+
+### Microsoft.Windows.Server.FailoverClusteringCritical.ClusterSummary2
+
+This event returns information about how many resources and of what type are in the server cluster. This data is collected to keep Windows Server safe, secure, and up to date. The data includes information about whether hardware is configured correctly, if the software is patched correctly, and assists in preventing crashes by attributing issues (like fatal errors) to workloads and system configurations.
+
+The following fields are available:
+
+- **autoAssignSite**  The cluster parameter: auto site.
+- **autoBalancerLevel**  The cluster parameter: auto balancer level.
+- **autoBalancerMode**  The cluster parameter: auto balancer mode.
+- **blockCacheSize**  The configured size of the block cache.
+- **ClusterAdConfiguration**  The ad configuration of the cluster.
+- **clusterAdType**  The cluster parameter: mgmt_point_type.
+- **clusterDumpPolicy**  The cluster configured dump policy.
+- **clusterFunctionalLevel**  The current cluster functional level.
+- **clusterGuid**  The unique identifier for the cluster.
+- **clusterWitnessType**  The witness type the cluster is configured for.
+- **countNodesInSite**  The number of nodes in the cluster.
+- **crossSiteDelay**  The cluster parameter: CrossSiteDelay.
+- **crossSiteThreshold**  The cluster parameter: CrossSiteThreshold.
+- **crossSubnetDelay**  The cluster parameter: CrossSubnetDelay.
+- **crossSubnetThreshold**  The cluster parameter: CrossSubnetThreshold.
+- **csvCompatibleFilters**  The cluster parameter: ClusterCsvCompatibleFilters.
+- **csvIncompatibleFilters**  The cluster parameter: ClusterCsvIncompatibleFilters.
+- **csvResourceCount**  The number of resources in the cluster.
+- **currentNodeSite**  The name configured for the current site for the cluster.
+- **dasModeBusType**  The direct storage bus type of the storage spaces.
+- **downLevelNodeCount**  The number of nodes in the cluster that are running down-level.
+- **drainOnShutdown**  Specifies whether a node should be drained when it's shut down.
+- **dynamicQuorumEnabled**  Specifies whether dynamic Quorum has been enabled.
+- **enforcedAntiAffinity**  The cluster parameter: enforced anti affinity.
+- **genAppNames**  The Win32 service name of a clustered service.
+- **genSvcNames**  The command line of a clustered genapp.
+- **hangRecoveryAction**  The cluster parameter: hang recovery action.
+- **hangTimeOut**  Specifies the “hang time out” parameter for the cluster.
+- **isCalabria**  Specifies whether storage spaces direct is enabled.
+- **isMixedMode**  Identifies if the cluster is running with different version of OS for nodes.
+- **isRunningDownLevel**  Identifies if the current node is running down-level.
+- **logLevel**  Specifies the granularity that is logged in the cluster log.
+- **logSize**  Specifies the size of the cluster log.
+- **lowerQuorumPriorityNodeId**  The cluster parameter: lower quorum priority node ID.
+- **minNeverPreempt**  The cluster parameter: minimum never preempt.
+- **minPreemptor**  The cluster parameter: minimum preemptor priority.
+- **netftIpsecEnabled**  The parameter: netftIpsecEnabled.
+- **NodeCount**  The number of nodes in the cluster.
+- **nodeId**  The current node number in the cluster.
+- **nodeResourceCounts**  Specifies the number of node resources.
+- **nodeResourceOnlineCounts**  Specifies the number of node resources that are online.
+- **numberOfSites**  The number of different sites.
+- **numNodesInNoSite**  The number of nodes not belonging to a site.
+- **plumbAllCrossSubnetRoutes**  The cluster parameter: plumb all cross subnet routes.
+- **preferredSite**  The preferred site location.
+- **privateCloudWitness**  Specifies whether a private cloud witness exists for this cluster.
+- **quarantineDuration**  The quarantine duration.
+- **quarantineThreshold**  The quarantine threshold.
+- **quorumArbitrationTimeout**  In the event of an arbitration event, this specifies the quorum timeout period.
+- **rdmaConnectionsForStorage**  This specifies the rdma connections for storage.
+- **resiliencyLevel**  Specifies the level of resiliency.
+- **resourceCounts**  Specifies the number of resources.
+- **resourceTypeCounts**  Specifies the number of resource types in the cluster.
+- **resourceTypes**  Data representative of each resource type.
+- **resourceTypesPath**  Data representative of the DLL path for each resource type.
+- **sameSubnetDelay**  The cluster parameter: same subnet delay.
+- **sameSubnetThreshold**  The cluster parameter: same subnet threshold.
+- **secondsInMixedMode**  The amount of time (in seconds) that the cluster has been in mixed mode (nodes with different operating system versions in the same cluster).
+- **securityLevel**  The cluster parameter: security level.
+- **securityLevelForStorage**  The cluster parameter: security level for storage.
+- **sharedVolumeBlockCacheSize**  Specifies the block cache size for shared for shared volumes.
+- **shutdownTimeoutMinutes**  Specifies the amount of time it takes to time out when shutting down.
+- **upNodeCount**  Specifies the number of nodes that are up (online).
+- **useClientAccessNetworksForCsv**  The cluster parameter: use client access networks for CSV.
+- **useRdmaForStorage**  The cluster parameter to use rdma for storage.
+- **vmIsolationTime**  The cluster parameter: VM isolation time.
+- **witnessDatabaseWriteTimeout**  Specifies the timeout period for writing to the quorum witness database.
+
+
+## Fault Reporting events
+
+### Microsoft.Windows.FaultReporting.AppCrashEvent
+
+This event sends data about crashes for both native and managed applications, to help keep Windows up to date. The data includes information about the crashing process and a summary of its exception record. It doesn't contain any Watson bucketing information. The bucketing information is recorded in a Windows Error Reporting (WER) event that is generated when the WER client reports the crash to the Watson service, and the WER event will contain the same ReportID (see field 14 of crash event, field 19 of WER event) as the crash event for the crash being reported. AppCrash is emitted once for each crash handled by WER (for example, from an unhandled exception or FailFast or ReportException). Note that Generic Watson event types (for example, from PLM) that may be considered crashes\" by a user DO NOT emit this event.
+
+The following fields are available:
+
+- **AppName**  The name of the app that has crashed.
+- **AppSessionGuid**  GUID made up of process ID and is used as a correlation vector for process instances in the telemetry backend.
+- **AppTimeStamp**  The date/time stamp of the app.
+- **AppVersion**  The version of the app that has crashed.
+- **ExceptionCode**  The exception code returned by the process that has crashed.
+- **ExceptionOffset**  The address where the exception had occurred.
+- **Flags**  Flags indicating how reporting is done. For example, queue the report, don't offer JIT debugging, or don't terminate the process after reporting.
+- **FriendlyAppName**  The description of the app that has crashed, if different from the AppName. Otherwise, the process name.
+- **IsFatal**  True/False to indicate whether the crash resulted in process termination.
+- **ModName**  Exception module name (for example, bar.dll).
+- **ModTimeStamp**  The date/time stamp of the module.
+- **ModVersion**  The version of the module that has crashed.
+- **PackageFullName**  Store application identity.
+- **PackageRelativeAppId**  Store application identity.
+- **ProcessArchitecture**  Architecture of the crashing process, as one of the PROCESSOR_ARCHITECTURE_* constants: 0: PROCESSOR_ARCHITECTURE_INTEL. 5: PROCESSOR_ARCHITECTURE_ARM. 9: PROCESSOR_ARCHITECTURE_AMD64. 12: PROCESSOR_ARCHITECTURE_ARM64.
+- **ProcessCreateTime**  The time of creation of the process that has crashed.
+- **ProcessId**  The ID of the process that has crashed.
+- **ReportId**  A GUID used to identify the report. This can used to track the report across Watson.
+- **TargetAppId**  The kernel reported AppId of the application being reported.
+- **TargetAppVer**  The specific version of the application being reported
+- **TargetAsId**  The sequence number for the hanging process.
+
+
+## Feature quality events
+
+### Microsoft.Windows.FeatureQuality.Heartbeat
+
+This event indicates the feature status heartbeat. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **Features**  Array of features.
+
+
+### Microsoft.Windows.FeatureQuality.StateChange
+
+This event indicates the change of feature state. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **flightId**  Flight ID.
+- **state**  New state.
+
+
+### Microsoft.Windows.FeatureQuality.Status
+
+This event indicates the feature status. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **featureId**  Feature ID.
+- **flightId**  Flight ID.
+- **time**  Time of status change.
+- **variantId**  Variant ID.
+
+
+## Feature update events
+
+### Microsoft.Windows.Upgrade.Uninstall.UninstallFailed
+
+This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **failureReason**  Provides data about the uninstall initialization operation failure.
+- **hr**  Provides the Win32 error code for the operation failure.
+
+
+### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered
+
+This event indicates that the uninstall was properly configured and that a system reboot was initiated. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+
+
+## Hang Reporting events
+
+### Microsoft.Windows.HangReporting.AppHangEvent
+
+This event sends data about hangs for both native and managed applications, to help keep Windows up to date. It doesn't contain any Watson bucketing information. The bucketing information is recorded in a Windows Error Reporting (WER) event that is generated when the WER client reports the hang to the Watson service, and the WER event will contain the same ReportID (see field 13 of hang event, field 19 of WER event) as the hang event for the hang being reported. AppHang is reported only on PC devices. It handles classic Win32 hangs and is emitted only once per report. Some behaviors that may be perceived by a user as a hang are reported by app managers (for example, PLM/RM/EM) as Watson Generics and won't produce AppHang events.
+
+The following fields are available:
+
+- **AppName**  The name of the app that has hung.
+- **AppSessionGuid**  GUID made up of process ID used as a correlation vector for process instances in the telemetry backend.
+- **AppVersion**  The version of the app that has hung.
+- **IsFatal**  True/False based on whether the hung application caused the creation of a Fatal Hang Report.
+- **PackageFullName**  Store application identity.
+- **PackageRelativeAppId**  Store application identity.
+- **ProcessArchitecture**  Architecture of the hung process, as one of the PROCESSOR_ARCHITECTURE_* constants: 0: PROCESSOR_ARCHITECTURE_INTEL. 5: PROCESSOR_ARCHITECTURE_ARM. 9: PROCESSOR_ARCHITECTURE_AMD64. 12: PROCESSOR_ARCHITECTURE_ARM64.
+- **ProcessCreateTime**  The time of creation of the process that has hung.
+- **ProcessId**  The ID of the process that has hung.
+- **ReportId**  A GUID used to identify the report. This can used to track the report across Watson.
+- **TargetAppId**  The kernel reported AppId of the application being reported.
+- **TargetAppVer**  The specific version of the application being reported.
+- **TargetAsId**  The sequence number for the hanging process.
+- **TypeCode**  Bitmap describing the hang type.
+- **WaitingOnAppName**  If this is a cross process hang waiting for an application, this has the name of the application.
+- **WaitingOnAppVersion**  If this is a cross process hang, this has the version of the application for which it's waiting.
+- **WaitingOnPackageFullName**  If this is a cross process hang waiting for a package, this has the full name of the package for which it's waiting.
+- **WaitingOnPackageRelativeAppId**  If this is a cross process hang waiting for a package, this has the relative application ID of the package.
+
+
+## Holographic events
+
+### Microsoft.Windows.Analog.Spectrum.TelemetryHolographicDeviceAdded
+
+This event indicates Windows Mixed Reality device state. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **ClassGuid**  Windows Mixed Reality device class GUID.
+- **DeviceInterfaceId**  Windows Mixed Reality device interface ID.
+- **DriverVersion**  Windows Mixed Reality device driver version.
+- **FirmwareVersion**  Windows Mixed Reality firmware version.
+- **Manufacturer**  Windows Mixed Reality device manufacturer.
+- **ModelName**  Windows Mixed Reality device model name.
+- **SerialNumber**  Windows Mixed Reality device serial number.
+
+
+### Microsoft.Windows.Analog.Spectrum.TelemetryHolographicDeviceRemoved
+
+This event indicates Windows Mixed Reality device state. The data collected with this event is used to keep Windows and Windows Mixed Reality performing properly.
+
+The following fields are available:
+
+- **DeviceInterfaceId**  Device Interface ID.
+
+
+### Microsoft.Windows.Analog.Spectrum.TelemetryHolographicSpaceCreated
+
+This event indicates the state of Windows holographic scene. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **AppSessionGuid**  GUID made up of process ID and is used as a correlation vector for process instances in the telemetry backend.
+- **IsForCompositor**  True/False to indicate whether the holographic space is for compositor process.
+- **Source**  An enumeration indicating the source of the log.
+- **WindowInstanceId**  Unique value for each window instance.
+
+
+### Microsoft.Windows.Holographic.Coordinator.HoloShellStateUpdated
+
+This event indicates Windows Mixed Reality HoloShell State. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **HmdState**  Windows Mixed Reality Headset HMD state.
+- **NewHoloShellState**  Windows Mixed Reality HoloShell state.
+- **PriorHoloShellState**  Windows Mixed Reality state prior to entering to HoloShell.
+- **SimulationEnabled**  Windows Mixed Reality Simulation state.
+
+
+### Microsoft.Windows.Shell.HolographicFirstRun.AppActivated
+
+This event indicates Windows Mixed Reality Portal app activation state. This event also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **IsDemoMode**  Windows Mixed Reality Portal app state of demo mode.
+- **IsDeviceSetupComplete**  Windows Mixed Reality Portal app state of device setup completion.
+- **PackageVersion**  Windows Mixed Reality Portal app package version.
+- **PreviousExecutionState**  Windows Mixed Reality Portal app prior execution state.
+- **wilActivity**  Windows Mixed Reality Portal app wilActivity ID.
+
+
+### Microsoft.Windows.Shell.HolographicFirstRun.SomethingWentWrong
+
+This event is emitted when something went wrong error occurs. The data collected with this event is used to keep Windows and Windows Mixed Reality performing properly.
+
+The following fields are available:
+
+- **ErrorSource**  Source of error, obsoleted always 0.
+- **StartupContext**  Start up state.
+- **StatusCode**  Error status code.
+- **SubstatusCode**  Error sub status code.
+
+
+### TraceLoggingHoloLensSensorsProvider.OnDeviceAdd
+
+This event provides Windows Mixed Reality device state with new process that hosts the driver. The data collected with this event is used to keep Windows and Windows Mixed Reality performing properly.
+
+The following fields are available:
+
+- **Process**  Process ID.
+- **Thread**  Thread ID.
+
+
+### TraceLoggingOasisUsbHostApiProvider.DeviceInformation
+
+This event provides Windows Mixed Reality device information. This event is also used to count WMR device and device type. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **BootloaderMajorVer**  Windows Mixed Reality device boot loader major version.
+- **BootloaderMinorVer**  Windows Mixed Reality device boot loader minor version.
+- **BootloaderRevisionNumber**  Windows Mixed Reality device boot loader revision number.
+- **BTHFWMajorVer**  Windows Mixed Reality device BTHFW major version. This event also used to count WMR device.
+- **BTHFWMinorVer**  Windows Mixed Reality device BTHFW minor version. This event also used to count WMR device.
+- **BTHFWRevisionNumber**  Windows Mixed Reality device BTHFW revision number.
+- **CalibrationBlobSize**  Windows Mixed Reality device calibration blob size.
+- **CalibrationFwMajorVer**  Windows Mixed Reality device calibration firmware major version.
+- **CalibrationFwMinorVer**  Windows Mixed Reality device calibration firmware minor version.
+- **CalibrationFwRevNum**  Windows Mixed Reality device calibration firmware revision number.
+- **DeviceInfoFlags**  Windows Mixed Reality device info flags.
+- **DeviceReleaseNumber**  Windows Mixed Reality device release number.
+- **FirmwareMajorVer**  Windows Mixed Reality device firmware major version.
+- **FirmwareMinorVer**  Windows Mixed Reality device firmware minor version.
+- **FirmwareRevisionNumber**  Windows Mixed Reality device calibration firmware revision number.
+- **FpgaFwMajorVer**  Windows Mixed Reality device FPGA firmware major version.
+- **FpgaFwMinorVer**  Windows Mixed Reality device FPGA firmware minor version.
+- **FpgaFwRevisionNumber**  Windows Mixed Reality device FPGA firmware revision number.
+- **FriendlyName**  Windows Mixed Reality device friendly name.
+- **HashedSerialNumber**  Windows Mixed Reality device hashed serial number.
+- **HeaderSize**  Windows Mixed Reality device header size.
+- **HeaderVersion**  Windows Mixed Reality device header version.
+- **LicenseKey**  Windows Mixed Reality device header license key.
+- **Make**  Windows Mixed Reality device make.
+- **ManufacturingDate**  Windows Mixed Reality device manufacturing date.
+- **Model**  Windows Mixed Reality device model.
+- **PresenceSensorHidVendorPage**  Windows Mixed Reality device presence sensor HID vendor page.
+- **PresenceSensorHidVendorUsage**  Windows Mixed Reality device presence sensor HID vendor usage.
+- **PresenceSensorUsbVid**  Windows Mixed Reality device presence sensor USB VId.
+- **ProductBoardRevision**  Windows Mixed Reality device product board revision number.
+- **SerialNumber**  Windows Mixed Reality device serial number.
+
+
+## Inventory events
+
+### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
+
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AndroidPackageId**  A unique identifier for an Android app.
+- **HiddenArp**  Indicates whether a program hides itself from showing up in ARP.
+- **InstallDate**  The date the application was installed (a best guess based on folder creation date heuristics).
+- **InstallDateArpLastModified**  The date of the registry ARP key for a given application. Hints at install date but not always accurate. Passed as an array. Example: 4/11/2015  00:00:00
+- **InstallDateFromLinkFile**  The estimated date of install based on the links to the files.  Passed as an array.
+- **InstallDateMsi**  The install date if the application was installed via Microsoft Installer (MSI). Passed as an array.
+- **InventoryVersion**  The version of the inventory file generating the events.
+- **Language**  The language code of the program.
+- **MsiInstallDate**  The install date recorded in the program's MSI package.
+- **MsiPackageCode**  A GUID that describes the MSI Package. Multiple 'Products' (apps) can make up an MsiPackage.
+- **MsiProductCode**  A GUID that describe the MSI Product.
+- **Name**  The name of the application.
+- **OSVersionAtInstallTime**  The four octets from the OS version at the time of the application's install.
+- **PackageFullName**  The package full name for a Store application.
+- **ProgramInstanceId**  A hash of the file IDs in an app.
+- **Publisher**  The Publisher of the application. Location pulled from depends on the 'Source' field.
+- **RootDirPath**  The path to the root directory where the program was installed.
+- **Source**  How the program was installed (for example, ARP, MSI, Appx).
+- **SparkId**  Unique ID that represents a Win32 app installed from the Microsoft Store.
+- **StoreAppType**  A sub-classification for the type of Microsoft Store app, such as UWP or Win8StoreApp.
+- **Type**  One of ("Application", "Hotfix", "BOE", "Service", "Unknown"). Application indicates Win32 or Appx app, Hotfix indicates app updates (KBs), BOE indicates it's an app with no ARP or MSI entry, Service indicates that it's a service. Application and BOE are the ones most likely seen.
+- **Version**  The version number of the program.
+
+
+### Microsoft.Windows.Inventory.Core.InventoryApplicationKbStartSync
+
+This event represents the basic metadata about an application updates (KBs) installed on the system. This event is used to understand the applications on a machine to determine if there will be compatibility issues when upgrading Windows.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **InventoryVersion**  The version of the inventory components.
+
+
+### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
+
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **InventoryVersion**  The version of the inventory file generating the events.
+
+
+## Kernel events
+
+### Microsoft.Windows.Kernel.PnP.AggregateSetDevNodeProblem
+
+This event is sent when a new problem code is assigned to a device. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **Count**  The total number of events.
+- **DeviceInstanceId**  The unique identifier of the device in the system.
+- **LastProblem**  The previous problem code that was set on the device.
+- **LastProblemStatus**  The previous NTSTATUS value that was set on the device.
+- **Problem**  The new problem code that was set on the device.
+- **ProblemStatus**  The new NTSTATUS value that was set on the device.
+- **ServiceName**  The driver or service name that is attached to the device.
+
+
+### Microsoft.Windows.Kernel.Power.AbnormalShutdown
+
+This event provides diagnostic information of the most recent abnormal shutdown.
+
+The following fields are available:
+
+- **BootEnvironment**  Errors from boot environment.
+- **BootStatValid**  Status of bootstat file.
+- **Bugcheck**  Bugcheck information.
+- **CrashDump**  Crash dump information.
+- **CurrentBootId**  ID of this boot.
+- **FirmwareReset**  System reset by firmware.
+- **LastShutdownBootId**  BootID of last shutdown.
+- **LongPowerButtonHold**  Long power button hold information.
+- **SystemStateTransition**  State transition information.
+- **Watchdog**  Watchdog information.
+- **WheaBootErrorCount**  Whea boot error information.
+
+
+### Microsoft.Windows.Kernel.Power.PreviousShutdownWasThermalShutdown
+
+This event sends Product and Service Performance data on which area of the device exceeded safe temperature limits and caused the device to shutdown. This information is used to ensure devices are behaving as they're expected to. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **temperature**  Contains the actual temperature measurement, in tenths of degrees Kelvin, for the area that exceeded the limit.
+- **thermalZone**  Contains an identifier that specifies which area it was that exceeded temperature limits.
+- **TotalUpTimeMs** Contains the total system up time in milliseconds.
+
+
+## Microsoft Edge events
+
+### Aria.160f0649efde47b7832f05ed000fc453.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **account_type**  A number representing the type of the signed in user account, where 0 indicates None, 1 indicates Microsoft Account, 2 indicates Azure Active Directory, 3 indicates On-Prem Active Directory and 4 indicates Azure Active Directory (Degraded). This field is currently only supported on mobile platforms and so the value is set to -1 on non-mobile platforms.
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
+- **app_version**  The internal Microsoft Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state wasn't retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **brandCode**  Contains the 4 character brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (for example, Canary/Dev/Beta/Stable). client_id isn't durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **container_client_id**  The client ID of the container, if in WDAG mode. This will be different from the UMA log client ID, which is the client ID of the host in WDAG mode.
+- **container_session_id**  The session ID of the container, if in WDAG mode. This will be different from the UMA log session ID, which is the session ID of the host in WDAG mode.
+- **device_sample_rate**  A number representing how often the device sends telemetry, expressed as a percentage. Low values indicate that device sends more events and high values indicate that device sends fewer events. The value is rounded to five significant figures for privacy reasons and if an error is hit in getting the device sample number value from the registry then this will be -1; and if client isn't on a UTC-enabled platform, then this value won't be set.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event, where 1 is basic, 2 is enhanced, and 3 is full.
+- **experimentation_mode**  A number representing the value set for the ExperimentationAndConfigurationServiceControl group policy. See [Microsoft Edge - Policies](/DeployEdge/microsoft-edge-policies#experimentationandconfigurationservicecontrol) for more details on this policy.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSourceName**  A string representation of the installation source.
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **pop_sample**  A value indicating how the device's data is being sampled.
+- **reactivationBrandCode**  Contains the 4 character reactivation brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **utc_flags**  Event Tracing for Windows (ETW) flags required for the event as part of the data collection process.
+
+
+### Aria.29e24d069f27450385c7acaa2f07e277.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **account_type**  A number representing the type of the signed in user account, where 0 indicates None, 1 indicates Microsoft Account, 2 indicates Azure Active Directory, 3 indicates On-Prem Active Directory and 4 indicates Azure Active Directory (Degraded). This field is currently only supported on mobile platforms and so the value is set to -1 on non-mobile platforms.
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
+- **app_version**  The internal Microsoft Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state wasn't retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **brandCode**  Contains the 4 character brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (for example, Canary/Dev/Beta/Stable). client_id isn't durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **container_client_id**  The client ID of the container, if in WDAG mode. This will be different from the UMA log client ID, which is the client ID of the host in WDAG mode.
+- **container_session_id**  The session ID of the container, if in WDAG mode. This will be different from the UMA log session ID, which is the session ID of the host in WDAG mode.
+- **device_sample_rate**  A number representing how often the device sends telemetry, expressed as a percentage. Low values indicate that device sends more events and high values indicate that device sends fewer events. The value is rounded to five significant figures for privacy reasons and if an error is hit in getting the device sample number value from the registry then this will be -1; and if client isn't on a UTC-enabled platform, then this value won't be set.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **experimentation_mode**  A number representing the value set for the ExperimentationAndConfigurationServiceControl group policy. See [Microsoft Edge - Policies](/DeployEdge/microsoft-edge-policies#experimentationandconfigurationservicecontrol) for more details on this policy.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSourceName**  A string representation of the installation source.
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **pop_sample**  A value indicating how the device's data is being sampled.
+- **reactivationBrandCode**  Contains the 4 character reactivation brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **utc_flags**  Event Tracing for Windows (ETW) flags required for the event as part of the data collection process.
+
+
+### Aria.7005b72804a64fa4b2138faab88f877b.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **account_type**  Aria.7005b72804a64fa4b2138faab88f877b.Microsoft.WebBrowser.SystemInfo.Config
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
+- **app_version**  The internal Microsoft Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state wasn't retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **brandCode**  Contains the 4 character brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (for example, Canary/Dev/Beta/Stable). client_id isn't durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **container_client_id**  The client ID of the container, if in WDAG mode. This will be different from the UMA log client ID, which is the client ID of the host in WDAG mode.
+- **container_session_id**  The session ID of the container, if in WDAG mode. This will be different from the UMA log session ID, which is the session ID of the host in WDAG mode.
+- **device_sample_rate**  A number representing how often the device sends telemetry, expressed as a percentage. Low values indicate that device sends more events and high values indicate that device sends fewer events. The value is rounded to five significant figures for privacy reasons and if an error is hit in getting the device sample number value from the registry then this will be -1; and if client isn't on a UTC-enabled platform, then this value won't be set.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **experimentation_mode**  A number representing the value set for the ExperimentationAndConfigurationServiceControl group policy. See [Microsoft Edge - Policies](/DeployEdge/microsoft-edge-policies#experimentationandconfigurationservicecontrol) for more details on this policy.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSourceName**  A string representation of the installation source.
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **pop_sample**  A value indicating how the device's data is being sampled.
+- **reactivationBrandCode**  Contains the 4 character reactivation brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **utc_flags**  Event Tracing for Windows (ETW) flags required for the event as part of the data collection process.
+
+
+### Aria.754de735ccd546b28d0bfca8ac52c3de.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **account_type**  A number representing the type of the signed in user account, where 0 indicates None, 1 indicates Microsoft Account, 2 indicates Azure Active Directory, 3 indicates On-Prem Active Directory and 4 indicates Azure Active Directory (Degraded). This field is currently only supported on mobile platforms and so the value is set to -1 on non-mobile platforms.
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
+- **app_version**  The internal Microsoft Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state wasn't retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **brandCode**  Contains the 4 character brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (for example, Canary/Dev/Beta/Stable). client_id isn't durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **container_client_id**  The client ID of the container, if in WDAG mode. This will be different from the UMA log client ID, which is the client ID of the host in WDAG mode.
+- **container_session_id**  The session ID of the container, if in WDAG mode. This will be different from the UMA log session ID, which is the session ID of the host in WDAG mode.
+- **device_sample_rate**  A number representing how often the device sends telemetry, expressed as a percentage. Low values indicate that device sends more events and high values indicate that device sends fewer events. The value is rounded to five significant figures for privacy reasons and if an error is hit in getting the device sample number value from the registry then this will be -1; and if client isn't on a UTC-enabled platform, then this value won't be set.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **experimentation_mode**  A number representing the value set for the ExperimentationAndConfigurationServiceControl group policy. See [Microsoft Edge - Policies](/DeployEdge/microsoft-edge-policies#experimentationandconfigurationservicecontrol) for more details on this policy.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSourceName**  A string representation of the installation source.
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **pop_sample**  A value indicating how the device's data is being sampled.
+- **reactivationBrandCode**  Contains the 4 character reactivation brand code or distribution tag that has been assigned to a partner. Not every Windows install will have a brand code.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **utc_flags**  Event Tracing for Windows (ETW) flags required for the event as part of the data collection process.
+
+
+### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
+
+This Ping event sends a detailed inventory of software and hardware information about the EdgeUpdate service, Microsoft Edge applications, and the current system environment including app configuration, update configuration, and hardware capabilities. This event contains Device Connectivity and Configuration, Product and Service Performance, and Software Setup and Inventory data. One or more events is sent each time any installation, update, or uninstallation occurs with the EdgeUpdate service or with Microsoft Edge applications. This event is used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
+
+The following fields are available:
+
+- **appAp**  Any additional parameters for the specified application. Default: ''.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Default: undefined.
+- **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
+- **appChannel**  An integer indicating the channel of the installation (that is, Canary or Dev).
+- **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
+- **appCohort**  A machine-readable string identifying the release cohort (channel) that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (for example, send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known. Default: '-2'.
+- **appEdgePreviewDisenrollReason**  Reason why Preview was unenrolled.
+- **appEdgePreviewPreviousValuesV2**  Previous values of the Microsoft Edge Preview.
+- **appEdgePreviewState**  Specifies if Microsoft Edge is in the preview state.
+- **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client shouldn't transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
+- **appFirstFRESeenTime**  The earliest time the Microsoft Edge First Run Experience was seen by any user on the device in Windows FILETIME units / 10. Default: undefined.
+- **appFirstFRESeenVersion**  The earliest Microsoft Edge First Run Experience version that was seen by any user on the device (for example '1.2.3.4'). Default: undefined.
+- **appInactivityBadgeApplied**  Specifies that the inactivity badge has been applied.
+- **appInactivityBadgeCleared**  Specifies that the inactivity badge has been cleared.
+- **appInactivityBadgeDuration**  The duration of the inactivity badge.
+- **appInstallTime**  The product install time in seconds. '0' if unknown. Default: '-1'.
+- **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
+- **appIsPinnedSystem**  Specifies is the app is pinned.
+- **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
+- **appLastLaunchCount**  Number of times the app launched last.
+- **appLastLaunchTime**  The time when browser was last launched.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
+- **appOOBEInstallTime**  The time of first recorded successful OOBE Microsoft Edge install in Windows FILETIME units / 10 (that is, the install time of any fully completed OOBE install achieved before OOBE finishes), as recorded by setup.exe. Default: undefined.
+- **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
+- **appPingEventDoneBeforeOOBEComplete**  Indicates whether the install or update was completed before Windows Out of the Box Experience ends. 1 means event completed before OOBE finishes; 0 means event wasn't completed before OOBE finishes; -1 means the field doesn't apply.
+- **appPingEventDownloadMetricsCdnAzureRefOriginShield**  Provides a unique reference string that identifies a request served by Azure Front Door. It's used to search access logs and is critical for troubleshooting. For example, Ref A: E172B39D19774147B0EFCC8E3E823D9D Ref B: BL2EDGE0215 Ref C: 2021-05-11T22:25:48Z.
+- **appPingEventDownloadMetricsCdnCache**  Corresponds to the result, whether the proxy has served the result from cache (HIT for yes, and MISS for no) For example, HIT from proxy.domain.tld, MISS from proxy.local.
+- **appPingEventDownloadMetricsCdnCCC**  ISO 2 character country code that matches to the country updated binaries are delivered from. for example: US.
+- **appPingEventDownloadMetricsCdnCID**  Numeric value used to internally track the origins of the updated binaries. For example, 2.
+- **appPingEventDownloadMetricsCdnMSEdgeRef**  Used to help correlate client-to-AFD (Azure Front Door) conversations. For example, Ref A: E2476A9592DF426A934098C0C2EAD3AB Ref B: DM2EDGE0307 Ref C: 2022-01-13T22:08:31Z.
+- **appPingEventDownloadMetricsCdnP3P**  Electronic privacy statement: CAO = collects contact-and-other, PSA = for pseudo-analysis, OUR = data received by us only. Helps identify the existence of transparent intermediaries (proxies) that can create noise in legitimate error detection. For example, CP=\"CAO PSA OUR\".
+- **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
+- **appPingEventDownloadMetricsDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventDownloadMetricsError**  The error code (if any) of the operation, encoded as a signed base-10 integer. Default: '0'.
+- **appPingEventDownloadMetricsServerIpHint**  For events representing a download, the CDN Host IP address that corresponds to the update file server. The CDN host is controlled by Microsoft servers and always maps to IP addresses hosting *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadMetricsTotalBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventEventResult**  An enum indicating the result of the event. Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. 
+- **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
+- **appPingEventPackageCacheResult**  Whether there's an existing package cached in the system to update or install. 1 means that there's a cache hit under the expected key, 2 means there's a cache hit under a different key, 0 means that there's a cache miss. -1 means the field doesn't apply.
+- **appPingEventSequenceId**  An ID that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
+- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a "urls" tag.
+- **appPingEventSystemUptimeTicks**  Number of ticks that the system has been up.
+- **appPingEventUpdateCheckTimeMs**  For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appReferralHash**  The hash of the referral code used to install the product. '0' if unknown. Default: '0'.
+- **appUpdateCheckIsRollbackAllowed**  Check for status showing whether or not rollback is allowed.
+- **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they haven't.
+- **appUpdateCheckTargetChannel**  Check for status showing the target release channel.
+- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server shouldn't return an update instruction to a version number that doesn't match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it's not a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
+- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
+- **appUpdateCount** A running total of successful updates recorded by setup.exe. This is used for continuity checking of the Ping data spanning consecutive updates.
+- **appUpdatesAllowedForMeteredNetworks**  Specifies if the device can receive updates with on a metered network.
+- **appVersion**  The version of the product install. shouldn't Default: '0.0.0.0'.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **eventType**  A string indicating the type of the event. shouldn't
+- **expETag**  An identifier representing all service applied configurations and experiments when current update happens. Used for testing only.
+- **hwDiskType**  Device’s hardware disk type.
+- **hwHasAvx**  '1' if the client's hardware supports the AVX instruction set. '0' if the client's hardware doesn't support the AVX instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware doesn't support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware doesn't support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse3**  '1' if the client's hardware supports the SSE3 instruction set. '0' if the client's hardware doesn't support the SSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse41**  '1' if the client's hardware supports the SSE4.1 instruction set. '0' if the client's hardware doesn't support the SSE4.1 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse42**  '1' if the client's hardware supports the SSE4.2 instruction set. '0' if the client's hardware doesn't support the SSE4.2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSsse3**  '1' if the client's hardware supports the SSSE3 instruction set. '0' if the client's hardware doesn't support the SSSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwLogicalCpus**  Number of logical CPUs of the device.
+- **hwPhysmemory**  The physical memory available to the client, truncated down to the nearest gibibyte. '-1' if unknown. This value is intended to reflect the maximum theoretical storage capacity of the client, not including any hard drive or paging to a hard drive or peripheral. Default: '-1'.
+- **isCTADevice**  Specifies if the device is CTA.
+- **isMsftDomainJoined**  '1' if the client is a member of a Microsoft domain. '0' otherwise. Default: '0'.
+- **oemProductManufacturer**  The device manufacturer name.
+- **oemProductName**  The product name of the device defined by device manufacturer.
+- **osArch**  The architecture of the operating system (for example, 'x86', 'x64', 'arm'). '' if unknown. Default: ''.
+- **osIsDefaultNetworkConnectionMetered**  States if the default network connection is metered.
+- **osIsInLockdownMode**  Is the OS in lockdown mode.
+- **osIsWIP**  Whether the OS is in preview.
+- **osPlatform**  The operating system family that the within which the Omaha client is running (for example 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system Name should be transmitted in lowercase with minimal formatting. Default: ''.
+- **osProductType**  Type associated with the operating system.
+- **osServicePack**  The secondary version of the operating system. '' if unknown. Default: ''.
+- **osVersion**  The primary version of the operating system. '' if unknown. Default: ''.
+- **osWIPBranch**  WIP branch of the operating system.
+- **requestCheckPeriodSec**  The update interval in seconds. The value is read from the registry. Default: '-1'.
+- **requestDlpref**  A comma-separated list of values specifying the preferred download URL behavior. The first value is the highest priority, further values reflect secondary, tertiary, et cetera priorities. Legal values are '' (in which case the entire list must be empty, indicating unknown or no-preference) or 'cacheable' (the server should prioritize sending URLs that are easily cacheable). Default: ''.
+- **requestDomainJoined**  '1' if the machine is part of a managed enterprise domain. Otherwise '0'.
+- **requestInstallSource**  A string specifying the cause of the update flow. For example: 'ondemand', or 'scheduledtask'. Default: ''.
+- **requestIsMachine**  '1' if the client is known to be installed with system-level or administrator privileges. '0' otherwise. Default: '0'.
+- **requestOmahaShellVersion**  The version of the Omaha installation folder. Default: ''.
+- **requestOmahaVersion**  The version of the Omaha updater itself (the entity sending this request). Default: '0.0.0.0'.
+- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients must always transmit this attribute. Default: undefined.
+- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Each request attempt should have (with high probability) a unique request id. Default: ''.
+- **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
+- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (for example, update check, update application, event ping sequence) should have (with high probability) a single unique session ID. Default: ''.
+- **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and shouldn't be counted toward normal metrics. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
+
+
+### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.PingXml
+
+The PingXml event sends detailed information pertaining to a specific instance of an update process in MicrosoftEdgeUpdate. This event contains Device Connectivity and Configuration, Product and Service Performance, and Software Setup and Inventory data. Each PingXml event can contain update logs from multiple different applications, and each application node in the XML payload can contain multiple different ping events. This event is sent whenever an update process occurs in the MicrosoftEdgeUpdate, regardless of the exit status. This event is used to track the reliability and performance of the MicrosoftEdgeUpdate process. The payload of this event is defined in the protocol definition header file.
+
+The following fields are available:
+
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **Xml**  XML-encoded string representing the request payload of the ping event. The request payload includes data and metadata for four nodes: the request itself, the hardware of the device, the OS of the device, and each updated application. Each application node includes additional nodes for individual ping events.
+
+
+## Migration events
+
+### Microsoft.Windows.MigrationCore.MigObjectCountDLSys
+
+This event is used to indicate object count for system paths during different phases of Windows feature update.
+
+The following fields are available:
+
+- **migDiagSession->CString**  Indicates the phase of the update.
+- **objectCount**  Number of files being tracked for the corresponding phase of the update.
+- **sfInfo.Name**  This indicates well know folder location path (Ex: PUBLIC_downloads etc.)
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
+
+The following fields are available:
+
+- **currentSid**  Indicates the user SID for which the migration is being performed.
+- **migDiagSession->CString**  The phase of the upgrade where migration occurs. (for example: Validate tracked content)
+- **objectCount**  The count for the number of objects that are being transferred.
+- **sfInfo.Name**  This event identifies the phase of the upgrade where migration happens.
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
+
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
+
+The following fields are available:
+
+- **migDiagSession->CString**  Identifies the phase of the upgrade where migration happens.
+- **objectCount**  The count of the number of objects that are being transferred.
+- **sfInfo.Name**  The predefined folder path locations. For example, FOLDERID_PublicDownloads
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
+
+The following fields are available:
+
+- **currentSid**  Indicates the user SID for which the migration is being performed.
+- **migDiagSession->CString**  The phase of the upgrade where the migration occurs. (For example, Validate tracked content.)
+- **objectCount**  The number of objects that are being transferred.
+- **sfInfo.Name**  The predefined folder path locations. For example, FOLDERID_PublicDownloads.
+
+
+## OneSettings events
+
+### Microsoft.Windows.OneSettingsClient.Heartbeat
+
+This event indicates the config state heartbeat. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **Configs**  Array of configs.
+
+
+### Microsoft.Windows.OneSettingsClient.StateChange
+
+This event indicates the change in config state. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **flightId**  Flight id.
+- **state**  New state.
+
+
+### Microsoft.Windows.OneSettingsClient.Status
+
+This event indicates the config usage of status update. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **flightId**  Flight id.
+- **time**  Time.
+
+
+## OOBE events
+
+### Microsoft.Windows.Shell.Oobe.ExpeditedUpdate.ExpeditedUpdateNthLogonDisplayStatus
+
+NthLogon NDUP evaluated whether it should launch or not.
+
+The following fields are available:
+
+- **nthSkippedReasonFlag**  Flag indicating skip reason.
+- **reason**  Skip reason string.
+
+
+### Microsoft.Windows.Shell.Oobe.ExpeditedUpdate.ExpeditedUpdatePageSkipped
+
+This event provides information about skipping expedited update page. The data collected with this event is used to help keep Windows secure, up to date, and performing properly.
+
+The following fields are available:
+
+- **reason**  Reason for skip.
+- **skippedReasonFlag**  Flag representing reason for skip.
+
+
+### Microsoft.Windows.Shell.Oobe.ExpeditedUpdate.ExpeditedUpdateStatusResult
+
+This event provides status of expedited update. The data collected with this event is used to help keep Windows secure, up to date, and performing properly.
+
+The following fields are available:
+
+- **oobeExpeditedUpdateStatus**  Expedited update status.
+- **reason**  Reason for the status.
+- **resultCode**  HR result of operation.
+
+
+## Other events
+
+### Microsoft.Windows.Analog.HolographicDriverClient.TelemetryUserPresenceChanged
+
+This event sends data indicating the state detected by user presence sensor. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **correlationGuid**  Unique correlation Guid Id.
+- **isPresent**  State detected by user presence sensor.
+
+
+### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Entered
+
+This event sends data indicating the start of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **SessionID**  Unique value for each attempt.
+- **TargetAsId**  The sequence number for the process.
+- **windowInstanceId**  Unique value for each window instance.
+
+
+### Microsoft.Windows.Analog.HydrogenCompositor.ExclusiveMode_Leave
+
+This event sends data indicating the end of augmented reality application experience. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **EventHistory**  Unique number of event history.
+- **ExternalComponentState**  State of external component.
+- **LastEvent**  Unique number of last event.
+- **SessionID**  Unique value for each attempt.
+- **TargetAsId**  The sequence number for the process.
+- **windowInstanceId**  Unique value for each window instance.
+
+
+### Microsoft.Windows.Security.NGC.KspSvc.NgcUserIdKeyFinalize
+
+This event traces Windows Hello key creation finalize.
+
+
+The following fields are available:
+
+- **accountType**  The account type of the user.
+- **cacheType**  The cache type of the key.
+- **finalizeStatus**  Returned status code after the finalize operation.
+- **gestureRequired**  The operation requires a gesture.
+- **isIsoContainer**  Indicates if it's using IsoContainer.
+- **isVsm**  Indicates if Container is in Vsm.
+- **keyAccountId**  Key account ID.
+- **keyAlgId**  Key Algorithm ID.
+- **keyDomain**  Key domain name.
+- **keyImplType**  Key implementation type.
+- **keyTenant**  Key tenant name.
+- **keyType**  Key type.
+- **signStatus**  Returned status code after the finalize operation.
+- **silentByCaller**  Indicates whether the caller wanted to finalize silently.
+- **silentByProperty**  Indicates whether the key property specified to finalize silently.
+
+
+### Microsoft.Windows.Security.NGC.KspSvc.NgcUserIdKeySignHash
+
+This event traces Windows Hello key signing details.
+
+The following fields are available:
+
+- **accountType**  The account type of the user.
+- **cacheType**  The cache type of the key.
+- **callerCmdLine**  Caller process command line string.
+- **didPrompt**  Whether a UI prompt was triggered.
+- **gestureRequired**  The operation requires a gesture.
+- **isCacheWithTimedCounterEnabled**  New caching mechanism is enabled.
+- **isCallerProcessQueryLimited**  Indicates if caller process failed to be opened with PROCESS_VM_READ privilege.
+- **isUnlockTimeSet**  We have a valid unlock time to use.
+- **keyAccountId**  Hashed key account ID.
+- **keyDomain**  Hashed key domain name.
+- **keyImplType**  The implementation type of the key.
+- **keyTenant**  Hashed key tenant name.
+- **keyType**  Key type.
+- **numSignatures**  Number of signatures made since logon or unlock.
+- **persistedInPinCache**  The PIN was persisted in the cache.
+- **protectionLevel**  Specifies whether the caller process is a PPL and at what level.
+- **sessionGuid**  Unique identifier for the current user session.
+- **signStatus**  Returned status code after the sign operation.
+- **silentByCaller**  Indicates whether the caller wanted to sign silently.
+- **silentByProperty**  Indicates whether the key property specified to sign silently.
+- **timeSinceUnlockMs**  Time since logon or unlock in milliseconds.
+- **usedPinCache**  The PIN cache was used to attempt to sign.
+- **validTicket**  The provided ticket doesn't match the default or invalid auth ticket.
+
+### Microsoft.Windows.Security.SBServicing.ApplySecureBootUpdateFailed
+
+Event that indicates that an attempt to apply secure boot updates failed
+
+The following fields are available:
+
+- **Action**  Action string when error occurred
+- **hr**  Error code in HRESULT
+- **IsRejectedByFirmware**  Bool value to indicate if firmware has rejected the update.
+- **IsResealNeeded**  BOOL value to indicate if TPM Reseal was needed
+- **RevokedBootmanager**  BOOL value to indicate if current bootmgr is revoked.
+- **SecureBootUpdateCaller**  Scenario in which function was called. Could be Update or Upgrade
+- **UpdateType**  Indicates if it's DB or DBX update
+- **WillResealSucceed**  Indicates if TPM reseal operation is expected to succeed
+
+
+### Microsoft.Windows.Security.SBServicing.ApplySecureBootUpdateStarted
+
+Event that indicates secure boot update has started.
+
+The following fields are available:
+
+- **AvailableUpdates**  Number of available secure boot updates.
+- **SecureBootUpdateCaller**  Enum value indicating if this is a servicing or an upgrade.
+
+
+### Microsoft.Windows.Security.SBServicing.ApplySecureBootUpdateSucceeded
+
+This event indicates if the Secure Boot Update succeded.
+
+The following fields are available:
+
+- **Action**  Indicates the stage for success.
+- **IsRebootRequiredBeforeUpdate**  Indicates if reboot is required for before re-attempting the update.
+- **IsResealNeeded**  Indicates if BitLocker reseal is needed.
+- **RevokedBootmanager**  Indicates if there's a revoked bootmgr on the machine.
+- **SecureBootUpdateCaller**  Info about the caller of the update.
+- **UpdateType**  VariableMask like DB, DBX.
+- **WillResealSucceed**  Inform if reseal will succeed.
+
+
+### Microsoft.Windows.Security.SBServicingCore.ApplySecureBootUpdateCompleted
+
+This event logs when the installer completes Secureboot update.
+
+The following fields are available:
+
+- **Action**  String that tells us the failure stage if any.
+- **hr**  error code.
+- **IsResealNeeded**  Is BitLocker reseal was needed on this machine.
+- **sbServicingFailureReason**  Enum containing failure details.
+- **SecureBootUpdateCaller**  Caller of the update like Secureboot AI, tpmtask or dbupdater.
+- **UpdateType**  Update type DB or DBX.
+- **WillResealSucceed**  If BitLocker reseal will succeed on this machine.
+
+
+### Microsoft.Windows.Security.SBServicingCore.ApplySecureBootUpdateStarted
+
+This event logs when Secureboot updating containing DB/DBX payload starts.
+
+The following fields are available:
+
+- **SecureBootUpdateCaller**  Caller of the update like Secureboot AI, TPMTask or DBUpdater.
+- **UpdateType**  Update type like DB or DBX.
+
+
+### Microsoft.Windows.Security.SBServicingCore.SBServicingCoreFunctionFailed
+
+This event logs when some core function of Secureboot AI fails.
+
+The following fields are available:
+
+- **Action**  stage at which the failure occurred.
+- **Function**  name of the function where the failure occurred.
+- **hr**  error code.
+
+
+### Microsoft.Windows.Shell.CortanaSearch.WebView2ProcessFailed
+
+This event tracks if the WebView2 process failed.
+
+The following fields are available:
+
+- **ExitCode**  WebView2 exit code.
+- **ProcessFailedKind**  WebView2 process failure kind.
+- **Reason**  WebView2 process failure reason.
+- **SessionId**  WebView2 sessionId.
+
+
+### Microsoft.Windows.Shell.SystemSettings.SettingsAppActivity.GetUserAccountState
+
+This event keeps track of if the user's account is in a good state upon loading the Settings Accounts L1 page.
+
+The following fields are available:
+
+- **CassService**  Version of the Cass service.
+- **componentName**  Name of the Settings component.
+- **correlationVector**  Identifier for correlating events.
+- **currentPageGroupId**  Identifier for the current page group.
+- **currentPageId**  Identifier for the current page.
+- **experienceId**  Identifier for the Settings experience.
+- **experienceVersion**  Version of the experience.
+- **isExperienceInbox**  Is the experience present by default (Comes with the system).
+- **pageId**  Identifier for the Setting page.
+- **pageSessionId**  Identifier for the page session.
+- **processSessionId**  Identifier for the process.
+- **state**  State that determines if the account has required backup proofs (eg. email and phone)
+
+
+### Microsoft.Windows.WinRE.Agent.CreateWinRePartitionFailed
+
+This event emits failure of the Creation of the WinRE partition operation.
+
+The following fields are available:
+
+- **ErrorCode**  Error code.
+
+
+### Microsoft.Windows.WinRE.Agent.ExtendOsPartitionSucceed
+
+This event emits success for the extending OS Partition operation.
+
+
+### Microsoft.Windows.WinRE.Agent.ShrinkOsPartitionFailed
+
+This event captures OS partition shrink operation failures during the WinRE servicing.
+
+The following fields are available:
+
+- **HRESULT**  Error code.
+
+
+### Microsoft.Windows.WinRE.Agent.WinreFormatPartition
+
+This event fires when WinRE partition is formatted.
+
+
+
+### Microsoft.Windows.WinRE.Agent.WinreFormatPartitionSucceed
+
+This vvent fires when WinRE partition attempts to format and succeeds.
+
+
+## Privacy consent logging events
+
+### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentCompleted
+
+This event is used to determine whether the user successfully completed the privacy consent experience. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **presentationVersion**  Which display version of the privacy consent experience the user completed
+- **privacyConsentState**  The current state of the privacy consent experience
+- **settingsVersion**  Which setting version of the privacy consent experience the user completed
+- **userOobeExitReason**  The exit reason of the privacy consent experience
+
+
+### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentStatus
+
+This event provides the effectiveness of new privacy experience. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **isAdmin**  whether the person who is logging in is an admin
+- **isExistingUser**  whether the account existed in a downlevel OS
+- **isLaunching**  Whether or not the privacy consent experience will be launched
+- **isSilentElevation**  whether the user has most restrictive UAC controls
+- **privacyConsentState**  whether the user has completed privacy experience
+- **userRegionCode**  The current user's region setting
+
+
+## Setup events
+
+### Microsoft.Windows.Setup.WinSetupMon.ProtectionViolation
+
+This event provides information about move or deletion of a file or a directory which is being monitored for data safety during feature updates. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **Mode**  The kind of monitoring mode enforced for the given path (this is one of a fixed set of strings).
+- **Path**  Path to the file or the directory which is being moved or deleted.
+- **Process**  Path to the process which is requesting the move or the deletion.
+- **SessionId**   Identifier to correlate this component's telemetry with that of others.
+- **TargetPath**  (Optional) If the operation is a move, the target path to which the file or directory is being moved.
+
+
+### Microsoft.Windows.Setup.WinSetupMon.TraceError
+
+Provides details about error in the functioning of upgrade data safety monitoring filter driver.
+
+The following fields are available:
+
+- **Message**  Text string describing the error condition.
+- **SessionId** Identifier to correlate this component's telemetry with that of others.
+- **Status**  	NTSTATUS code related to the error.
+
+
+### Microsoft.Windows.Setup.WinSetupMon.TraceErrorVolume
+
+Provides details about error in the functioning of upgrade data safety monitoring filter driver, related to a specific volume (drive).
+
+The following fields are available:
+
+- **Message**  Text string describing the error condition.
+- **SessionId**  Identifier to correlate this component's telemetry with that of others.
+- **Status**  NTSTATUS code related to the error.
+- **Volume**  Path of the volume on which the error occurs
+
+
+## Surface events
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEvent
+
+This event includes the hardware level data about battery performance. The data collected with this event is used to help keep Windows products and services performing properly.
+
+The following fields are available:
+
+- **batteryData**  Battery Performance data.
+- **batteryData.data()**  Battery performance data.
+- **BatteryDataSize:**  Size of the battery performance data.
+- **batteryInfo.data()**  Battery performance data.
+- **BatteryInfoSize:**  Size of the battery performance data.
+
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEventV2_BPM
+
+This event includes the hardware level data about battery performance.  The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **BPMCurrentlyEngaged**  Instantaneous snapshot if BPM is engaged on device.
+- **BPMExitCriteria**  What is the BPM exit criteria - 20%SOC or 50%SOC?
+- **BPMHvtCountA**  Current HVT count for BPM counter A.
+- **BPMHvtCountB**  Current HVT count for BPM counter B.
+- **bpmOptOutLifetimeCount**  BPM OptOut Lifetime Count.
+- **BPMRsocBucketsHighTemp_Values**  Time in temperature range 46°C -60°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMRsocBucketsLowTemp_Values**  Time in temperature range 0°C -20°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMRsocBucketsMediumHighTemp_Values**  Time in temperature range 36°C -45°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMRsocBucketsMediumLowTemp_Values**  Time in temperature range 21°C-35°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMTotalEngagedMinutes**  Total time that BPM was engaged.
+- **BPMTotalEntryEvents**  Total number of times entering BPM.
+- **BPMv4CurrentlyEngaged**  Instantaneous snapshot if BPM is engaged on device.
+- **BPMv4ExitCriteria**  What is the BPM exit criteria - 20%SOC or 50%SOC?.
+- **BPMv4HvtCountA**  Current HVT count for BPM counter A.
+- **BPMv4HvtCountB**  Current HVT count for BPM counter B.
+- **BPMv4RsocBucketsHighTemp_Values**  Time in temperature range 46°C -60°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMv4RsocBucketsLowTemp_Values**  Time in temperature range 0°C -20°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMv4RsocBucketsMediumHighTemp_Values**  Time in temperature range 36°C -45°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMv4RsocBucketsMediumLowTemp_Values**  Time in temperature range 21°C-35°C and in the following true RSOC ranges: 0%-49%; 50%-79%; 80%-89%; 90%-94%; 95%-100%.
+- **BPMv4TotalEngagedMinutes**  Total time that BPM was engaged.
+- **BPMv4TotalEntryEvents**  Total number of times entering BPM.
+- **ComponentId**  Component ID.
+- **FwVersion**  FW version that created this log.
+- **LogClass**  Log Class.
+- **LogInstance**  Log instance within class (1..n).
+- **LogVersion**  Log MGR version.
+- **MCUInstance**  Instance ID used to identify multiple MCUs in a product.
+- **ProductId**  Product ID.
+- **SeqNum**  Sequence Number.
+- **TimeStamp**  UTC seconds when log was created.
+- **Ver**  Schema version.
+
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEventV2_CTT
+
+This event includes the hardware level data about battery performance. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **batteryPresent**  Battery present on device.
+- **BPMKioskModeStartDateInSeconds**  First time Battery Limit was turned on.
+- **BPMKioskModeTotalEngagedMinutes**  Total time Battery Limit was on (SOC value at 50%).
+- **ComponentId**  Component ID.
+- **CTTEqvTimeat35C**  Poll time every minute. Add to lifetime counter based on temperature. Only count time above 80% SOC.
+- **CTTEqvTimeat35CinBPM**  Poll time every minute. Add to lifetime counter based on temperature. Only count time above 55% SOC and when device is in BPM. Round up.
+- **CTTMinSOC1day**  Rolling 1 day minimum SOC. Value set to 0 initially.
+- **CTTMinSOC28day**  Rolling 28 day minimum SOC. Value set to 0 initially.
+- **CTTMinSOC3day**  Rolling 3 day minimum SOC. Value set to 0 initially.
+- **CTTMinSOC7day**  Rolling 7 day minimum SOC. Value set to 0 initially.
+- **CTTReduction**  Current CTT reduction in mV	
+- **CTTStartDateInSeconds**  Start date from when device was starting to be used.
+- **currentAuthenticationState**  Current Authentication State.
+- **FwVersion**  FW version that created this log.
+- **LogClass**  LOG CLASS.
+- **LogInstance**  Log instance within class (1..n).
+- **LogVersion**  LOG MGR VERSION.
+- **MCUInstance**  Instance ID used to identify multiple MCUs in a product.
+- **newSnFruUpdateCount**  New Sn FRU Update Count.
+- **newSnUpdateCount**  New Sn Update Count.
+- **ProductId**  Product ID.
+- **ProtectionPolicy**  Battery limit engaged. True (0 False).
+- **SeqNum**  Sequence Number.
+- **TimeStamp**  UTC seconds when log was created.
+- **Ver**  Schema version.
+- **VoltageOptimization**  Current CTT reduction in mV.
+
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEventV2_GG
+
+This event includes the hardware level data about battery performance. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **cbTimeCell_Values**  cb time for different cells.
+- **ComponentId**  Component ID.
+- **cycleCount**  Cycle Count.
+- **deltaVoltage**  Delta voltage.
+- **eocChargeVoltage_Values**  EOC Charge voltage values.
+- **fullChargeCapacity**  Full Charge Capacity.
+- **FwVersion**  FW version that created this log.
+- **lastCovEvent**  Last Cov event.
+- **lastCuvEvent**  Last Cuv event.
+- **LogClass**  LOG_CLASS.
+- **LogInstance**  Log instance within class (1..n).
+- **LogVersion**  LOG_MGR_VERSION.
+- **manufacturerName**  Manufacturer name.
+- **maxChargeCurrent**  Max charge current.
+- **maxDeltaCellVoltage**  Max delta cell voltage.
+- **maxDischargeCurrent**  Max discharge current.
+- **maxTempCell**  Max temp cell.
+- **maxVoltage_Values**  Max voltage values.
+- **MCUInstance**  Instance ID used to identify multiple MCUs in a product.
+- **minTempCell**  Min temp cell.
+- **minVoltage_Values**  Min voltage values.
+- **numberOfCovEvents**  Number of Cov events.
+- **numberOfCuvEvents**  Number of Cuv events.
+- **numberOfOCD1Events**  Number of OCD1 events.
+- **numberOfOCD2Events**  Number of OCD2 events.
+- **numberOfQmaxUpdates**  Number of Qmax updates.
+- **numberOfRaUpdates**  Number of Ra updates.
+- **numberOfShutdowns**  Number of shutdowns.
+- **pfStatus_Values**  pf status values.
+- **ProductId**  Product ID.
+- **qmax_Values**  Qmax values for different cells.
+- **SeqNum**  Sequence Number.
+- **TimeStamp**  UTC seconds when log was created.
+- **Ver**  Schema version.
+
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEventV2_GGExt
+
+This event includes the hardware level data about battery performance. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **avgCurrLastRun**  Average current last run.
+- **avgPowLastRun**  Average power last run.
+- **batteryMSPN**  BatteryMSPN
+- **batteryMSSN**  BatteryMSSN.
+- **cell0Ra3**  Cell0Ra3.
+- **cell1Ra3**  Cell1Ra3.
+- **cell2Ra3**  Cell2Ra3.
+- **cell3Ra3**  Cell3Ra3.
+- **ComponentId**  Component ID.
+- **currentAtEoc**  Current at Eoc.
+- **firstPFstatusA**  First PF status-A.
+- **firstPFstatusB**  First PF status-B.
+- **firstPFstatusC**  First PF status-C.
+- **firstPFstatusD**  First PF status-D.
+- **FwVersion**  FW version that created this log.
+- **lastQmaxUpdate**  Last Qmax update.
+- **lastRaDisable**  Last Ra disable.
+- **lastRaUpdate**  Last Ra update.
+- **lastValidChargeTerm**  Last valid charge term.
+- **LogClass**  LOG CLASS.
+- **LogInstance**  Log instance within class (1..n).
+- **LogVersion**  LOG MGR VERSION.
+- **maxAvgCurrLastRun**  Max average current last run.
+- **maxAvgPowLastRun**  Max average power last run.
+- **MCUInstance**  Instance ID used to identify multiple MCUs in a product.
+- **mfgInfoBlockB01**  MFG info Block B01.
+- **mfgInfoBlockB02**  MFG info Block B02.
+- **mfgInfoBlockB03**  MFG info Block B03.
+- **mfgInfoBlockB04**  MFG info Block B04.
+- **numOfRaDisable**  Number of Ra disable.
+- **numOfValidChargeTerm**  Number of valid charge term.
+- **ProductId**  Product ID.
+- **qmaxCycleCount**  Qmax cycle count.
+- **SeqNum**  Sequence Number.
+- **stateOfHealthEnergy**  State of health energy.
+- **stateOfHealthFcc**  State of health Fcc.
+- **stateOfHealthPercent**  State of health percent.
+- **TimeStamp**  UTC seconds when log was created.
+- **totalFwRuntime**  Total FW runtime.
+- **updateStatus**  Update status.
+- **Ver**  Schema version.
+
+
+### Microsoft.Surface.Battery.Prod.BatteryInfoEventV3
+
+Hardware level data about battery performance.
+
+The following fields are available:
+
+- **BatteryTelemetry**  Hardware Level Data about battery performance.
+- **ComponentId**  Component ID.
+- **FwVersion**  FW version that created this log.
+- **LogClass**  LOG CLASS.
+- **LogInstance**  Log instance within class (1..n).
+- **LogVersion**  LOG MGR VERSION.
+- **MCUInstance**  Instance ID used to identify multiple MCUs in a product.
+- **ProductId**  ProductId ID.
+- **SeqNum**  Sequence Number.
+- **TimeStamp**  UTC seconds when log was created.
+- **Ver**  Schema version.
+
+
+## Update Assistant events
+
+### Microsoft.Windows.RecommendedTroubleshootingService.MitigationFailed
+
+This event is raised after an executable delivered by Mitigation Service has run and failed. Data from this event is used to measure the health of mitigations used by engineers to solve in-market problems on internal, insider, and retail devices. Failure data will also be used for root-cause investigation by feature teams, as signal to halt mitigation rollout and, possible follow-up action on specific devices still impacted by the problem because the mitigation failed (that is, reoffer it to impacted devices). The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **activeProcesses**  Number of active processes.
+- **atleastOneMitigationSucceeded**  Bool flag indicating if at least one mitigation succeeded.
+- **callerId**  Identifier (GUID) of the caller requesting a system initiated troubleshooter.
+- **contactTSServiceAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to get Troubleshooter metadata from the Troubleshooting cloud service.
+- **countDownloadedPayload**  Count instances of payload downloaded.
+- **description**  Description of failure.
+- **devicePreference**  Recommended Troubleshooting Setting on the device.
+- **downloadBinaryAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to download Troubleshooter Exe.
+- **downloadCabAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to download PrivilegedActions Cab.
+- **executionHR**  HR code of the execution of the mitigation.
+- **executionPreference**  Current Execution level Preference. This may not be same as devicePreference, for example, when executing Critical troubleshooters, the executionPreference is set to the Silent option.
+- **exitCode**  Exit code of the execution of the mitigation.
+- **experimentFeatureId**  Experiment feature ID.
+- **experimentFeatureState**  Config state of the experiment.
+- **hr**  HRESULT for error code.
+- **isActiveSessionPresent**  If an active user session is present on the device.
+- **isCriticalMitigationAvailable**  If a critical mitigation is available to this device.
+- **isFilteringSuccessful**  If the filtering operation was successful.
+- **isReApply**  reApply status for the mitigation.
+- **mitigationId**  ID value of the mitigation.
+- **mitigationProcessCycleTime**  Process cycle time used by the mitigation.
+- **mitigationRequestWithCompressionFailed**  Boolean flag indicating if HTTP request with compression failed for this device.
+- **mitigationServiceResultFetched**  Boolean flag indicating if mitigation details were fetched from the admin service.
+- **mitigationVersion**  String indicating version of the mitigation.
+- **oneSettingsMetadataParsed**  If OneSettings metadata was parsed successfully.
+- **oneSettingsSchemaVersion**  Schema version used by the OneSettings parser.
+- **onlyNoOptMitigationsPresent**  Checks if all mitigations were no opt.
+- **parsedOneSettingsFile**  Indicates if OneSettings parsing was successful.
+- **sessionAttempts**  Number of Scanner sessions attempted so far by TroubleshootingSvc for this troubleshooter.
+- **SessionId**  Random GUID used for grouping events in a session.
+- **subType**  Error type.
+- **totalKernelTime**  Total kernel time used by the mitigation.
+- **totalNumberOfApplicableMitigations**  Total number of applicable mitigations.
+- **totalProcesses**  Total number of processes assigned to the job object.
+- **totalTerminatedProcesses**  Total number of processes in terminated state assigned to the job object.
+- **totalUserTime**  Total user mode time used by the job object.
+
+
+### Microsoft.Windows.RecommendedTroubleshootingService.MitigationSucceeded
+
+This event is raised after an executable delivered by Mitigation Service has successfully run. Data from this event is used to measure the health of mitigations used by engineers to solve in-market problems on internal, insider, and retail devices. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **activeProcesses**  Number of active processes.
+- **callerId**  Identifier (GUID) of the caller requesting a system initiated troubleshooter.
+- **contactTSServiceAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to get Troubleshooter metadata from the Troubleshooting cloud service.
+- **devicePreference**  Recommended troubleshooting setting on the device.
+- **downloadBinaryAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to download Troubleshooter Exe.
+- **downloadCabAttempts**  Number of attempts made by TroubleshootingSvc in a single Scanner session to download PrivilegedActions Cab.
+- **executionPreference**  Current Execution level Preference. This may not be same as devicePreference, for example, when executing Critical troubleshooters, the executionPreference is set to the Silent option.
+- **exitCode**  Exit code of the execution of the mitigation.
+- **exitCodeDefinition**  String describing the meaning of the exit code returned by the mitigation (that is, ProblemNotFound).
+- **experimentFeatureId**  Experiment feature ID.
+- **experimentFeatureState**  Feature state for the experiment.
+- **mitigationId**  ID value of the mitigation.
+- **mitigationProcessCycleTime**  Process cycle time used by the mitigation.
+- **mitigationVersion**  String indicating version of the mitigation.
+- **sessionAttempts**  Number of Scanner sessions attempted so far by TroubleshootingSvc for this troubleshooter.
+- **SessionId**  Random GUID used for grouping events in a session.
+- **totalKernelTime**  Total kernel time used by the mitigation.
+- **totalProcesses**  Total number of processes assigned to the job object.
+- **totalTerminatedProcesses**  Total number of processes in terminated state assigned to the job object.
+- **totalUserTime**  Total user mode time used by the job object.
+
+
+## Update events
+
+### Update360Telemetry.FellBackToDownloadingAllPackageFiles
+
+This event indicates whether a failure occurred during Missing File List generation and is applicable to Quality Update downloads.
+
+The following fields are available:
+
+- **ErrorCode**  Error code returned during Missing File List generation.
+- **FlightId**  Unique ID for each flight.
+- **ObjectId**  Unique ID for each flight.
+- **Package**  Name of the package for which Missing File List generation failed and we fell back to downloading all package files.
+- **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **ScenarioId**  Indicates the update scenario.
+- **SessionId**  Unique value for each attempt (same value for initialize, download, install commit phases).
+- **UpdateId**  Unique ID for each Update.
+
+
+### Update360Telemetry.UpdateAgentCommit
+
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CancelRequested**  Boolean that indicates whether cancel was requested.
+- **ErrorCode**  The error code returned for the current install phase.
+- **FlightId**  Unique ID for each flight.
+- **ObjectId**  Unique value for each Update Agent mode.
+- **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **Result**  Outcome of the install phase of the update.
+- **ScenarioId**  Indicates the update scenario.
+- **SessionId**  Unique value for each update attempt.
+- **UpdateId**  Unique ID for each update.
+
+
+### Update360Telemetry.UpdateAgentPostRebootResult
+
+This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **ErrorCode**  The error code returned for the current post reboot phase.
+- **FlightId**  The specific ID of the Windows Insider build the device is getting.
+- **ObjectId**  Unique value for each Update Agent mode.
+- **PostRebootResult**  Indicates the Hresult.
+- **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **RollbackFailureReason**  Indicates the cause of the rollback.
+- **ScenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
+- **SessionId**  Unique value for each update attempt.
+- **UpdateId**  Unique ID for each update.
+- **UpdateOutputState**  A numeric value indicating the state of the update at the time of reboot.
+
+
+## Windows Error Reporting events
+
+### Microsoft.Windows.WERVertical.OSCrash
+
+This event sends binary data from the collected dump file whenever a bug check occurs, to help keep Windows up to date. This is the OneCore version of this event.
+
+The following fields are available:
+
+- **BootId**  Uint32 identifying the boot number for this device.
+- **BugCheckCode**  Uint64 "bugcheck code" that identifies a proximate cause of the bug check.
+- **BugCheckParameter1**  Uint64 parameter providing additional information.
+- **BugCheckParameter2**  Uint64 parameter providing additional information.
+- **BugCheckParameter3**  Uint64 parameter providing additional information.
+- **BugCheckParameter4**  Uint64 parameter providing additional information.
+- **DumpFileAttributes**  Codes that identify the type of data contained in the dump file
+- **DumpFileSize**  Size of the dump file
+- **IsValidDumpFile**  True if the dump file is valid for the debugger, false otherwise
+- **ReportId**  WER Report Id associated with this bug check (used for finding the corresponding report archive in Watson).
+
+
+## Windows Hardware Error Architecture events
+
+### WheaProvider.WheaDriverErrorExternal
+
+This event is sent when a common platform hardware error is recorded by an external WHEA error source driver. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **creatorId**  A GUID that identifies the entity that created the error record.
+- **errorFlags**  Flags set on the error record.
+- **notifyType**  A GUID that identifies the notification mechanism by which an error condition is reported to the operating system.
+- **partitionId**  A GUID that identifies the partition on which the hardware error occurred.
+- **platformId**  A GUID that identifies the platform on which the hardware error occurred.
+- **record**  A binary blob containing the full error record. Due to the nature of common platform error records we have no way of fully parsing this blob for any given record.
+- **recordId**  The identifier of the error record. This identifier is unique only on the system that created the error record.
+- **sectionFlags**  The flags for each section recorded in the error record.
+- **sectionTypes**  A GUID that represents the type of sections contained in the error record.
+- **severityCount**  The severity of each individual section.
+- **timeStamp**  Error time stamp as recorded in the error record.
+
+
+### WheaProvider.WheaDriverExternalLogginLimitReached
+
+This event indicates that WHEA has reached the logging limit for critical events from external drivers. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **timeStamp**  Time at which the logging limit was reached.
+
+
+## Windows Store events
+
+### Microsoft.Windows.StoreAgent.Telemetry.AbortedInstallation
+
+This event is sent when an installation or update is canceled by a user or the system and is used to help keep Windows Apps up to date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all packages to be downloaded and installed.
+- **AttemptNumber**  Number of retry attempts before it was canceled.
+- **BundleId**  The Item Bundle ID.
+- **CategoryId**  The Item Category ID.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  The result code of the last action performed before this operation.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Was this requested by a user?
+- **IsMandatory**  Was this a mandatory update?
+- **IsRemediation**  Was this a remediation install?
+- **IsRestore**  Is this automatically restoring a previously acquired product?
+- **IsUpdate**  Flag indicating if this is an update.
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The product family name of the product being installed.
+- **ProductId**  The identity of the package or packages being installed.
+- **SystemAttemptNumber**  The total number of automatic attempts at installation before it was canceled.
+- **UserAttemptNumber**  The total number of user attempts at installation before it was canceled.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.BeginAcquireLicense
+
+During App Installs and updates, a license is acquired to ensure the app/machine has an entitlement to the app.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The name(s) of all packages to be downloaded and installed.
+- **AttemptNumber**  Total number of install attempts before this operation.
+- **BundleId**  The identity of the flight associated with this product.
+- **CategoryId**  The identity of the package(s) being installed.
+- **ClientAppId**  Client App Id (different in case of auto updates or interactive updates from the app).
+- **IsBundle**  The identity of the app that initiated this operation.
+- **IsInteractive**  True if this operation was requested by a user.
+- **IsMandatory**  True if this is a mandatory update.
+- **IsRemediation**  True if this install is repairing a previous install.
+- **IsRestore**  True when automatically restoring a previously acquired product.
+- **IsUpdate**  True if this is a product update.
+- **ParentBundleId**  The Product ID of the parent if this product is part of a bundle.
+- **PFN**  Product Family Name of this product being installed.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  Total number of automatic attempts to install before cancellation.
+- **UserAttemptNumber**  Total number of user attempts to install before cancellation.
+- **WUContentId**  Licensing identity of this package.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.BeginDownload
+
+This event is fired during the app update or install process when actual bits are being downloaded, this particular event is fired at the beginning of the process to indicate a state change to "Downloading". StoreAgent events are needed to help keep Windows pre-installed 1st party apps up to date and secure such as the mail and calendar apps. App update failure can be unique across devices and without this data from every device we won't be able to track the success/failure and fix any future vulnerabilities related to these built-in Windows Apps.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The name(s) of all packages to be downloaded and installed.
+- **AttemptNumber**  Total number of install attempts before this operation.
+- **BundleId**  The identity of the flight associated with this product.
+- **CategoryId**  The identity of the package(s) being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **IsBundle**  True if this is a bundle.
+- **IsInteractive**  True if this operation was requested by a user.
+- **IsMandatory**  True if this is a mandatory update.
+- **IsRemediation**  True if this install is repairing a previous install.
+- **IsRestore**  True when automatically restoring a previously acquired product.
+- **IsUpdate**  True if this is a product update.
+- **ParentBundleId**  The product ID of the parent if this product is part of a bundle.
+- **PFN**  Product Family Name of app being downloaded.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  Total number of automatic attempts to install before cancellation.
+- **UserAttemptNumber**  Total number of user attempts to install before cancellation.
+- **WUContentId**  NLicensing identity of this package.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.BeginGetFreeEntitlement
+
+Tracks the beginning of the call to get a free app entitlement.
+
+The following fields are available:
+
+- **CampaignId**  Marketing Campaign Identifier.
+- **StoreId**  App Store Catalog Id.
+- **UseDeviceId**  Boolean value to select whether the entitlement should be a device versus a user entitlement.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.BeginInstall
+
+This event is fired near the end stage of a new app install or update after the bits have been downloaded. StoreAgent events are needed to help keep Windows pre-installed 1st party apps up to date and secure such as the mail and calendar apps. App update failure can be unique across devices and without this data from every device we won't be able to track the success/failure and fix any future vulnerabilities related to these built-in Windows Apps.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The name(s) of all packages to be downloaded and installed.
+- **AttemptNumber** Total number of install attempts before this operation.
+- **BundleId**  The identity of the flight associated with this product.
+- **CategoryId**  The identity of the package(s) being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **IsBundle**  True if this is a bundle.
+- **IsInteractive**  True if this operation was requested by a user.
+- **IsMandatory**  True if this is a mandatory update.
+- **IsRemediation**  True if this install is repairing a previous install.
+- **IsRestore**  True when automatically restoring a previously acquired product.
+- **IsUpdate**  True if this is a product update.
+- **ParentBundleId**  The product ID of the parent if this product is part of a bundle.
+- **PFN**  The name(s) of the package(s) requested for install.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  Total number of automatic attempts to install.
+- **UserAttemptNumber**  Total number of user attempts to install.
+- **WUContentId**  Licensing identity of this package.
+
+### Microsoft.Windows.StoreAgent.Telemetry.BeginSearchUpdatePackages
+
+This event is fired when looking for app updates.
+
+The following fields are available:
+
+- **AttemptNumber**  Total number of install attempts before this operation.
+- **BundleId**  The identity of the flight associated with this product.
+- **CategoryId**  The identity of the package(s) being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **IsBundle**  True if this is a bundle.
+- **IsInteractive**  True if this operation was requested by a user.
+- **IsMandatory**  True if this is a mandatory update.
+- **IsRemediation**  True if this install is repairing a previous install.
+- **IsRestore**  True when automatically restoring a previously acquired product.
+- **IsUpdate**  True if this is a product update.
+- **ParentBundleId**  The product ID of the parent if this product is part of a bundle.
+- **PFN**  The name(s) of the package(s) requested for install.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  Total number of automatic attempts to install.
+- **UserAttemptNumber**  Total number of user attempts to install.
+- **WUContentId**  Licensing identity of this package.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.BlockLowPriorityWorkItems
+
+This event is fired when the BlockLowPriorityWorkItems method is called, stopping the queue from installing LowPriority work items.
+
+The following fields are available:
+
+- **ClientId**  Client ID of the caller.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.CancelInstallation
+
+This event is sent when an app update or installation is canceled while in interactive mode. This can be canceled by the user or the system. It's used to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all package or packages to be downloaded and installed.
+- **AttemptNumber**  Total number of installation attempts.
+- **BundleId**  The identity of the Windows Insider build that is associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Was this requested by a user?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this an automatic restore of a previously acquired product?
+- **IsUpdate**  Is this a product update?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The name of all packages to be downloaded and installed.
+- **PreviousHResult**  The previous HResult code.
+- **PreviousInstallState**  Previous installation state before it was canceled.
+- **ProductId**  The name of the package or packages requested for installation.
+- **RelatedCV**  Correlation Vector of a previous performed action on this product.
+- **SystemAttemptNumber**  Total number of automatic attempts to install before it was canceled.
+- **UserAttemptNumber**  Total number of user attempts to install before it was canceled.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndAcquireLicense
+
+This event is sent after the license is acquired when a product is being installed. It's used to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  Includes a set of package full names for each app that is part of an atomic set.
+- **AttemptNumber**  The total number of attempts to acquire this product.
+- **BundleId**  The bundle ID
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  HResult code to show the result of the operation (success/failure).
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Did the user initiate the installation?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this happening after a device restore?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
+- **PFN**  Product Family Name of the product being installed.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  The number of attempts by the system to acquire this product.
+- **UserAttemptNumber**  The number of attempts by the user to acquire this product
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndDownload
+
+This event is sent after an app is downloaded to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The name of all packages to be downloaded and installed.
+- **AttemptNumber**  Number of retry attempts before it was canceled.
+- **BundleId**  The identity of the Windows Insider build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **DownloadSize**  The total size of the download.
+- **ExtendedHResult**  Any extended HResult error codes.
+- **HResult**  The result code of the last action performed.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this initiated by the user?
+- **IsMandatory**  Is this a mandatory installation?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this a restore of a previously acquired product?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
+- **PFN**  The Product Family Name of the app being download.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  The number of attempts by the system to download.
+- **UserAttemptNumber**  The number of attempts by the user to download.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndFrameworkUpdate
+
+This event is sent when an app update requires an updated Framework package and the process starts to download it. It's used to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **HResult**  The result code of the last action performed before this operation.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndGetFreeEntitlement
+
+Telemetry is fired at the end of the call to request a free app entitlement, which will make a server call to get the entitlement.
+
+The following fields are available:
+
+- **CampaignId**  Campaign marketing Id.
+- **HResult**  Error result.
+- **StoreId**  Store Catalog Id of item requesting ownership.
+- **UseDeviceId**  Boolean value to select whether the entitlement should be a device versus a user entitlement.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndInstall
+
+This event is sent after a product has been installed to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all packages to be downloaded and installed.
+- **AttemptNumber**  The number of retry attempts before it was canceled.
+- **BundleId**  The identity of the build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **ExtendedHResult**  The extended HResult error code.
+- **HResult**  The result code of the last action performed.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this an interactive installation?
+- **IsMandatory**  Is this a mandatory installation?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this automatically restoring a previously acquired product?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  Product Family Name of the product being installed.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  The total number of system attempts.
+- **UserAttemptNumber**  The total number of user attempts.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndScanForUpdates
+
+This event is sent after a scan for product updates to determine if there are packages to install. It's used to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AutoUpdateWorkScheduledWithUOTime**  The time when work was first scheduled with UO. Value deleted when UO calls UnblockLowPriorityWorkItems.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  The result code of the last action performed.
+- **IsApplicability**  Is this request to only check if there are any applicable packages to install?
+- **IsInteractive**  Is this user requested?
+- **IsOnline**  Is the request doing an online check?
+- **NumberOfApplicableUpdates**  The number of packages returned by this operation.
+- **PFN**  The PackageFullName of the app currently installed on the machine. This operation is scanning for an update for this app. Value will be empty if operation is scanning for updates for more than one app.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndSearchUpdatePackages
+
+This event is sent after searching for update packages to install. It's used to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all packages to be downloaded and installed.
+- **AttemptNumber**  The total number of retry attempts before it was canceled.
+- **BundleId**  The identity of the build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  The result code of the last action performed.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this user requested?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this restoring previously acquired content?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The name of the package or packages requested for install.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  The total number of system attempts.
+- **UserAttemptNumber**  The total number of user attempts.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.EndStageUserData
+
+This event is sent after restoring user data (if any) that needs to be restored following a product install. It's used to keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The name of all packages to be downloaded and installed.
+- **AttemptNumber**  The total number of retry attempts before it was canceled.
+- **BundleId**  The identity of the build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  The result code of the last action performed.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this user requested?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this restoring previously acquired content?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The name of the package or packages requested for install.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SystemAttemptNumber**  The total number of system attempts.
+- **UserAttemptNumber**  The total number of system attempts.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.FulfillmentComplete
+
+This event is sent at the end of an app install or update to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **CatalogId**  The name of the product catalog from which this app was chosen.
+- **FailedRetry**  Indicates whether the installation or update retry was successful.
+- **HResult**  The HResult code of the operation.
+- **PFN**  The Package Family Name of the app that is being installed or updated.
+- **ProductId**  The product ID of the app that is being updated or installed.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.FulfillmentInitiate
+
+This event is sent at the beginning of an app install or update to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **CatalogId**  The name of the product catalog from which this app was chosen.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **FulfillmentPluginId**  The ID of the plugin needed to install the package type of the product.
+- **InstalledPFuN**  Package Full Name of the app that is installed and will be updated.
+- **PFN**  The Package Family Name of the app that is being installed or updated.
+- **PluginTelemetryData**  Diagnostic information specific to the package-type plug-in.
+- **PluginWorkCreationHr**  Resulting HResult error/success code from plugin work creation.	
+- **ProductId**  The product ID of the app that is being updated or installed.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.InstallOperationRequest
+
+This event is sent when a product install or update is initiated, to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **BundleId**  The identity of the build associated with this product.
+- **CatalogId**  If this product is from a private catalog, the Store Product ID for the product being installed.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SkuId**  Specific edition ID being installed.
+- **VolumePath**  The disk path of the installation.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.InstallRequestReceived
+
+This event is sent when a product install request is received by AppInstallManager.
+
+The following fields are available:
+
+- **ClientId**  Client ID of the caller.
+- **StoreId**  The Store ID for the product being installed.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.PauseInstallation
+
+This event is sent when a product install or update is paused (either by a user or the system), to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all packages to be downloaded and installed.
+- **AttemptNumber**  The total number of retry attempts before it was canceled.
+- **BundleId**  The identity of the build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this user requested?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this restoring previously acquired content?
+- **IsUpdate**  Is this an update?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The Product Full Name.
+- **PreviousHResult**  The result code of the last action performed before this operation.
+- **PreviousInstallState**  Previous state before the installation or update was paused.
+- **ProductId**  The Store Product ID for the product being installed.
+- **RelatedCV**  Correlation Vector of a previous performed action on this product.
+- **SystemAttemptNumber**  The total number of system attempts.
+- **UserAttemptNumber**  The total number of user attempts.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.QueueStuckError
+
+This event indicates that the Install Queue is in a stuck state.
+
+The following fields are available:
+
+- **ItemLifetimeInSeconds**  The amount of time elapsed since the item had been created in seconds at the time of the error.
+- **OpenSlots**  The number of open slots in the queue at the time of the error.
+- **PendingItems**  The number of pending items in the queue at the time of the error.
+- **QueueItems**  The number of items in the queue at the time of the error.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.RestoreDeviceMetrics
+
+This event provides an informational summary of the apps returned from the restorable apps data store.
+
+The following fields are available:
+
+- **DeferredAppIds**  The number of backed-up apps that will be auto-installed at an optimal time for the machine, determined by the policies of a Windows component called the Universal Orchestrator.
+- **DelayedAppIds**  The number of backed-up apps that will be auto-installed one hour after device setup.
+- **NumBackupApps**  The number of apps returned from the restorable apps data store.
+- **NumCompatibleApps**  The number of backed-up apps reported by compatibility service to be compatible.
+- **NumIncompatibleApps**  The number of backed-up apps reported by compatibility service to be incompatible.
+- **NumProcessedBackupApps**  The number of backed-up apps for which we have instructed AppRestore Service to create a placeholder.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.RestoreError
+
+This event indicates a blocking error occurred during the restore compatibility check.
+
+The following fields are available:
+
+- **ErrorCode**  The error code associated with the error.
+- **ErrorLocation**  The location of the error.
+- **ErrorMessage**  The message associated with the error.
+- **ErrorMethod**  The method the error occurred in.
+- **ErrorName**  The name of the error.
+- **ErrorType**  The type of the error.
+- **LineNumber**  The line number the error occurred on.
+- **Severity**  The severity level of the error.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.ResumeInstallation
+
+This event is sent when a product install or update is resumed (either by a user or the system), to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **AggregatedPackageFullNames**  The names of all packages to be downloaded and installed.
+- **AttemptNumber**  The number of retry attempts before it was canceled.
+- **BundleId**  The identity of the build associated with this product.
+- **CategoryId**  The identity of the package or packages being installed.
+- **ClientAppId**  The identity of the app that initiated this operation.
+- **HResult**  The result code of the last action performed before this operation.
+- **IsBundle**  Is this a bundle?
+- **IsInteractive**  Is this user requested?
+- **IsMandatory**  Is this a mandatory update?
+- **IsRemediation**  Is this repairing a previous installation?
+- **IsRestore**  Is this restoring previously acquired content?
+- **IsUpdate**  Is this an update?
+- **IsUserRetry**  Did the user initiate the retry?
+- **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
+- **PFN**  The name of the package or packages requested for install.
+- **PreviousHResult**  The previous HResult error code.
+- **PreviousInstallState**  Previous state before the installation was paused.
+- **ProductId**  The Store Product ID for the product being installed.
+- **RelatedCV**  Correlation Vector for the original install before it was resumed.
+- **ResumeClientId**  The ID of the app that initiated the resume operation.
+- **SystemAttemptNumber**  The total number of system attempts.
+- **UserAttemptNumber**  The total number of user attempts.
+- **WUContentId**  The Windows Update content ID.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.ResumeOperationRequest
+
+This event is sent when a product install or update is resumed by a user or on installation retries, to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **ProductId**  The Store Product ID for the product being installed.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.ScheduleWorkWithUO
+
+This event is fired when we schedule installs and/or updates with UO.
+
+The following fields are available:
+
+- **ClientId**  Client ID of the caller.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.SearchForUpdateOperationRequest
+
+This event is sent when searching for update packages to install, to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **CatalogId**  The Store Catalog ID for the product being installed.
+- **ProductId**  The Store Product ID for the product being installed.
+- **SkuId**  Specific edition of the app being updated.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.StateTransition
+
+Products in the process of being fulfilled (installed or updated) are maintained in a list. This event is sent any time there's a change in a product's fulfillment status (pending, working, paused, canceled, or complete), to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **CatalogId**  The ID for the product being installed if the product is from a private catalog, such as the Enterprise catalog.
+- **FulfillmentPluginId**  The ID of the plugin needed to install the package type of the product.
+- **HResult**  The resulting HResult error/success code of this operation.
+- **NewState**  The current fulfillment state of this product.
+- **PFN**  The Package Family Name of the app that is being installed or updated.
+- **PluginLastStage**  The most recent product fulfillment step that the plug-in has reported (different than its state).
+- **PluginTelemetryData**  Diagnostic information specific to the package-type plug-in.
+- **Prevstate**  The previous fulfillment state of this product.
+- **ProductId**  Product ID of the app that is being updated or installed.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.UnblockLowPriorityWorkItems
+
+This event is fired when the UnblockLowPriorityWorkItems method is called, changing the state of all LowPriority work items to working if AutoUpdateState is enabled.
+
+The following fields are available:
+
+- **ClientId**  Client ID of the caller.
+
+
+### Microsoft.Windows.StoreAgent.Telemetry.UpdateAppOperationRequest
+
+This event occurs when an update is requested for an app, to help keep Windows up-to-date and secure.
+
+The following fields are available:
+
+- **PFamN**  The name of the app that is requested for update.
+
+
+## Windows Update Delivery Optimization events
+
+### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
+
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **background**  Is the download being done in the background?
+- **bytesFromCacheServer**  Bytes received from a cache host.
+- **bytesFromCDN**  The number of bytes received from a CDN source.
+- **bytesFromGroupPeers**  The number of bytes received from a peer in the same group.
+- **bytesFromIntPeers**  The number of bytes received from peers not in the same LAN or in the same group.
+- **bytesFromLedbat**  The number of bytes received from a source using an Ledbat enabled connection.
+- **bytesFromLinkLocalPeers**  The number of bytes received from local peers.
+- **bytesFromLocalCache**  Bytes copied over from local (on disk) cache.
+- **bytesFromPeers**  The number of bytes received from a peer in the same LAN.
+- **cdnErrorCodes**  A list of CDN connection errors since the last FailureCDNCommunication event.
+- **cdnErrorCounts**  The number of times each error in cdnErrorCodes was encountered.
+- **cdnIp**  The IP Address of the source CDN (Content Delivery Network).
+- **cdnUrl**  The URL of the source CDN (Content Delivery Network).
+- **dataSourcesTotal**  Bytes received per source type, accumulated for the whole session.
+- **errorCode**  The error code that was returned.
+- **experimentId**  When running a test, this is used to correlate events that are part of the same test.
+- **fileID**  The ID of the file being downloaded.
+- **isVpn**  Is the device connected to a Virtual Private Network?
+- **jobID**  Identifier for the Windows Update job.
+- **predefinedCallerName**  The name of the API Caller.
+- **reasonCode**  Reason the action or event occurred.
+- **routeToCacheServer**  The cache server setting, source, and value.
+- **sessionID**  The ID of the file download session.
+- **sessionTimeMs**  The duration of the download session, spanning multiple jobs, in milliseconds.
+- **totalTimeMs**  The duration of the download, in milliseconds.
+- **updateID**  The ID of the update being downloaded.
+
+
+### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
+
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **background**  Is the download a background download?
+- **bytesFromCacheServer**  Bytes received from a cache host.
+- **bytesFromCDN**  The number of bytes received from a CDN source.
+- **bytesFromGroupPeers**  The number of bytes received from a peer in the same domain group.
+- **bytesFromIntPeers**  The number of bytes received from peers not in the same LAN or in the same domain group.
+- **bytesFromLedbat**  The number of bytes received from source using an Ledbat enabled connection.
+- **bytesFromLinkLocalPeers**  The number of bytes received from local peers.
+- **bytesFromLocalCache**  Bytes copied over from local (on disk) cache.
+- **bytesFromPeers**  The number of bytes received from a peer in the same LAN.
+- **bytesRequested**  The total number of bytes requested for download.
+- **cacheServerConnectionCount**  Number of connections made to cache hosts.
+- **cdnConnectionCount**  The total number of connections made to the CDN.
+- **cdnErrorCodes**  A list of CDN connection errors since the last FailureCDNCommunication event.
+- **cdnErrorCounts**  The number of times each error in cdnErrorCodes was encountered.
+- **cdnIp**  The IP address of the source CDN.
+- **cdnUrl**  Url of the source Content Distribution Network (CDN).
+- **congestionPrevention**  Indicates a download may have been suspended to prevent network congestion.
+- **dataSourcesTotal**  Bytes received per source type, accumulated for the whole session.
+- **downlinkBps**  The maximum measured available download bandwidth (in bytes per second).
+- **downlinkUsageBps**  The download speed (in bytes per second).
+- **downloadMode**  The download mode used for this file download session.
+- **downloadModeReason**  Reason for the download.
+- **downloadModeSrc**  Source of the DownloadMode setting.
+- **experimentId**  When running a test, this is used to correlate with other events that are part of the same test.
+- **expiresAt**  The time when the content will expire from the Delivery Optimization Cache.
+- **fileID**  The ID of the file being downloaded.
+- **fileSize**  The size of the file being downloaded.
+- **groupConnectionCount**  The total number of connections made to peers in the same group.
+- **groupID**  A GUID representing a custom group of devices.
+- **internetConnectionCount**  The total number of connections made to peers not in the same LAN or the same group.
+- **isEncrypted**  TRUE if the file is encrypted and will be decrypted after download.
+- **isThrottled**  Event Rate throttled (event represents aggregated data).
+- **isVpn**  Is the device connected to a Virtual Private Network?
+- **jobID**  Identifier for the Windows Update job.
+- **lanConnectionCount**  The total number of connections made to peers in the same LAN.
+- **linkLocalConnectionCount**  The number of connections made to peers in the same Link-local network.
+- **numPeers**  The total number of peers used for this download.
+- **numPeersLocal**  The total number of local peers used for this download.
+- **predefinedCallerName**  The name of the API Caller.
+- **restrictedUpload**  Is the upload restricted?
+- **routeToCacheServer**  The cache server setting, source, and value.
+- **rttMs**  Min, Max, Avg round-trip time to the source.
+- **rttRLedbatMs**  Min, Max, Avg round-trip time to a Ledbat enabled source.
+- **sessionID**  The ID of the download session.
+- **sessionTimeMs**  The duration of the session, in milliseconds.
+- **totalTimeMs**  Duration of the download (in seconds).
+- **updateID**  The ID of the update being downloaded.
+- **uplinkBps**  The maximum measured available upload bandwidth (in bytes per second).
+- **uplinkUsageBps**  The upload speed (in bytes per second).
+
+
+### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
+
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **background**  Is the download a background download?
+- **cdnUrl**  The URL of the source CDN (Content Delivery Network).
+- **errorCode**  The error code that was returned.
+- **experimentId**  When running a test, this is used to correlate with other events that are part of the same test.
+- **fileID**  The ID of the file being paused.
+- **isVpn**  Is the device connected to a Virtual Private Network?
+- **jobID**  Identifier for the Windows Update job.
+- **predefinedCallerName**  The name of the API Caller object.
+- **reasonCode**  The reason for pausing the download.
+- **routeToCacheServer**  The cache server setting, source, and value.
+- **sessionID**  The ID of the download session.
+- **sessionTimeMs**  The duration of the download session, spanning multiple jobs, in milliseconds.
+- **totalTimeMs**  The duration of the download, in milliseconds.
+- **updateID**  The ID of the update being paused.
+
+
+### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
+
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **background**  Indicates whether the download is happening in the background.
+- **bytesRequested**  Number of bytes requested for the download.
+- **callerAppPackageName**  The caller app package name.
+- **cdnUrl**  The URL of the source Content Distribution Network (CDN).
+- **costFlags**  A set of flags representing network cost.
+- **deviceProfile**  Identifies the usage or form factor (such as Desktop, Xbox, or VM).
+- **diceRoll**  Random number used for determining if a client will use peering.
+- **doClientVersion**  The version of the Delivery Optimization client.
+- **downloadMode**  The download mode used for this file download session (CdnOnly = 0, Lan = 1, Group = 2, Internet = 3, Simple = 99, Bypass = 100).
+- **downloadModeReason**  Reason for the download.
+- **downloadModeSrc**  Source of the DownloadMode setting (KvsProvider = 0, GeoProvider = 1, GeoVerProvider = 2, CpProvider = 3, DiscoveryProvider = 4, RegistryProvider = 5, GroupPolicyProvider = 6, MdmProvider = 7, SettingsProvider = 8, InvalidProviderType = 9).
+- **errorCode**  The error code that was returned.
+- **experimentId**  ID used to correlate client/services calls that are part of the same test during A/B testing.
+- **fileID**  The ID of the file being downloaded.
+- **filePath**  The path to where the downloaded file will be written.
+- **fileSize**  Total file size of the file that was downloaded.
+- **fileSizeCaller**  Value for total file size provided by our caller.
+- **groupID**  ID for the group.
+- **isEncrypted**  Indicates whether the download is encrypted.
+- **isThrottled**  Indicates the Event Rate was throttled (event represent aggregated data).
+- **isVpn**  Indicates whether the device is connected to a Virtual Private Network.
+- **jobID**  The ID of the Windows Update job.
+- **peerID**  The ID for this delivery optimization client.
+- **predefinedCallerName**  Name of the API caller.
+- **routeToCacheServer**  Cache server setting, source, and value.
+- **sessionID**  The ID for the file download session.
+- **setConfigs**  A JSON representation of the configurations that have been set, and their sources.
+- **updateID**  The ID of the update being downloaded.
+- **UusVersion**  The version of the undocked update stack.
+
+
+### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
+
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **cdnHeaders**  The HTTP headers returned by the CDN.
+- **cdnIp**  The IP address of the CDN.
+- **cdnUrl**  The URL of the CDN.
+- **errorCode**  The error code that was returned.
+- **errorCount**  The total number of times this error code was seen since the last FailureCdnCommunication event was encountered.
+- **experimentId**  When running a test, this is used to correlate with other events that are part of the same test.
+- **fileID**  The ID of the file being downloaded.
+- **httpStatusCode**  The HTTP status code returned by the CDN.
+- **isHeadRequest**  The type of  HTTP request that was sent to the CDN. Example: HEAD or GET
+- **peerType**  The type of peer (LAN, Group, Internet, CDN, Cache Host, etc.).
+- **requestOffset**  The byte offset within the file in the sent request.
+- **requestSize**  The size of the range requested from the CDN.
+- **responseSize**  The size of the range response received from the CDN.
+- **sessionID**  The ID of the download session.
+
+
+## Windows Update events
+
+### Microsoft.Windows.Update.Aggregator.UusCoreHealth.HealthAggregatorSummary
+
+This event is a summary of UUS health indicators.
+
+The following fields are available:
+
+- **Fallback**  Failover information.
+- **FlightId**  Payload that is being sent.
+- **IsStable**  Boolean if the payload is in image.
+- **Lock**  Lock identifier.
+- **UpdateId**  Update identifier.
+- **UusVersion**  Version of the undocked payload.
+- **VersionActivationsSinceLastBoot**  Number of activations since last reboot.
+
+
+### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInitialize
+
+This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **errorCode**  The error code returned for the current session initialization.
+- **flightId**  The unique identifier for each flight.
+- **flightMetadata**  Contains the FlightId and the build being flighted.
+- **objectId**  Unique value for each Update Agent mode.
+- **relatedCV**  Correlation vector value generated from the latest USO scan.
+- **result**  Result of the initialize phase of the update. 0 = Succeeded, 1 = Failed, 2 = Cancelled, 3 = Blocked, 4 = BlockCancelled.
+- **scenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
+- **sessionData**  Contains instructions to update agent for processing FODs and DUICs (Null for other scenarios).
+- **sessionId**  Unique value for each Update Agent mode attempt.
+- **updateId**  Unique ID for each update.
+
+
+### Microsoft.Windows.Update.Orchestrator.Client.AppUpdateInstallResult
+
+This event reports installation result details of expedited apps.
+
+The following fields are available:
+
+- **Completed**  Whether the installation completed.
+- **DeploymentAttempted**  Whether the deployment was attempted.
+- **DeploymentErrorCode**  The error code resulting from the deployment attempt.
+- **DeploymentExtendedErrorCode**  The extended error code resulting from the deployment attempt.
+- **InstallFailureReason**  On failure, the InstallFailureReason reported.
+- **OperationStatus**  OperationStatus result reported by the installation attempt.
+- **Succeeded**  Whether the installation succeeded.
+- **updaterId**  The UpdaterId associated with this expedited app.
+- **UusVersion**  The version of the UUS stack currently active.
+- **VelocityEnabled**  Whether the velocity tag for the expedited app is enabled.
+
+
+### Microsoft.Windows.Update.Orchestrator.Client.BizCriticalStoreAppInstallAlreadyRunning
+
+This event indicates that another instance is currently attempting to install business critical store updates.
+
+The following fields are available:
+
+- **UusVersion**  The version of the UUS Stack currently active.
+
+
+### Microsoft.Windows.Update.Orchestrator.Client.BizCriticalStoreAppInstallResult
+
+This event returns the result after installing a business critical store application. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **AppInstallState**  The application installation state.
+- **HRESULT**  The result code (HResult) of the install.
+- **PFN**  The package family name of the package being installed.
+- **updaterId**  The Id of the updater.
+- **UusVersion**  The version of the UUS stack currently active.
+
+
+### Microsoft.Windows.Update.Orchestrator.Client.EdgeUpdateResult
+
+This event sends data indicating the result of invoking the edge updater. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **ExitCode**  The exit code that was returned.
+- **HRESULT**  The result code (HResult) of the operation.
+- **UusVersion**  The version of the UUS stack currently active.
+- **VelocityEnabled**  A flag that indicates if velocity is enabled.
+- **WorkCompleted**  A flag that indicates if work is completed.
+
+
+### Microsoft.Windows.Update.Orchestrator.Client.MACUpdateInstallResult
+
+This event reports the installation result details of the MACUpdate expedited application.
+
+The following fields are available:
+
+- **Completed**  Indicates whether the installation is complete.
+- **DeploymentAttempted**  Whether the deployment was attempted.
+- **DeploymentErrorCode**  The error code resulting from the deployment attempt.
+- **DeploymentExtendedErrorCode**  The extended error code resulting from the deployment attempt.
+- **InstallFailureReason**  Indicates the reason an install failed.
+- **IsRetriableError**  Indications whether the error is retriable.
+- **OperationStatus**  Returns the operation status result reported by the installation attempt.
+- **Succeeded**  Indicates whether the installation succeeded.
+- **UusVersion**  The version of the UUS stack currently active.
+- **VelocityEnabled**  Indicates whether the velocity tag for MACUpdate is enabled.
+
+
+### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
+
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **configuredPoliciescount**  Number of policies on the device.
+- **policiesNamevaluesource**  Policy name and source of policy (group policy, MDM, or flight).
+- **updateInstalluxsetting**  Indicates whether a user has set policies via a user experience option.
+- **UusVersion**  Active version of UUS.
+
+
+### Microsoft.Windows.Update.Orchestrator.Worker.EulaAccepted
+
+Indicates that EULA for an update has been accepted.
+
+The following fields are available:
+
+- **HRESULT**  Was the EULA acceptance successful.
+- **publisherIntent**  Publisher Intent ID associated with the update.
+- **reason**  Reason for EULA acceptance.
+- **update**  Update for which EULA has been accepted.
+- **UusVersion**  The version of the UUS stack currently active.
+
+
+### Microsoft.Windows.Update.Orchestrator.Worker.OobeUpdateApproved
+
+This event signifies an update being approved around the OOBE time period. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **approved**  Flag to determine if it's approved or not.
+- **provider**  The provider related to which the update is approved.
+- **publisherIntent**  The publisher intent of the Update.
+- **update**  Additional information about the Update.
+- **UusVersion**  The version of the UUS Stack currently active.
+
+
+### Microsoft.Windows.Update.Orchestrator.Worker.SetIpuMode
+
+This event indicates that a provider is setting the inplace upgrade mode.
+
+The following fields are available:
+
+- **flightId**  Flight Identifier.
+- **mode**  The value being set.
+- **provider**  The provider that is getting the value.
+- **reason**  The reason the value is being set.
+- **uniqueId**  Update Identifier.
+- **UusVersion**  The version of the UUS Stack currently active.
+
+
+### Microsoft.Windows.Update.Orchestrator.Worker.UpdateActionCritical
+
+This event informs the update related action being performed around the OOBE timeframe. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **action**  The type of action being performed (Install or download etc.).
+- **connectivity**  Informs if the device is connected to network while this action is performed.
+- **freeDiskSpaceInMB**  Amount of free disk space.
+- **freeDiskSpaceInMBDelta**  Amount of free disk space.
+- **interactive**  Informs if this action is caused due to user interaction.
+- **nextAction**  Next action to be performed.
+- **priority**  The CPU and IO priority this action is being performed on.
+- **provider**  The provider that is being invoked to perform this action (WU, Legacy UO Provider etc.).
+- **publisherIntent**  ID for the metadata associated with the update.
+- **scenario**  The result of the action being performed.
+- **update**  Update related metadata including UpdateId.
+- **uptimeMinutes**  Duration USO for up for in the current boot session.
+- **uptimeMinutesDelta**  The change in device uptime while this action was performed.
+- **UusVersion**  The version of the UUS stack currently active.
+- **wilActivity**  Wil Activity related information.
+
+### Microsoft.Windows.Update.SIHClient.CheckForUpdatesStarted
+
+Scan event for Server Initiated Healing client.
+
+The following fields are available:
+
+- **CallerApplicationName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EventInstanceID**  A globally unique identifier for event instance.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **TargetMetadataVersion**  The detected version of the self healing engine that is currently downloading or downloaded.
+- **UusVersion**  UUS version.
+- **WUDeviceID**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+
+
+### Microsoft.Windows.Update.SIHClient.CheckForUpdatesSucceeded
+
+Scan event for Server Initiated Healing client
+
+The following fields are available:
+
+- **ApplicableUpdateInfo**  Metadata for the updates which were detected as applicable.
+- **CachedEngineVersion**  The engine DLL version that is being used.
+- **CallerApplicationName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EventInstanceID**  A globally unique identifier for event instance.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Launch event for Server Initiated Healing client.
+- **TargetMetadataVersion**  The detected version of the self healing engine that is currently downloading or downloaded.
+- **UusVersion**  Active UUS Version.
+- **WUDeviceID**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+
+
+### Microsoft.Windows.Update.SIHClient.DownloadSucceeded
+
+Download process event for target update on SIH Client.
+
+The following fields are available:
+
+- **CachedEngineVersion**  Version of the Cache Engine.
+- **CallerApplicationName**  Name of application making the Windows Update request. Used to identify context of request.
+- **DownloadType**  Type of Download.
+- **EventInstanceID**  ID of the Event Instance being fired.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **TargetMetadataVersion**  Version of the Metadata which is being targeted for an update.
+- **UpdateID**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+- **WUDeviceID**  Global Device ID utilized to identify Device.
+
+
+### Microsoft.Windows.Update.SIHClient.TaskRunCompleted
+
+This event is a launch event for Server Initiated Healing client.
+
+The following fields are available:
+
+- **CallerApplicationName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **CmdLineArgs**  Command line arguments passed in by the caller.
+- **EventInstanceID**  A globally unique identifier for event instance.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UusVersion**  The version of the Update Undocked Stack.
+- **WUDeviceID**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+
+
+### Microsoft.Windows.Update.SIHClient.TaskRunStarted
+
+This event is a launch event for Server Initiated Healing client.
+
+The following fields are available:
+
+- **CallerApplicationName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **CmdLineArgs**  Command line arguments passed in by the caller.
+- **EventInstanceID**  A globally unique identifier for event instance.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UusVersion**  The version of the Update Undocked Stack.
+- **WUDeviceID**  Unique device ID controlled by the software distribution client.
+
+
+### Microsoft.Windows.Update.Undocked.Brain.ActiveVersionUpdated
+
+This event gets fired when the active version of the Undocked Update Stack is being updated/
+
+The following fields are available:
+
+- **Fallback**  Initiated Process.
+- **FlightID**  FlightID associated.
+- **Lock**  Lock Group Name.
+- **MinutesSinceInstall**  Time to complete process.
+- **Stable**  Is VersionActive from stable.
+- **UpdateID**  Update identifier.
+- **VersionActive**  The now active version of the UUS stack.
+- **VersionPrevious**  The previous active version of the UUS stack.
+
+
+### Microsoft.Windows.Update.Undocked.Brain.FailoverVersionExcluded
+
+This event indicates Failover tried to exclude an UUS Version.
+
+The following fields are available:
+
+- **AlreadyExcluded**  Boolean.
+- **Exception**  The exception encountered during exclusion.
+- **ExclusionReason**  Reason for the exclusion.
+- **Success**  Success or failure indicator.
+- **VerFailover**  The actual UUS Version that failover was running for.
+
+
+### Microsoft.Windows.Update.Undocked.UpdateAgent.DownloadRequest
+
+Download request for undocked update agent
+
+The following fields are available:
+
+- **errorCode**  Error code.
+- **flightId**  FlightID of the package.
+- **rangeRequestState**  State of request for download range.
+- **relatedCV**  CV for telemetry mapping.
+- **result**  Result code.
+- **sessionId**  Logging identification.
+- **updateId**  Identifier for payload.
+- **uusVersion**  Version of the UUS stack being installed.
+
+
+### Microsoft.Windows.Update.Undocked.UpdateAgent.Initialize
+
+Initialization event of undocked update agent.
+
+The following fields are available:
+
+- **errorCode**  Error code.
+- **flightId**  FlightID of the package.
+- **flightMetadata**  Metadata.
+- **relatedCV**  CV for telemetry mapping.
+- **result**  Result code.
+- **sessionData**  Additional logging.
+- **sessionId**  Logging identification.
+- **updateId**  Identifier for payload.
+- **uusVersion**  Version of the UUS stack being installed.
+
+
+### Microsoft.Windows.Update.Undocked.UpdateAgent.Install
+
+Install event of undocked update agent.
+
+The following fields are available:
+
+- **errorCode**  Error code.
+- **flightId**  FlightID of the package.
+- **folderExists**  Boolean.
+- **packageNewer**  version of newer package.
+- **relatedCV**  CV for telemetry mapping.
+- **result**  Result code.
+- **retryCount**  result count.
+- **sessionId**  Logging identification.
+- **updateId**  Identifier for payload.
+- **uusVersion**  Version of the UUS stack being installed.
+
+
+### Microsoft.Windows.Update.Undocked.UpdateAgent.ModeStart
+
+Undocked update agent mode start event.
+
+The following fields are available:
+
+- **flightId**  FlightID of the package.
+- **mode**  Install or Download mode.
+- **relatedCV**  CV for telemetry mapping.
+- **sessionId**  Logging identification.
+- **updateId**  Identifier for payload.
+- **uusVersion**  Version of the UUS stack being installed.
+
+
+### Microsoft.Windows.Update.Undocked.UpdateAgent.Payload
+
+Payload event of undocked update agent.
+
+The following fields are available:
+
+- **errorCode**  Error code.
+- **fileCount**  Number of files to download.
+- **flightId**  FlightID of the package.
+- **mode**  Install or Download mode.
+- **relatedCV**  CV for telemetry mapping.
+- **result**  Result code.
+- **sessionId**  Logging identification.
+- **updateId**  Identifier for payload.
+- **uusVersion**  Version of the UUS stack being installed.
+
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesCanceled
+
+This event checks for updates canceled on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **AADDeviceTicketResult**  Identifies result of AAD Device Token Acquisition.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **NumFailedAudienceMetadataSignatures**  Number of audience Publisher Intent metadata signatures checks which failed for new metadata synced.
+- **NumFailedMetadataSignatures**  Number of metadata signatures checks which failed for new metadata synced download.
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **SyncType**  Describes the type of scan for this event (1-Full Sync, 2-Delta Sync, 3-Full CatScan Sync, 4-Delta CatScan Sync).
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesFailed
+
+This event checks for failed updates on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **AADDeviceTicketResult**  Identifies result of AAD Device Token Acquisition.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **FailedUpdateInfo**  Information about the update failure.
+- **HandlerInfo**  Blob of Handler related information.
+- **HandlerType**  Name of Handler.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **NumFailedAudienceMetadataSignatures**  Number of audience PublisherIntent metadata signatures checks which failed for new metadata synced.
+- **NumFailedMetadataSignatures**  Number of metadata signatures checks which failed for new metadata synced download.
+- **Props**  A bitmask for additional flags associated with the Windows Update request (IsInteractive, IsSeeker, AllowCachedResults, DriverSyncPassPerformed, IPv4, IPv6, Online, ExtendedMetadataIncl, WUfb).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult.).
+- **SyncType**  Describes the type of scan for this event (1-Full Sync, 2-Delta Sync, 3-Full CatScan Sync, 4-Delta CatScan Sync).
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UusVersion**  Active UUSVersion.
+
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesRetry
+
+This event checks for update retries on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **SyncType**  Describes the type of scan for this event (1-Full Sync, 2-Delta Sync, 3-Full CatScan Sync, 4-Delta CatScan Sync).
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesScanInitFailed
+
+This event checks for failed update initializations on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **AADDeviceTicketResult**  Identifies result of AAD Device Token Acquisition.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **NumFailedAudienceMetadataSignatures**  Number of audience PublisherIntent metadata signatures checks which failed for new metadata synced.
+- **NumFailedMetadataSignatures**  Number of metadata signatures checks which failed for new metadata synced download.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **SyncType**  Describes the type of scan the event was.
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UusVersion**  Active UUS version.
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesServiceRegistrationFailed
+
+This event checks for updates for failed service registrations the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **AADDeviceTicketResult**  Identifies result of AAD Device Token Acquisition.
+- **CallerName**  For drivers targeted to a specific device model, this is the version release of the drivers being distributed to the device.
+- **Context**  Context of failure.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **NumFailedAudienceMetadataSignatures**  Number of audience Publisher Intent metadata signatures checks which failed for new metadata synced.
+- **NumFailedMetadataSignatures**  Number of audience Publisher Intent metadata signatures checks which failed for new metadata synced download.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **SyncType**  Describes the type of scan the event was.
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.CheckForUpdatesSucceeded
+
+This event checks for successful updates on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **AADDeviceTicketInfo**  Identifies result of AAD Device Token Acquisition.
+- **AADDeviceTicketResult**  Identifies result of AAD Device Token Acquisition.
+- **ApplicableUpdateInfo**  Metadata for the updates which were detected as applicable.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **HandlerInfo**  HandlerInfo Blob.
+- **HandlerType**  HandlerType blob.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **NumberOfApplicableUpdates**  Number of updates which were ultimately deemed applicable to the system after detection process is complete.
+- **NumFailedAudienceMetadataSignatures**  Number of audience PublisherIntent metadata signatures checks which failed for new metadata synced.
+- **NumFailedMetadataSignatures**  Number of metadata signatures checks which failed for new metadata synced download.
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **ServiceUrl**  Environment URL for which a device is configured to scan.
+- **SyncType**  Describes the type of scan for this event (1-Full Sync, 2-Delta Sync, 3-Full CatScan Sync, 4-Delta CatScan Sync).
+- **UusVersion**  Active UUS version.
+- **WUFBInfo**  WufBinfoBlob.
+
+
+### Microsoft.Windows.Update.WUClient.CommitFailed
+
+This event checks for failed commits on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Indicates the purpose of the event - whether because scan started, succeeded, failed, etc.
+- **ExtendedStatusCode**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.CommitStarted
+
+This event tracks the commit started event on the Windows Update client. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Current active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.CommitSucceeded
+
+This event is used to track the commit succeeded process, after the update installation, when the software update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Indicates the purpose of the event - whether scan started, succeeded, failed, etc.
+- **FlightId**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **HandlerType**  The specific ID of the flight the device is getting.
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.DownloadCanceled
+
+This event tracks the download canceled event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Name of application making the Windows Update request. Used to identify context of request.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **DownloadPriority**  Indicates the priority of the download activity.
+- **DownloadStartTimeUTC**  Download start time to measure the length of the session.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerInfo**  HandlerInfo Blob.
+- **HandlerType**  HandlerType Blob.
+- **HostName**  Identifies the hostname.
+- **NetworkCost**  Identifies the network cost.
+- **NetworkRestrictionStatus**  When download is done, identifies whether network switch happened to restricted.
+- **Props**  A bitmask for additional flags associated with the download request.
+- **Reason** Cancel reason information.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.DownloadFailed
+
+This event tracks the download failed event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Name of application making the Windows Update request. Used to identify context of request.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Provides context about distribution stack for reporting.
+- **DownloadPriority**  Indicates the priority of the download activity.
+- **DownloadStartTimeUTC**  Start time to measure length of session.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerInfo**  HandlerInfo Blob.
+- **HandlerType**  HandlerType Blob.
+- **HostName**  Identifies the hostname.
+- **NetworkCost**  Identifies the network cost.
+- **NetworkRestrictionStatus**  When download is done, identifies whether network switch happened to restricted.
+- **Props**  Commit Props (MergedUpdate).
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.DownloadPaused
+
+This event is fired when the Download stage is paused.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **DownloadPriority**  Indicates the priority of the download activity.
+- **EventType**  Indicates the purpose of the event - whether because scan started, succeeded, failed, etc.
+- **FlightId**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **HandlerInfo**  Blob of Handler related information.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate)
+- **RegulationResult**  The result code (HResult) of the last attempt to contact the regulation web service for download regulation of update content.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClient.DownloadQueued
+
+This event tracks the download queued event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **DownloadPriority**  Indicates the priority of the download activity.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerInfo**  Blob of Handler related information.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate)
+- **QueuedReason**  The reason in which a download has been queued.
+- **RegulationResult**  The result code (HResult) of the last attempt to contact the regulation web service for download regulation of update content.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClient.DownloadResumed
+
+This event is fired when the Download of content is continued from a pause state.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **DownloadPriority**  Indicates the priority of the download activity.
+- **EventType**  Indicates the purpose of the event - whether because scan started, succeeded, failed, etc.
+- **FlightId**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **HandlerInfo**  Blob of Handler related information.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate)
+- **RegulationResult**  The result code (HResult) of the last attempt to contact the regulation web service for download regulation of update content.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClient.InstallCanceled
+
+This event tracks the install canceled event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Install props (UsedSystemVolume, MergedUpdate, IsSuccessFailurePostReboot, isInteractive)
+- **Reason**  Install canceled reason.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.InstallFailed
+
+This event tracks the install failed event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerInfo**  Handler specific information.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Install props (UsedSystemVolume, MergedUpdate, IsSuccessFailurePostReboot, isInteractive)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UndockedComponents**  Information about the undocked components.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.InstallRebootPending
+
+This event tracks the install reboot pending event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of application making the Windows Update request. Used to identify context of request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props** Install props (UsedSystemVolume, MergedUpdate, IsSuccessFailurePostReboot, isInteractive)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+### Microsoft.Windows.Update.WUClient.InstallStarted
+
+The event tracks the install started event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props** Install props (UsedSystemVolume, MergedUpdate, IsSuccessFailurePostReboot, isInteractive)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.InstallSucceeded
+
+The event tracks the successful install event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerInfo**  Handler specific datapoints.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props** Install props (UsedSystemVolume, MergedUpdate, IsSuccessFailurePostReboot, isInteractive)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UndockedComponents**  Information about the undocked components.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.RevertFailed
+
+This event tracks the revert failed event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Commit Props (MergedUpdate)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClient.RevertStarted
+
+This event tracks the revert started event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Revert props (MergedUpdate)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClient.RevertSucceeded
+
+The event tracks the successful revert event when the update client is trying to update the device. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BundleId**  Identifier associated with the specific content bundle; shouldn't be all zeros if the bundleID was found.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ClassificationId**  Classification identifier of the update content.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **HandlerType**  Indicates the kind of content (app, driver, windows patch, etc.).
+- **Props**  Revert props (MergedUpdate)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **UndockedComponents**  Information consisting of Id, HR, ModuleVer, LoadProps, Path relating to the Undocked component.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClientExt.DownloadCheckpoint
+
+This is a checkpoint event between the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **FileId**  Unique identifier for the downloaded file.
+- **FileName**  Name of the downloaded file.
+- **FlightId**  The specific ID of the flight the device is getting.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClientExt.DownloadHeartbeat
+
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **BytesTotal**  Total bytes to transfer for this content.
+- **BytesTransferred**  Total bytes transferred for this content at the time of heartbeat.
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **ConnectionStatus**  Indicates the connectivity state of the device at the time of heartbeat.
+- **CurrentError**  Last (transient) error encountered by the active download.
+- **DownloadHBFlags**  Flags indicating if power state is ignored.
+- **DownloadState**  Current state of the active download for this content (queued, suspended, progressing).
+- **EventType**  Possible values are "Child", "Bundle", "Release" or "Driver".
+- **FlightId**  The specific ID of the flight the device is getting.
+- **MOAppDownloadLimit**  Mobile operator cap on size of application downloads, if any.
+- **MOUpdateDownloadLimit**  Mobile operator cap on size of OS update downloads, if any.
+- **PowerState**  Indicates the power state of the device at the time of heartbeart (DC, AC, Battery Saver, Connected Standby).
+- **Props**  Commit Props (MergedUpdate)
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **ResumeCount**  Number of times this active download has resumed from a suspended state.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **SuspendCount**  Number of times this active download has entered a suspended state.
+- **SuspendReason**  Last reason for which this active download has entered suspended state.
+- **UpdateId**  Identifier associated with the specific piece of content.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClientExt.UpdateMetadataIntegrityFragmentSigning
+
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EndpointUrl**  URL of the endpoint where client obtains update metadata. Used to identify test vs staging vs production environments.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **LeafCertId**  IntegralIDfrom the FragmentSigning data for certificate which failed.
+- **ListOfSHA256OfIntermediateCerData**  List of Base64 string of hash of intermediate cert data.
+- **MetadataIntegrityMode**  Base64 string of the signature associated with the update metadata (specified by revision id).
+- **RawMode**  Raw unparsed mode string from the SLS response. Null if not applicable.
+- **RawValidityWindowInDays**  Raw unparsed string of validity window in effect when verifying the timestamp.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **SHA256OfLeafCerData**  Base64 string of hash of the leaf cert data.
+- **SLSPrograms**  A test program a machine may be opted in. Examples include "Canary" and "Insider Fast".
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UusVersion**  Active UUS version.
+
+
+### Microsoft.Windows.Update.WUClientExt.UpdateMetadataIntegrityGeneral
+
+Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+
+The following fields are available:
+
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EndpointUrl**  Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce
+- **RawMode**  Raw unparsed mode string from the SLS response. May be null if not applicable.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.)
+- **SLSPrograms**  A test program a machine may be opted in. Examples include "Canary" and "Insider Fast".
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult)
+- **UusVersion**  The version of the Update Undocked Stack
+
+
+### Microsoft.Windows.Update.WUClientExt.UpdateMetadataIntegritySignature
+
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EndpointUrl**  URL of the endpoint where client obtains update metadata. Used to identify test vs staging vs production environments.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **LeafCertId**  IntegralIDfrom the FragmentSigning data for certificate which failed.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce.
+- **MetadataSignature**  Base64 string of the signature associated with the update metadata (specified by revision id).
+- **RawMode**  Raw unparsed mode string from the SLS response. Null if not applicable.
+- **RevisionId**  Identifies the revision of this specific piece of content.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **SHA256OfLeafCertPublicKey**  Base64 string of hash of the leaf cert public key.
+- **SHA256OfTimestampToken**  Base64 string of hash of the timestamp token blob.
+- **SignatureAlgorithm**  Hash algorithm for the metadata signature.
+- **SLSPrograms**  A test program a machine may be opted in. Examples include "Canary" and "Insider Fast".
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **TimestampTokenId**  Created time encoded in the timestamp blob. This will be zeroed if the token is malformed and decoding failed.
+- **UpdateID**  String of update ID and version number.
+- **UusVersion**  The version of the Update Undocked Stack.
+
+
+### Microsoft.Windows.Update.WUClientExt.UpdateMetadataIntegrityTimestamp
+
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CallerName**  Name of the application making the Windows Update Request. Used to identify context of the request.
+- **EndpointUrl**  URL of the endpoint where client obtains update metadata. Used to identify test vs staging vs production environments.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode wasn't specific enough.
+- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce
+- **RawMode**  Raw unparsed mode string from the SLS response. Null if not applicable.
+- **ServiceGuid**  Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.).
+- **SHA256OfTimestampToken**  Base64 string of hash of the timestamp token blob.
+- **SLSPrograms**  A test program a machine may be opted in. Examples include "Canary" and "Insider Fast".
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **TimestampTokenId**  Created time encoded in the timestamp blob. This will be zeroed if the token is itself malformed and decoding failed.
+- **UusVersion**  Active UUS Version.
+- **ValidityWindowInDays**  Validity window in effect when verifying the timestamp.
+
+
+### Microsoft.Windows.Update.WUClientExt.UUSLoadModuleFailed
+
+This is the UUSLoadModule failed event and is used to track the failure of loading an undocked component.  The data collected with this event is used to help keep Windows up to date and secure.
+
+The following fields are available:
+
+- **ModulePath**  Path of the undocked module.
+- **ModuleVersion**  Version of the undocked module.
+- **Props**  A bitmask for flags associated with loading the undocked module.
+- **RelatedCV**  The previous correlation vector that was used by the client, before swapping with a new one.
+- **StatusCode**  Result of the undocked module loading operation.
+- **UusSessionID**  Unique ID used to create the UUS session.
+- **UusVersion**  Active UUS version.
+
+
+## Winlogon events
+
+### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon
+
+This event signals the completion of the setup process. It happens only once during the first logon.
\ No newline at end of file
diff --git a/windows/privacy/required-windows-11-diagnostic-events-and-fields.md b/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
index 15649caaf5..dc34bef60a 100644
--- a/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
+++ b/windows/privacy/required-windows-11-diagnostic-events-and-fields.md
@@ -7,7 +7,7 @@ ms.localizationpriority: high
 author: DHB-MSFT
 ms.author: danbrown
 manager: laurawi
-ms.date: 04/24/2024
+ms.date: 10/08/2024
 ms.collection: privacy-windows
 ms.topic: reference
 ---
@@ -19,6 +19,8 @@ ms.topic: reference
 
 - Windows 11, version 21H2
 
+> [!IMPORTANT]
+> This version of Windows 11 has reached its end of servicing date. For more information, see [Microsoft Product Lifecyle](/lifecycle/products).
 
 Required diagnostic data gathers a limited set of information that is critical for understanding the device and its configuration including: basic device information, quality-related information, app compatibility, and Microsoft Store.
 
@@ -28,6 +30,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Required diagnostic events and fields for Windows 11, version 24H2](required-diagnostic-events-fields-windows-11-24H2.md)
 - [Required diagnostic events and fields for Windows 11, versions 23H2 and 22H2](required-diagnostic-events-fields-windows-11-22H2.md)
 - [Required diagnostic events and fields for Windows 10, versions 22H2 and 21H2](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
@@ -167,7 +170,6 @@ The following fields are available:
 
 - **AppraiserVersion**  The version of the appraiser binary generating the events.
 
-
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
 This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
@@ -438,7 +440,7 @@ The following fields are available:
 - **DriverAvailableInbox**  Is a driver included with the operating system for this PNP device?
 - **DriverAvailableOnline**  Is there a driver for this PNP device on Windows Update?
 - **DriverAvailableUplevel**  Is there a driver on Windows Update or included with the operating system for this PNP device?
-- **DriverBlockOverridden**  Is there's a driver block on the device that has been overridden?
+- **DriverBlockOverridden**  Is there a driver block on the device that has been overridden?
 - **NeedsDismissAction**  Will the user would need to dismiss a warning during Setup for this device?
 - **NotRegressed**  Does the device have a problem code on the source OS that is no better than the one it would have on the target OS?
 - **SdbDeviceBlockUpgrade**  Is there an SDB block on the PNP device that blocks upgrade?
@@ -1475,7 +1477,7 @@ The following fields are available:
 - **AzureOSIDPresent**  Represents the field used to identify an Azure machine.
 - **AzureVMType**  Represents whether the instance is Azure VM PAAS, Azure VM IAAS or any other VMs.
 - **CDJType**  Represents the type of cloud domain joined for the machine.
-- **CommercialId**  Represents the GUID for the commercial entity that the device is a member of.  Will be used to reflect insights back to customers.
+- **CommercialId**  Represents the GUID for the commercial entity that the device is a member of. Will be used to reflect insights back to customers.
 - **ContainerType**  The type of container, such as process or virtual machine hosted.
 - **EnrollmentType**  Defines the type of MDM enrollment on the device.
 - **HashedDomain**  The hashed representation of the user domain used for login.
@@ -1490,7 +1492,6 @@ The following fields are available:
 - **ServerFeatures**  Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
 - **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
 
-
 ### Census.Firmware
 
 This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
@@ -1948,7 +1949,7 @@ Fires at the beginning and end of the HVCI auto-enablement process in sysprep.
 
 The following fields are available:
 
-- **wilActivity**  Contains the thread ID used to match the begin and end events, and for the end event also a HResult indicating sucess or failure.
+- **wilActivity**  Contains the thread ID used to match the begin and end events, and for the end event also a HResult indicating success or failure.
 
 
 ### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciAlreadyEnabled
@@ -1956,6 +1957,7 @@ The following fields are available:
 Fires when HVCI is already enabled so no need to continue auto-enablement.
 
 
+
 ### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.HvciScanGetResultFailed
 
 Fires when driver scanning fails to get results.
@@ -2197,6 +2199,7 @@ The following fields are available:
 - **uts**  A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
 - **xid**  A list of base10-encoded XBOX User IDs.
 
+
 ## Common data fields
 
 ### Ms.Device.DeviceInventoryChange
@@ -2212,6 +2215,7 @@ The following fields are available:
 - **syncId**  A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
 
 
+
 ## Component-based servicing events
 
 ### CbsServicingProvider.CbsCapabilityEnumeration
@@ -2985,6 +2989,7 @@ The following fields are available:
 - **PreviousExecutionState**  Windows Mixed Reality Portal app prior execution state.
 - **wilActivity**  Windows Mixed Reality Portal app wilActivity ID.
 
+
 ### Microsoft.Windows.Shell.HolographicFirstRun.AppLifecycleService_Resuming
 
 This event indicates Windows Mixed Reality Portal app resuming. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
@@ -3570,7 +3575,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
+This event provides data on Unified Update Platform (UUP) products and what version they're at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3753,7 +3758,7 @@ This Ping event sends a detailed inventory of software and hardware information
 The following fields are available:
 
 - **appAp**  Any additional parameters for the specified application. Default: ''.
-- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. See the wiki for additional information. Default: undefined.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute.  Default: undefined.
 - **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
 - **appChannel**  An integer indicating the channel of the installation (i.e. Canary or Dev).
 - **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
@@ -3761,13 +3766,13 @@ The following fields are available:
 - **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
-- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known. See the wiki for additional information. Default: '-2'.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known.  Default: '-2'.
 - **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client shouldn't transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
 - **appInstallTime**  The product install time in seconds. '0' if unknown. Default: '-1'.
 - **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
 - **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
 - **appLastLaunchTime**  The time when browser was last launched.
-- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. See the wiki for additional information. Default: '0.0.0.0'.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation.  Default: '0.0.0.0'.
 - **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
 - **appPingEventDoneBeforeOOBEComplete**  Indicates whether the install or update was completed before Windows Out of the Box Experience ends. 1 means event completed before OOBE finishes; 0 means event wasn't completed before OOBE finishes; -1 means the field doesn't apply.
 - **appPingEventDownloadMetricsCdnCCC**  ISO 2 character country or region code that matches to the country or region updated binaries are delivered from. E.g.: US.
@@ -3781,8 +3786,8 @@ The following fields are available:
 - **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
 - **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
 - **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
-- **appPingEventEventResult**  An enum indicating the result of the event. See the wiki for additional information. Default: '0'.
-- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. See the wiki for additional information.
+- **appPingEventEventResult**  An enum indicating the result of the event.  Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. 
 - **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
 - **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
 - **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
@@ -3794,9 +3799,9 @@ The following fields are available:
 - **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they haven't.
 - **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server shouldn't return an update instruction to a version number that doesn't match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it isn't a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
 - **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
-- **appVersion**  The version of the product install. See the wiki for additional information. Default: '0.0.0.0'.
+- **appVersion**  The version of the product install.  Default: '0.0.0.0'.
 - **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
-- **eventType**  A string indicating the type of the event. See the wiki for additional information.
+- **eventType**  A string indicating the type of the event. 
 - **expETag**  An identifier representing all service applied configurations and experiments when current update happens. Used for testing only.
 - **hwDiskType**  Device’s hardware disk type.
 - **hwHasAvx**  '1' if the client's hardware supports the AVX instruction set. '0' if the client's hardware doesn't support the AVX instruction set. '-1' if unknown. Default: '-1'.
@@ -3996,7 +4001,6 @@ The following fields are available:
 - **extendedData**  GTL extended data section for each app to add its own extensions.
 - **timeToActionMs**  Time in MS for this Page Action.
 
-
 ### Microsoft.Surface.Mcu.Prod.CriticalLog
 
 Error information from Surface device firmware.
@@ -4312,7 +4316,7 @@ The following fields are available:
 - **DownloadState**  Current state of the active download for this content (queued, suspended, or progressing)
 - **EventType**  Possible values are "Child", "Bundle", or "Driver"
 - **FlightId**  The unique identifier for each flight
-- **IsNetworkMetered**  Indicates whether Windows considered the current network to be metered"
+- **IsNetworkMetered**  Indicates whether Windows considered the current network to be "metered"
 - **MOAppDownloadLimit**  Mobile operator cap on size of application downloads, if any
 - **MOUpdateDownloadLimit**  Mobile operator cap on size of operating system update downloads, if any
 - **PowerState**  Indicates the power state of the device at the time of heartbeart (DC, AC, Battery Saver, or Connected Standby)
@@ -5185,7 +5189,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
+This event sends a summary of all the update agent mitigations available for an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5618,7 +5622,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
-- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, canceled.
@@ -5665,7 +5669,7 @@ The following fields are available:
 - **pluginFailureCount**  The number of plugins that have failed.
 - **pluginsCount**  The number of plugins.
 - **qualityAssessmentImpact**  WaaS Assessment impact for quality updates.
-- **remediationSummary**  Result of each operation performed on a device to fix an invalid state or configuration that's preventing the device from getting updates. For example, if Windows Update service is turned off, the fix is to turn the it back on.
+- **remediationSummary**  Result of each operation performed on a device to fix an invalid state or configuration that's preventing the device from getting updates. For example, if Windows Update service is turned off, the fix is to turn it back on.
 - **usingBackupFeatureAssessment**  Relying on backup feature assessment.
 - **usingBackupQualityAssessment**  Relying on backup quality assessment.
 - **usingCachedFeatureAssessment**  WaaS Medic run didn't get OS build age from the network on the previous run.
@@ -5678,7 +5682,7 @@ The following fields are available:
 
 ### Microsoft.Windows.WERVertical.OSCrash
 
-This event sends binary data from the collected dump file whenever a bug check occurs, to help keep Windows up to date. The is the OneCore version of this event.
+This event sends binary data from the collected dump file whenever a bug check occurs, to help keep Windows up to date. This is the OneCore version of this event.
 
 The following fields are available:
 
@@ -6108,7 +6112,7 @@ The following fields are available:
 
 - **CatalogId**  The Store Catalog ID for the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
-- **SkuId**  Specfic edition of the app being updated.
+- **SkuId**  Specific edition of the app being updated.
 
 
 ### Microsoft.Windows.StoreAgent.Telemetry.StateTransition
@@ -6355,7 +6359,7 @@ The following fields are available:
 - **flightMetadata**  Contains the FlightId and the build being flighted.
 - **objectId**  Unique value for each Update Agent mode.
 - **relatedCV**  Correlation vector value generated from the latest USO scan.
-- **result**  Result of the initialize phase of the update. 0 = Succeeded, 1 = Failed, 2 = Cancelled, 3 = Blocked, 4 = BlockCancelled.
+- **result**  Result of the initialize phase of the update. 0 = Succeeded, 1 = Failed, 2 = Canceled, 3 = Blocked, 4 = BlockCancelled.
 - **scenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
 - **sessionData**  Contains instructions to update agent for processing FODs and DUICs (Null for other scenarios).
 - **sessionId**  Unique value for each Update Agent mode attempt.
@@ -6589,6 +6593,15 @@ The following fields are available:
 - **WasPresented**  True if the user interaction campaign is displayed to the user.
 
 
+### Microsoft.Windows.WindowsUpdate.RUXIM.IHExit
+
+This event is generated when the RUXIM Interaction Handler (RUXIMIH.EXE) exits. The data collected with this event is used to help keep Windows up to date and performing properly.
+
+The following fields are available:
+
+- **InteractionCampaignID**  GUID identifying the interaction campaign that RUXIMIH processed.
+
+
 ## Windows Update mitigation events
 
 ### Microsoft.Windows.Mitigations.AllowInPlaceUpgrade.ApplyTroubleshootingComplete
@@ -6840,7 +6853,4 @@ The following fields are available:
 - **Disposition**  The parameter for the hard reserve adjustment function.
 - **Flags**  The flags passed to the hard reserve adjustment function.
 - **PendingHardReserveAdjustment**  The final change to the hard reserve size.
-- **UpdateType**  Indicates whether the change is an increase or decrease in the size of the hard reserve.
-
-
-
+- **UpdateType**  Indicates whether the change is an increase or decrease in the size of the hard reserve.
\ No newline at end of file
diff --git a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
index 4fb9beb260..e008b7598b 100644
--- a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
+++ b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
@@ -7,7 +7,7 @@ ms.localizationpriority: high
 author: DHB-MSFT
 ms.author: danbrown
 manager: laurawi
-ms.date: 04/24/2024
+ms.date: 10/01/2024
 ms.collection: privacy-windows
 ms.topic: reference
 ---
@@ -31,6 +31,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Required diagnostic events and fields for Windows 11, version 24H2](required-diagnostic-events-fields-windows-11-24H2.md)
 - [Required diagnostic events and fields for Windows 11, versions 23H2 and 22H2](required-diagnostic-events-fields-windows-11-22H2.md)
 - [Required diagnostic events and fields for Windows 11, version 21H2](required-windows-11-diagnostic-events-and-fields.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
@@ -873,7 +874,7 @@ The following fields are available:
 - **DriverAvailableInbox**  Is a driver included with the operating system for this PNP device?
 - **DriverAvailableOnline**  Is there a driver for this PNP device on Windows Update?
 - **DriverAvailableUplevel**  Is there a driver on Windows Update or included with the operating system for this PNP device?
-- **DriverBlockOverridden**  Is there's a driver block on the device that has been overridden?
+- **DriverBlockOverridden**  Is there a driver block on the device that has been overridden?
 - **NeedsDismissAction**  Will the user would need to dismiss a warning during Setup for this device?
 - **NotRegressed**  Does the device have a problem code on the source OS that is no better than the one it would have on the target OS?
 - **SdbDeviceBlockUpgrade**  Is there an SDB block on the PNP device that blocks upgrade?
@@ -2476,7 +2477,8 @@ Fires when the compatibility check completes. Gives the results from the check.
 The following fields are available:
 
 - **IsRecommended**  Denotes whether all compatibility checks have passed and, if so, returns true. Otherwise returns false.
-- **Issues**  If compatibility checks failed, provides bit indexed indicators of issues detected. Table located here: [Check results of HVCI default enablement](/windows-hardware/design/device-experiences/oem-hvci-enablement#check-results-of-hvci-default-enablement).
+- **Issues**  If compatibility checks failed, provides bit indexed indicators of issues detected. Table located here: [Check results of HVCI default enablement](/windows-hardware/design/device-experiences/oem-hvci-enablement#check-results-of-memory-integrity-default-enablement).
+
 
 ### Microsoft.Windows.Security.CodeIntegrity.HVCISysprep.Enabled
 
@@ -4334,6 +4336,7 @@ The following fields are available:
 
 - **InventoryVersion**  The version of the inventory binary generating the events.
 
+
 ### Microsoft.Windows.Inventory.Core.InventoryAcpiPhatHealthRecordAdd
 
 This event sends basic metadata about ACPI PHAT Health Record structure on the machine. The data collected with this event is used to help keep Windows up to date.
@@ -4608,6 +4611,7 @@ The following fields are available:
 
 - **InventoryVersion**  The version of the inventory file generating the events.
 
+
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpAdd
 
 This event sends basic metadata about a PNP device and its associated driver to help keep Windows up to date. This information is used to assess if the PNP device and driver will remain compatible when upgrading Windows.
@@ -4858,7 +4862,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
+This event provides data on Unified Update Platform (UUP) products and what version they're at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -5148,7 +5152,7 @@ This Ping event sends a detailed inventory of software and hardware information
 The following fields are available:
 
 - **appAp**  Any additional parameters for the specified application. Default: ''.
-- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Please see the wiki for additional information. Default: undefined.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute.  Default: undefined.
 - **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
 - **appChannel**  An integer indicating the channel of the installation (i.e. Canary or Dev).
 - **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
@@ -5156,13 +5160,13 @@ The following fields are available:
 - **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
-- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known. Please see the wiki for additional information. Default: '-2'.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value isn't known.  Default: '-2'.
 - **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client shouldn't transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
 - **appInstallTime**  The product install time in seconds. '0' if unknown. Default: '-1'.
 - **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
 - **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
 - **appLastLaunchTime**  The time when browser was last launched.
-- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation.  Default: '0.0.0.0'.
 - **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
 - **appPingEventDoneBeforeOOBEComplete**  Indicates whether the install or update was completed before Windows Out of the Box Experience ends. 1 means event completed before OOBE finishes; 0 means event wasn't completed before OOBE finishes; -1 means the field doesn't apply.
 - **appPingEventDownloadMetricsCdnAzureRefOriginShield**  Provides a unique reference string that identifies a request served by Azure Front Door. It's used to search access logs and is critical for troubleshooting. For example, Ref A: E172B39D19774147B0EFCC8E3E823D9D Ref B: BL2EDGE0215 Ref C: 2021-05-11T22:25:48Z.
@@ -5180,8 +5184,8 @@ The following fields are available:
 - **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
 - **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
 - **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
-- **appPingEventEventResult**  An enum indicating the result of the event. Please see the wiki for additional information. Default: '0'.
-- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. Please see the wiki for additional information.
+- **appPingEventEventResult**  An enum indicating the result of the event.  Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. 
 - **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
 - **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
 - **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
@@ -5195,9 +5199,9 @@ The following fields are available:
 - **appUpdateCheckTargetChannel**  Check for status showing the target release channel.
 - **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server shouldn't return an update instruction to a version number that doesn't match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it isn't a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
 - **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
-- **appVersion**  The version of the product install. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **appVersion**  The version of the product install.  Default: '0.0.0.0'.
 - **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
-- **eventType**  A string indicating the type of the event. Please see the wiki for additional information.
+- **eventType**  A string indicating the type of the event. 
 - **expDeviceId**  A non-unique resettable device ID to identify a device in experimentation.
 - **expEtag**  An identifier representing all service applied configurations and experiments when current update happens. Used for testing only.
 - **expETag**  An identifier representing all service applied configurations and experiments when current update happens. Used for testing only.
@@ -5618,6 +5622,7 @@ The following fields are available:
 - **criticalLogSize** Log size
 - **CUtility::GetTargetNameA(target)**  Product identifier.
 - **productId**  Product identifier
+- **SurfaceTelemetry_EventType**  Required vs. Optional event
 - **uniqueId**  Correlation ID that can be used with Watson to get more details about the failure.
 
 
@@ -5639,6 +5644,7 @@ This event sends information about the Operating System image name to Microsoft.
 
 The following fields are available:
 
+- **SurfaceTelemetry_EventType**  Required vs. Optional event
 - **szOsImageName**  This is the image name that is running on the device.
 
 
@@ -5691,6 +5697,7 @@ The following fields are available:
 - **UpdateType**  Indicates if it's DB or DBX update
 - **WillResealSucceed**  Indicates if TPM reseal operation is expected to succeed
 
+
 ### Microsoft.Windows.Security.SBServicing.ApplySecureBootUpdateStarted
 
 Event that indicates secure boot update has started.
@@ -5746,9 +5753,7 @@ The following fields are available:
 - **touchKeyboardDesktop**  Touch keyboard desktop
 - **touchKeyboardTablet**  Touch keyboard tablet
 - **triggerType**  Trigger type
-- **usePowershell**  Use PowerShell
-
-
+- **usePowershell**  Use PowerShell.
 
 ## Privacy consent logging events
 
@@ -6558,8 +6563,9 @@ The following fields are available:
 - **CUtility::GetTargetNameA(Target)**  Sub component name.
 - **HealthLog**  Health indicator log.
 - **healthLogSize**  4KB.
+- **PartA_PrivacyProduct**  Product tag
 - **productId**  Identifier for product model.
-
+- **SurfaceTelemetry_EventType**  Required vs. Optional event
 
 ### Microsoft.Surface.SystemReset.Prod.ResetCauseEventV2
 
@@ -6568,9 +6574,25 @@ This event sends reason for SAM, PCH and SoC reset. The data collected with this
 The following fields are available:
 
 - **ControllerResetCause**  The cause for the controller reset.
+- **EcResetCause**  EC reset cause.
+- **FaultReset1Cause**  Fault 1 reset cause.
+- **FaultReset2Cause**  Fault 2 reset cause.
 - **HostResetCause**  Host reset cause.
+- **OffResetCause**  Off reset cause.
+- **OnResetCause**  On reset cause.
+- **PartA_PrivacyProduct**  Product tag
 - **PchResetCause**  PCH reset cause.
+- **PoffResetCause**  Power Off reset cause.
+- **PonResetCause**  Power On reset cause.
+- **S3ResetCause**  S3 reset cause.
 - **SamResetCause**  SAM reset cause.
+- **SamResetCauseExtBacklightState**  SAM Reset Display Backlight state.
+- **SamResetCauseExtLastPowerButtonTime**  SAM Reset Last Power Button time.
+- **SamResetCauseExtLastSshCommunicationTime**  SAM Reset Last SSH Communication time.
+- **SamResetCauseExtPostureStateReason**  SAM Reset Last Posture State reason.
+- **SamResetCauseExtRestartReason**  SAM Reset Extended Restart reason.
+- **SurfaceTelemetry_EventType**  Required vs. Optional event.
+- **WarmResetCause**  Warm reset cause.
 
 
 ## Update Assistant events
@@ -10018,7 +10040,4 @@ The following fields are available:
 - **videoResolution**  Video resolution to use.
 - **virtualMachineName**  VM name.
 - **waitForClientConnection**  True if we should wait for client connection.
-- **wp81NetworkStackDisabled**  WP 8.1 networking stack disabled.
-
-
-
+- **wp81NetworkStackDisabled**  WP 8.1 networking stack disabled.
\ No newline at end of file
diff --git a/windows/privacy/toc.yml b/windows/privacy/toc.yml
index 9c47130eca..e177a03cd3 100644
--- a/windows/privacy/toc.yml
+++ b/windows/privacy/toc.yml
@@ -13,6 +13,8 @@
           href: diagnostic-data-viewer-powershell.md
     - name: Required Windows diagnostic data events and fields
       items: 
+        - name: Windows 11, version 24H2
+          href: required-diagnostic-events-fields-windows-11-24H2.md
         - name: Windows 11, versions 23H2 and 22H2
           href: required-diagnostic-events-fields-windows-11-22H2.md
         - name: Windows 11, version 21H2
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md
similarity index 50%
rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md
rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md
index 4dc0da5aba..8ea04f6820 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md
+++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md
@@ -1,23 +1,22 @@
 ---
-title: Designing, creating, managing, and troubleshooting Windows Defender Application Control AppId Tagging policies
-description: How to design, create, manage, and troubleshoot your WDAC AppId Tagging policies
+title: Designing, creating, managing, and troubleshooting App Control for Business AppId Tagging policies
+description: How to design, create, manage, and troubleshoot your App Control AppId Tagging policies
 ms.localizationpriority: medium
-ms.date: 04/27/2022
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
-# WDAC Application ID (AppId) Tagging guide
+# App Control Application ID (AppId) Tagging guide
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 ## AppId Tagging Feature Overview
 
-The Application ID (AppId) Tagging Policy feature, while based off Windows Defender Application Control (WDAC), doesn't control whether applications run. AppId Tagging policies can be used to mark the processes of the running application with a customizable tag defined in the policy. Application processes that pass the AppId policy receive the tag while failing applications don't.
+The Application ID (AppId) Tagging Policy feature, while based off App Control for Business, doesn't control whether applications run. AppId Tagging policies can be used to mark the processes of the running application with a customizable tag defined in the policy. Application processes that pass the AppId policy receive the tag while failing applications don't.
 
 ## AppId Tagging Feature Availability
 
-The WDAC AppId Tagging feature is available on the following versions of the Windows platform:
+The App Control AppId Tagging feature is available on the following versions of the Windows platform:
 
 Client:
 - Windows 10 20H1, 20H2, and 21H1 versions only
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
similarity index 73%
rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
index 1507fc348c..e62a226d9b 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
@@ -2,20 +2,19 @@
 title: Testing and Debugging AppId Tagging Policies
 description: Testing and Debugging AppId Tagging Policies to ensure your policies are deployed successfully.
 ms.localizationpriority: medium
-ms.date: 04/29/2022
+ms.date: 09/11/2024
 ms.topic: troubleshooting
 ---
 
 # Testing and Debugging AppId Tagging Policies
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-After deployment of the WDAC AppId Tagging policy, WDAC will log a 3099 policy deployed event in the [Event Viewer logs](../operations/event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event.
+After deployment of the App Control AppId Tagging policy, App Control will log a 3099 policy deployed event in the [Event Viewer logs](../operations/event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event.
 
 ## Verifying Tags on Running Processes
 
-After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Note that processes running at the time of policy deployment will need to be restarted since Windows Defender Application Control (WDAC) can only tag processes created after the policy has been deployed.
+After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Note that processes running at the time of policy deployment will need to be restarted since App Control for Business can only tag processes created after the policy has been deployed.
 
 1. Download and Install the Windows Debugger
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md
similarity index 54%
rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md
index 7f0824cace..82fbcd6156 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md
@@ -1,17 +1,16 @@
 ---
-title: Deploying Windows Defender Application Control AppId tagging policies
-description: How to deploy your WDAC AppId tagging policies locally and globally within your managed environment.
+title: Deploying App Control for Business AppId tagging policies
+description: How to deploy your App Control AppId tagging policies locally and globally within your managed environment.
 ms.localizationpriority: medium
-ms.date: 04/29/2022
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
-# Deploying Windows Defender Application Control AppId tagging policies
+# Deploying App Control for Business AppId tagging policies
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagging policies can be deployed locally and to your managed endpoints several ways. Once you've created your AppId tagging policy, use one of the following methods to deploy:
+Similar to App Control for Business policies, App Control AppId tagging policies can be deployed locally and to your managed endpoints several ways. Once you've created your AppId tagging policy, use one of the following methods to deploy:
 
 1. [Deploy AppId tagging policies with MDM](#deploy-appid-tagging-policies-with-mdm)
 1. [Deploy policies with Configuration Manager](#deploy-appid-tagging-policies-with-configuration-manager)
@@ -20,23 +19,23 @@ Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagg
 
 ## Deploy AppId tagging policies with MDM
 
-Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-wdac-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
+Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-app-control-policies-with-custom-oma-uri).
 
 ## Deploy AppId tagging policies with Configuration Manager
 
-Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-wdac-policies-with-memcm.md#deploy-custom-wdac-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users.
+Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-appcontrol-policies-with-memcm.md#deploy-custom-app-control-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users.
 
 ### Deploy AppId tagging Policies via Scripting
 
-Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy WDAC AppId tagging policies via scripting, see [Deploy WDAC policies using script](../deployment/deploy-wdac-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later.
+Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy App Control AppId tagging policies via scripting, see [Deploy App Control policies using script](../deployment/deploy-appcontrol-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later.
 
 ### Deploying policies via the ApplicationControl CSP
 
-Multiple WDAC policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment.
+Multiple App Control policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment.
 
 However, when policies are unenrolled from an MDM server, the CSP will attempt to remove every policy from devices, not just the policies added by the CSP. The reason for this is that the ApplicationControl CSP doesn't track enrollment sources for individual policies, even though it will query all policies on a device, regardless if they were deployed by the CSP.
 
 For more information, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp) to deploy multiple policies, and optionally use Microsoft Intune's Custom OMA-URI capability.
 
 > [!NOTE]
-> WMI and GP don't currently support multiple policies. If you can't directly access the MDM stack, use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage multiple policy format Windows Defender Application Control policies.
+> WMI and GP don't currently support multiple policies. If you can't directly access the MDM stack, use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage multiple policy format App Control for Business policies.
diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md
new file mode 100644
index 0000000000..363d4b5dd8
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md
@@ -0,0 +1,102 @@
+---
+title: Create your App Control for Business AppId Tagging Policies
+description: Create your App Control for Business AppId tagging policies for Windows devices.
+ms.localizationpriority: medium
+ms.date: 09/23/2024
+ms.topic: conceptual
+---
+
+# Creating your App Control AppId Tagging Policies
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+## Create the policy using the App Control Wizard
+
+You can use the App Control for Business Wizard and the PowerShell commands to create an App Control policy and convert it to an AppIdTagging policy. The App Control Wizard is available for download at the [App Control Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md).
+
+1. Create a new base policy using the templates:
+
+    Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/appcontrol-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules.
+
+    :::image type="content" alt-text="Configuring the policy base and template." source="../images/appid-appcontrol-wizard-1.png" lightbox="../images/appid-appcontrol-wizard-1.png":::
+
+    > [!NOTE]
+    > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies).
+
+2. Set the following rule-options using the Wizard toggles:
+
+    :::image type="content" alt-text="Configuring the policy rule-options." source="../images/appid-appcontrol-wizard-2.png":::
+
+3. Create custom rules:
+
+    Selecting the `+ Custom Rules` button opens the Custom Rules panel. The Wizard supports five types of file rules:
+
+    - Publisher rules: Create a rule based off the signing certificate hierarchy. Additionally, the original filename and version can be combined with the signing certificate for added security.
+    - Path rules: Create a rule based off the path to a file or a parent folder path. Path rules support wildcards.
+    - File attribute rules: Create a rule based off a file's immutable properties like the original filename, file description, product name or internal name.
+    - Package app name rules: Create a rule based off the package family name of an appx/msix.
+    - Hash rules: Create a rule based off the PE Authenticode hash of a file.
+
+    For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/appcontrol-wizard-create-base-policy.md#creating-custom-file-rules).
+
+4. Convert to AppId Tagging Policy:
+
+    After the Wizard builds the policy file, open the file in a text editor and remove the entire "Value=131" SigningScenario text block. The only remaining signing scenario should be "Value=12" which is the user mode application section. Next, open PowerShell in an elevated prompt and run the following command. Replace the AppIdTagging Key-Value pair for your scenario:
+
+    ```powershell
+    Set-CIPolicyIdInfo -ResetPolicyID -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue"
+    ```
+    The policyID GUID is returned by the PowerShell command if successful.
+
+## Create the policy using PowerShell
+
+Using this method, you create an AppId Tagging policy directly using the App Control PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). In an elevate PowerShell instance:
+
+1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [App Control File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-app-control-for-business-policy---file-rule-levels) can be used in AppId rules:
+
+    ```powershell
+    $rule = New-CiPolicyRule -Level SignedVersion -DriverFilePath <path_to_application>
+    ```
+2. Create the AppId Tagging Policy. Replace the AppIdTagging Key-Value pair for your scenario:
+
+    ```powershell
+    New-CIPolicy -rules $rule -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue"
+    ```
+3. Set the rule-options for the policy:
+
+    ```powershell
+    Set-RuleOption -Option 0 .\AppIdPolicy.xml  # Usermode Code Integrity (UMCI)
+    Set-RuleOption -Option 16 .\AppIdPolicy.xml # Refresh Policy no Reboot
+    Set-RuleOption -Option 18 .\AppIdPolicy.xml # (Optional) Disable FilePath Rule Protection
+    ```
+
+    If you're using filepath rules, you may want to set option 18. Otherwise, there's no need.
+
+4. Set the name and ID on the policy, which is helpful for future debugging:
+
+    ```powershell
+    Set-CIPolicyIdInfo -ResetPolicyId -PolicyName "MyPolicyName" -PolicyId "MyPolicyId" -AppIdTaggingPolicy -FilePath ".\AppIdPolicy.xml"
+    ```
+    The policyID GUID is returned by the PowerShell command if successful.
+
+## Deploy for Local Testing
+
+After creating your AppId Tagging policy in the above steps, you can deploy the policy to your local machine for testing before broadly deploying the policy to your endpoints:
+
+1. Depending on your deployment method, convert the xml to binary:
+
+    ```powershell
+    Convertfrom-CIPolicy .\policy.xml ".\{PolicyIDGUID}.cip"
+    ```
+
+2. Optionally, deploy it for local testing:
+
+    ```powershell
+    copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\
+    ./RefreshPolicy.exe
+    ```
+
+    RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925).
+
+## Next Steps
+For more information on debugging and broad deployment of the AppId Tagging policy, see [Debugging AppId policies](debugging-operational-guide-appid-tagging-policies.md) and [Deploying AppId policies](deploy-appid-tagging-policies.md).
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml
similarity index 70%
rename from windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
rename to windows/security/application-security/application-control/app-control-for-business/TOC.yml
index 91cc8b46d0..b5ff7c1588 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
+++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml
@@ -1,126 +1,126 @@
 - name: Application Control for Windows
   href: index.yml
 - name: About application control for Windows
-  href: wdac.md
+  href: appcontrol.md
   expanded: true
   items:
-    - name: WDAC and AppLocker Overview
-      href: wdac-and-applocker-overview.md
-    - name: WDAC and AppLocker Feature Availability
+    - name: App Control and AppLocker Overview
+      href: appcontrol-and-applocker-overview.md
+    - name: App Control and AppLocker Feature Availability
       href: feature-availability.md
     - name: Virtualization-based protection of code integrity
-      href: ../introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
-- name: WDAC design guide
-  href: design/wdac-design-guide.md
+      href: ../introduction-to-virtualization-based-security-and-appcontrol.md
+- name: Design guide
+  href: design/appcontrol-design-guide.md
   items:
-    - name: Plan for WDAC policy lifecycle management
-      href: design/plan-wdac-management.md
-    - name: Design your WDAC policy
+    - name: Plan for App Control policy lifecycle management
+      href: design/plan-appcontrol-management.md
+    - name: Design your App Control policy
       items:
-        - name: Understand WDAC policy design decisions
-          href: design/understand-wdac-policy-design-decisions.md
-        - name: Understand WDAC policy rules and file rules
+        - name: Understand App Control policy design decisions
+          href: design/understand-appcontrol-policy-design-decisions.md
+        - name: Understand App Control policy rules and file rules
           href: design/select-types-of-rules-to-create.md
           items:
             - name: Allow apps installed by a managed installer
               href: design/configure-authorized-apps-deployed-with-a-managed-installer.md
             - name: Allow reputable apps with Intelligent Security Graph (ISG)
-              href: design/use-wdac-with-intelligent-security-graph.md
+              href: design/use-appcontrol-with-intelligent-security-graph.md
             - name: Allow COM object registration
-              href: design/allow-com-object-registration-in-wdac-policy.md
-            - name: Use WDAC with .NET hardening
-              href: design/wdac-and-dotnet.md
-            - name: Script enforcement with Windows Defender Application Control
+              href: design/allow-com-object-registration-in-appcontrol-policy.md
+            - name: Use App Control with .NET hardening
+              href: design/appcontrol-and-dotnet.md
+            - name: Script enforcement with App Control for Business
               href: design/script-enforcement.md
-            - name: Manage packaged apps with WDAC
-              href: design/manage-packaged-apps-with-wdac.md
-            - name: Use WDAC to control specific plug-ins, add-ins, and modules
-              href: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md
-            - name: Understand WDAC policy settings
-              href: design/understanding-wdac-policy-settings.md
-        - name: Use multiple WDAC policies
-          href: design/deploy-multiple-wdac-policies.md
-    - name: Create your WDAC policy
+            - name: Manage packaged apps with App Control
+              href: design/manage-packaged-apps-with-appcontrol.md
+            - name: Use App Control to control specific plug-ins, add-ins, and modules
+              href: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+            - name: Understand App Control policy settings
+              href: design/understanding-appcontrol-policy-settings.md
+        - name: Use multiple App Control policies
+          href: design/deploy-multiple-appcontrol-policies.md
+    - name: Create your App Control policy
       items:
-        - name: Example WDAC base policies
-          href: design/example-wdac-base-policies.md
-        - name: Policy creation for common WDAC usage scenarios
-          href: design/common-wdac-use-cases.md
+        - name: Example App Control base policies
+          href: design/example-appcontrol-base-policies.md
+        - name: Policy creation for common App Control usage scenarios
+          href: design/common-appcontrol-use-cases.md
           items:
-            - name: Create a WDAC policy for lightly managed devices
-              href: design/create-wdac-policy-for-lightly-managed-devices.md
-            - name: Create a WDAC policy for fully managed devices
-              href: design/create-wdac-policy-for-fully-managed-devices.md
-            - name: Create a WDAC policy for fixed-workload devices
-              href: design/create-wdac-policy-using-reference-computer.md
-            - name: Create a WDAC deny list policy
-              href: design/create-wdac-deny-policy.md
-            - name: Applications that can bypass WDAC and how to block them
-              href: design/applications-that-can-bypass-wdac.md
+            - name: Create an App Control policy for lightly managed devices
+              href: design/create-appcontrol-policy-for-lightly-managed-devices.md
+            - name: Create an App Control policy for fully managed devices
+              href: design/create-appcontrol-policy-for-fully-managed-devices.md
+            - name: Create an App Control policy for fixed-workload devices
+              href: design/create-appcontrol-policy-using-reference-computer.md
+            - name: Create an App Control deny list policy
+              href: design/create-appcontrol-deny-policy.md
+            - name: Applications that can bypass App Control and how to block them
+              href: design/applications-that-can-bypass-appcontrol.md
             - name: Microsoft recommended driver block rules
               href: design/microsoft-recommended-driver-block-rules.md
-        - name: Use the WDAC Wizard tool
-          href: design/wdac-wizard.md
+        - name: Use the App Control Wizard tool
+          href: design/appcontrol-wizard.md
           items:
-            - name: Create a base WDAC policy with the Wizard
-              href: design/wdac-wizard-create-base-policy.md
-            - name: Create a supplemental WDAC policy with the Wizard
-              href: design/wdac-wizard-create-supplemental-policy.md
-            - name: Editing a WDAC policy with the Wizard
-              href: design/wdac-wizard-editing-policy.md
-            - name: Creating WDAC Policy Rules from WDAC Events
-              href: design/wdac-wizard-parsing-event-logs.md
-            - name: Merging multiple WDAC policies with the Wizard
-              href: design/wdac-wizard-merging-policies.md
-- name: WDAC deployment guide
-  href: deployment/wdac-deployment-guide.md
+            - name: Create a base App Control policy with the Wizard
+              href: design/appcontrol-wizard-create-base-policy.md
+            - name: Create a supplemental App Control policy with the Wizard
+              href: design/appcontrol-wizard-create-supplemental-policy.md
+            - name: Editing an App Control policy with the Wizard
+              href: design/appcontrol-wizard-editing-policy.md
+            - name: Creating App Control Policy Rules from App Control Events
+              href: design/appcontrol-wizard-parsing-event-logs.md
+            - name: Merging multiple App Control policies with the Wizard
+              href: design/appcontrol-wizard-merging-policies.md
+- name: Deployment guide
+  href: deployment/appcontrol-deployment-guide.md
   items:
-    - name: Deploy WDAC policies with MDM
-      href: deployment/deploy-wdac-policies-using-intune.md
-    - name: Deploy WDAC policies with Configuration Manager
-      href: deployment/deploy-wdac-policies-with-memcm.md
-    - name: Deploy WDAC policies with script
-      href: deployment/deploy-wdac-policies-with-script.md
-    - name: Deploy WDAC policies with group policy
-      href: deployment/deploy-wdac-policies-using-group-policy.md
-    - name: Audit WDAC policies
-      href: deployment/audit-wdac-policies.md
-    - name: Merge WDAC policies
-      href: deployment/merge-wdac-policies.md
-    - name: Enforce WDAC policies
-      href: deployment/enforce-wdac-policies.md
-    - name: Use code signing for added control and protection with WDAC
+    - name: Deploy App Control policies with MDM
+      href: deployment/deploy-appcontrol-policies-using-intune.md
+    - name: Deploy App Control policies with Configuration Manager
+      href: deployment/deploy-appcontrol-policies-with-memcm.md
+    - name: Deploy App Control policies with script
+      href: deployment/deploy-appcontrol-policies-with-script.md
+    - name: Deploy App Control policies with group policy
+      href: deployment/deploy-appcontrol-policies-using-group-policy.md
+    - name: Audit App Control policies
+      href: deployment/audit-appcontrol-policies.md
+    - name: Merge App Control policies
+      href: deployment/merge-appcontrol-policies.md
+    - name: Enforce App Control policies
+      href: deployment/enforce-appcontrol-policies.md
+    - name: Use code signing for added control and protection with App Control
       href: deployment/use-code-signing-for-better-control-and-protection.md
       items:
-        - name: Deploy catalog files to support WDAC
-          href: deployment/deploy-catalog-files-to-support-wdac.md
-        - name: Use signed policies to protect Windows Defender Application Control against tampering
-          href: deployment/use-signed-policies-to-protect-wdac-against-tampering.md
-        - name: "Optional: Create a code signing cert for WDAC"
-          href: deployment/create-code-signing-cert-for-wdac.md
-    - name: Disable WDAC policies
-      href: deployment/disable-wdac-policies.md
-- name: WDAC operational guide
-  href: operations/wdac-operational-guide.md
+        - name: Deploy catalog files to support App Control
+          href: deployment/deploy-catalog-files-to-support-appcontrol.md
+        - name: Use signed policies to protect App Control for Business against tampering
+          href: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md
+        - name: "Optional: Create a code signing cert for App Control"
+          href: deployment/create-code-signing-cert-for-appcontrol.md
+    - name: Disable App Control policies
+      href: deployment/disable-appcontrol-policies.md
+- name: Operational guide
+  href: operations/appcontrol-operational-guide.md
   items:
-    - name: WDAC debugging and troubleshooting
-      href: operations/wdac-debugging-and-troubleshooting.md
-    - name: Understanding Application Control event IDs
+    - name: App Control debugging and troubleshooting
+      href: operations/appcontrol-debugging-and-troubleshooting.md
+    - name: Understanding App Control event IDs
       href: operations/event-id-explanations.md
-    - name: Understanding Application Control event tags
+    - name: Understanding App Control event tags
       href: operations/event-tag-explanations.md
-    - name: Query WDAC events with Advanced hunting
+    - name: Query App Control events with Advanced hunting
       href: operations/querying-application-control-events-centrally-using-advanced-hunting.md
     - name: Known Issues
       href: operations/known-issues.md
     - name: Managed installer and ISG technical reference and troubleshooting guide
-      href: operations/configure-wdac-managed-installer.md
+      href: operations/configure-appcontrol-managed-installer.md
     - name: CITool.exe technical reference
       href: operations/citool-commands.md
-    - name: Inbox WDAC policies
-      href: operations/inbox-wdac-policies.md
-- name: WDAC AppId Tagging guide
-  href: AppIdTagging/wdac-appid-tagging-guide.md
+    - name: Inbox App Control policies
+      href: operations/inbox-appcontrol-policies.md
+- name: AppId Tagging guide
+  href: AppIdTagging/appcontrol-appid-tagging-guide.md
   items:
     - name: Creating AppId Tagging Policies
       href: AppIdTagging/design-create-appid-tagging-policies.md
diff --git a/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md
new file mode 100644
index 0000000000..5520d9161c
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md
@@ -0,0 +1,64 @@
+---
+title: App Control and AppLocker Overview
+description: Compare Windows application control technologies.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# App Control for Business and AppLocker Overview
+
+[!INCLUDE [Feature availability note](includes/feature-availability-note.md)]
+
+Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: App Control for Business and AppLocker.
+
+## App Control for Business
+
+App Control was introduced with Windows 10 and allows organizations to control which drivers and applications are allowed to run on their Windows clients. It was designed as a security feature under the [servicing criteria](https://www.microsoft.com/msrc/windows-security-servicing-criteria), defined by the Microsoft Security Response Center (MSRC).
+
+App Control policies apply to the managed computer as a whole and affects all users of the device. App Control rules can be defined based on:
+
+- Attributes of the codesigning certificate(s) used to sign an app and its binaries
+- Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file
+- The reputation of the app as determined by Microsoft's [Intelligent Security Graph](design/use-appcontrol-with-intelligent-security-graph.md)
+- The identity of the process that initiated the installation of the app and its binaries ([managed installer](design/configure-authorized-apps-deployed-with-a-managed-installer.md))
+- The [path from which the app or file is launched](design/select-types-of-rules-to-create.md#more-information-about-filepath-rules) (beginning with Windows 10 version 1903)
+- The process that launched the app or binary
+
+> [!NOTE]
+> App Control was originally released as part of Device Guard and called configurable code integrity. Device Guard and configurable code integrity are no longer used except to find where to deploy App Control policy via Group Policy.
+
+### App Control System Requirements
+
+App Control policies can be created and applied on any client edition of Windows 10 or Windows 11, or on Windows Server 2016 and higher. App Control policies can be deployed via a Mobile Device Management (MDM) solution, for example, Intune; a management interface such as Configuration Manager; or a script host such as PowerShell. Group Policy can also be used to deploy App Control policies, but is limited to single-policy format policies that work on Windows Server 2016 and 2019.
+
+For more information on which individual App Control features are available on specific App Control builds, see [App Control feature availability](feature-availability.md).
+
+## AppLocker
+
+AppLocker was introduced with Windows 7, and allows organizations to control which applications are allowed to run on their Windows clients. AppLocker helps to prevent end-users from running unapproved software on their computers but doesn't meet the servicing criteria for being a security feature.
+
+AppLocker policies can apply to all users on a computer, or to individual users and groups. AppLocker rules can be defined based on:
+
+- Attributes of the codesigning certificate(s) used to sign an app and its binaries.
+- Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file.
+- The path from which the app or file is launched.
+
+AppLocker is also used by some features of App Control, including [managed installer](design/configure-authorized-apps-deployed-with-a-managed-installer.md) and the [Intelligent Security Graph](design/use-appcontrol-with-intelligent-security-graph.md).
+
+### AppLocker System Requirements
+
+AppLocker policies can only be configured on and applied to devices that are running on the supported versions and editions of the Windows operating system. For more info, see [Requirements to Use AppLocker](applocker/requirements-to-use-applocker.md).
+AppLocker policies can be deployed using Group Policy or MDM.
+
+## Choose when to use App Control or AppLocker
+
+Generally, customers who are able to implement application control using App Control, rather than AppLocker, should do so. App Control is undergoing continual improvements, and is getting added support from Microsoft management platforms. Although AppLocker continues to receive security fixes, it isn't getting new feature improvements.
+
+However, in some cases, AppLocker might be the more appropriate technology for your organization. AppLocker is best when:
+
+- You have a mixed Windows operating system (OS) environment and need to apply the same policy controls to Windows 10 and earlier versions of the OS.
+- You need to apply different policies for different users or groups on shared computers.
+- You don't want to enforce application control on application files such as DLLs or drivers.
+
+AppLocker can also be deployed as a complement to App Control to add user or group-specific rules for shared device scenarios, where it's important to prevent some users from running specific apps. As a best practice, you should enforce App Control at the most restrictive level possible for your organization, and then you can use AppLocker to further fine-tune the restrictions.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md
similarity index 69%
rename from windows/security/application-security/application-control/windows-defender-application-control/wdac.md
rename to windows/security/application-security/application-control/app-control-for-business/appcontrol.md
index 2d0145d3bc..561da483b6 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
+++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md
@@ -4,14 +4,13 @@ description: Application Control restricts which applications users are allowed
 ms.localizationpriority: medium
 ms.collection:
 - tier3
-ms.date: 08/30/2023
+ms.date: 09/11/2024
 ms.topic: overview
 ---
 
 # Application Control for Windows
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
+[!INCLUDE [Feature availability note](includes/feature-availability-note.md)]
 
 With thousands of new malicious files created every day, using traditional methods like antivirus solutions-signature-based detection to fight against malware-provides an inadequate defense against new attacks.
 
@@ -26,14 +25,14 @@ Application control is a crucial line of defense for protecting enterprises give
 
 Windows 10 and Windows 11 include two technologies that can be used for application control depending on your organization's specific scenarios and requirements:
 
-- **Windows Defender Application Control (WDAC)**; and
+- **App Control for Business**; and
 - **AppLocker**
 
-## WDAC and Smart App Control
+## App Control and Smart App Control
 
-Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-wdac-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example WDAC base policy](design/create-wdac-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy).
+Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on App Control, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-appcontrol-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for App Control enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example App Control base policy](design/create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-app-control-base-policy).
 
-Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first. To turn off Smart App Control across your organization's endpoints, you can set the **VerifiedAndReputablePolicyState** (DWORD) registry value under `HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy` as shown in the following table. After you change the registry value, you must either restart the device or use [CiTool.exe -r](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands#refresh-the-wdac-policies-on-the-system) for the change to take effect.
+Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first. To turn off Smart App Control across your organization's endpoints, you can set the **VerifiedAndReputablePolicyState** (DWORD) registry value under `HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy` as shown in the following table. After you change the registry value, you must either restart the device or use [CiTool.exe -r](operations/citool-commands.md#refresh-the-app-control-policies-on-the-system) for the change to take effect.
 
 | Value | Description |
 |-------|-------------|
@@ -46,7 +45,7 @@ Smart App Control is only available on clean installation of Windows 11 version
 
 ### Smart App Control Enforced Blocks
 
-Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-wdac.md), with a few exceptions for compatibility considerations. The following aren't blocked by Smart App Control:
+Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-appcontrol.md), with a few exceptions for compatibility considerations. The following aren't blocked by Smart App Control:
 
 - Infdefaultinstall.exe
 - Microsoft.Build.dll
@@ -57,7 +56,7 @@ Smart App Control enforces the [Microsoft Recommended Driver Block rules](design
 
 ## Related articles
 
-- [WDAC design guide](design/wdac-design-guide.md)
-- [WDAC deployment guide](deployment/wdac-deployment-guide.md)
-- [WDAC operational guide](operations/wdac-operational-guide.md)
+- [App Control design guide](design/appcontrol-design-guide.md)
+- [App Control deployment guide](deployment/appcontrol-deployment-guide.md)
+- [App Control operational guide](operations/appcontrol-operational-guide.md)
 - [AppLocker overview](applocker/applocker-overview.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
index 76569e20e6..64ec3acfbf 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
@@ -3,7 +3,7 @@ title: Add rules for packaged apps to existing AppLocker rule-set
 description: This article for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Add rules for packaged apps to existing AppLocker rule-set
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md
index a095fd7246..d2e0c1da1e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md
@@ -3,7 +3,7 @@ title: Administer AppLocker
 description: This article for IT professionals provides links to specific procedures to use when administering AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Administer AppLocker
@@ -27,11 +27,11 @@ AppLocker helps administrators control how users can access and use files, such
 | [Edit an AppLocker policy](edit-an-applocker-policy.md) | This article for IT professionals describes the steps required to modify an AppLocker policy. |
 | [Test and update an AppLocker policy](test-and-update-an-applocker-policy.md) | This article discusses the steps required to test an AppLocker policy prior to deployment. |
 | [Deploy AppLocker policies by using the enforce rules setting](deploy-applocker-policies-by-using-the-enforce-rules-setting.md) | This article for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method. |
-| [Use the AppLocker Windows PowerShell cmdlets](use-the-applocker-windows-powershell-cmdlets.md) | This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies. |
+| [Use the AppLocker Windows PowerShell cmdlets](use-the-applocker-windows-powershell-cmdlets.md) | This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker policies. |
 | [Optimize AppLocker performance](optimize-applocker-performance.md) | This article for IT professionals describes how to optimize AppLocker policy enforcement. |
 | [Monitor app usage with AppLocker](monitor-application-usage-with-applocker.md) | This article for IT professionals describes how to monitor app usage when AppLocker policies are applied. |
 | [Manage packaged apps with AppLocker](manage-packaged-apps-with-applocker.md) | This article for IT professionals describes concepts and lists procedures to help you manage Packaged apps with AppLocker as part of your overall application control strategy. |
-| [Working with AppLocker rules](working-with-applocker-rules.md) | This article for IT professionals describes AppLocker rule types and how to work with them for your application control policies. |
+| [Working with AppLocker rules](working-with-applocker-rules.md) | This article for IT professionals describes AppLocker rule types and how to work with them for your policies. |
 | [Working with AppLocker policies](working-with-applocker-policies.md) | This article for IT professionals provides links to procedural articles about creating, maintaining, and testing AppLocker policies. |
 
 ## Using the MMC snap-ins to administer AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md
index 763fd8e86d..7314cce2f9 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md
@@ -3,7 +3,7 @@ title: AppLocker architecture and components
 description: This article for IT professional describes AppLocker’s basic architecture and its major components.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker architecture and components
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md
index 8ab68a0205..2ce3ad5532 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md
@@ -3,7 +3,7 @@ title: AppLocker functions
 description: This article for the IT professional lists the functions and security levels for AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker functions
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md
similarity index 92%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md
index 654b172dca..1af7a371bb 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md
@@ -1,23 +1,23 @@
 ---
 title: AppLocker
-description: This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies.
+description: This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker policies.
 ms.collection:
 - tier3
 - must-keep
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # AppLocker
 
-This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of Windows Defender Application Control.
+This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of App Control for Business.
 
 > [!NOTE]
-> AppLocker is a defense-in-depth security feature and not considered a defensible Windows [security feature](https://www.microsoft.com/msrc/windows-security-servicing-criteria). [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview) should be used when the goal is to provide robust protection against a threat and there are expected to be no by-design limitations that would prevent the security feature from achieving this goal.
+> AppLocker is a defense-in-depth security feature and not considered a defensible Windows [security feature](https://www.microsoft.com/msrc/windows-security-servicing-criteria). [App Control for Business](../appcontrol-and-applocker-overview.md) should be used when the goal is to provide robust protection against a threat and there are expected to be no by-design limitations that would prevent the security feature from achieving this goal.
 
 > [!NOTE]
-> By default, AppLocker policy only applies to code launched in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to non-user processes, including those running as SYSTEM. For more information, see [AppLocker rule collection extensions](/windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions#services-enforcement).
+> By default, AppLocker policy only applies to code launched in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to non-user processes, including those running as SYSTEM. For more information, see [AppLocker rule collection extensions](rule-collection-extensions.md#services-enforcement).
 
 AppLocker can help you:
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md
index cb437f92b7..8520621d36 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md
@@ -3,7 +3,7 @@ title: AppLocker deployment guide
 description: This article for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker deployment guide
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md
similarity index 83%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md
index 0299b53b2a..174ed4907c 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md
@@ -3,7 +3,7 @@ title: AppLocker design guide
 description: This article for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker design guide
@@ -12,14 +12,14 @@ This article for the IT professional introduces the design and planning steps re
 
 This guide provides important designing and planning information for deploying application control policies by using AppLocker. Through a sequential and iterative process, you can create an AppLocker policy deployment plan for your organization that addresses your specific application control requirements by department, organizational unit, or business group.
 
-To understand if AppLocker is the correct application control solution for your organization, see [Windows Defender Application Control and AppLocker overview](/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview).
+To understand if AppLocker is the correct application control solution for your organization, see [App Control for Business and AppLocker overview](../appcontrol-and-applocker-overview.md).
 
 ## In this section
 
 | Article | Description |
 | --- | --- |
 | [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md) | This article describes AppLocker design questions, possible answers, and other considerations when you plan a deployment of application control policies by using AppLocker. |
-| [Determine your application control objectives](determine-your-application-control-objectives.md) | This article helps you with the decisions you need to make to determine what applications to control and how to control them using AppLocker. |
+| [Determine your application control objectives](../appcontrol-and-applocker-overview.md) | This article helps you with the decisions you need to make to determine what applications to control and how to control them using AppLocker. |
 | [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md) | This article describes the process of gathering app usage requirements from each business group in order to implement application control policies by using AppLocker. |
 | [Select the types of rules to create](select-types-of-rules-to-create.md) | This article lists resources you can use when selecting your application control policy rules by using AppLocker. |
 | [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) | This overview article describes the process to follow when you're planning to deploy AppLocker rules. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md
index a2776beaac..0d11e182ca 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md
@@ -3,7 +3,7 @@ title: AppLocker policy use scenarios
 description: This article for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker policy use scenarios
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md
similarity index 94%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md
index 36cd302f29..4bc0bd0949 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md
@@ -3,13 +3,12 @@ title: AppLocker processes and interactions
 description: This article for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker processes and interactions
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 This article for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
 
@@ -77,7 +76,7 @@ There are three different types of conditions that can be applied to rules:
 
 An AppLocker policy is a set of rule collections and their corresponding configured enforcement mode settings applied to one or more computers.
 
-- [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md)
+- [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes)
 
     Rule enforcement is applied only to collections of rules, not individual rules. AppLocker divides the rules into four collections: executable files, Windows Installer files, scripts, and DLL files. The options for rule enforcement are **Not configured**, **Enforce rules**, or **Audit only**. Together, all AppLocker rule collections compose the application control policy, or AppLocker policy. By default, if enforcement isn't configured and rules are present in a rule collection, those rules are enforced.
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md
index 0952a3d433..5dd3820526 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md
@@ -3,7 +3,7 @@ title: AppLocker technical reference
 description: This overview article for IT professionals provides links to the articles in the technical reference.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # AppLocker technical reference
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md
index b6654f9688..422f3a9acd 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md
@@ -3,7 +3,7 @@ title: Configure an AppLocker policy for audit only
 description: This article for IT professionals describes how to set AppLocker policies to Audit only within your IT environment by using AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Configure an AppLocker policy for audit only
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md
index 5762b9c128..07c51af5bb 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md
@@ -3,7 +3,7 @@ title: Configure an AppLocker policy for enforce rules
 description: This article for IT professionals describes the steps to enable the AppLocker policy enforcement setting.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Configure an AppLocker policy for enforce rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md
index 3e1a1dcca4..11900e02c0 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md
@@ -3,7 +3,7 @@ title: Add exceptions for an AppLocker rule
 description: This article for IT professionals describes the steps to specify which apps can or can't run as exceptions to an AppLocker rule.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Add exceptions for an AppLocker rule
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md
index 9ad52b4cd3..f6acca16ba 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md
@@ -3,7 +3,7 @@ title: Configure the AppLocker reference device
 description: This article for the IT professional describes the steps to create an AppLocker policy platform structure on a reference computer.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Configure the AppLocker reference device
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md
index b31f8f059d..c4156e9b57 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md
@@ -3,7 +3,7 @@ title: Configure the Application Identity service
 description: This article for IT professionals shows how to configure the Application Identity service to start automatically or manually.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Configure the Application Identity service
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md
index 6f06404070..07fd6f2866 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md
@@ -3,7 +3,7 @@ title: Create a rule for packaged apps
 description: This article for IT professionals shows how to create an AppLocker rule for packaged apps with a publisher condition.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Create a rule for packaged apps
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md
index a486b03055..b764bb0493 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md
@@ -3,7 +3,7 @@ title: Create a rule that uses a file hash condition
 description: This article for IT professionals shows how to create an AppLocker rule with a file hash condition.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Create a rule that uses a file hash condition
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md
index c90bf8fe32..fe26c1ee6a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md
@@ -3,7 +3,7 @@ title: Create a rule that uses a path condition
 description: This article for IT professionals shows how to create an AppLocker rule with a path condition.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Create a rule that uses a path condition
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md
index 8da8f1de23..9b07438ec7 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md
@@ -3,7 +3,7 @@ title: Create a rule that uses a publisher condition
 description: This article for IT professionals shows how to create an AppLocker rule with a publisher condition.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Create a rule that uses a publisher condition
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md
index b6ddfb364e..fd2aa8e292 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md
@@ -3,7 +3,7 @@ title: Create AppLocker default rules
 description: This article for IT professionals describes the steps to create a standard set of AppLocker rules that allow Windows system files to run.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Create AppLocker default rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md
index de0b5c522f..f015e79882 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md
@@ -3,7 +3,7 @@ title: Create a list of apps deployed to each business group
 description: This article describes the process of gathering app usage requirements from each business group to implement application control policies by using AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Gathering app usage requirements
@@ -30,7 +30,7 @@ Using the Automatically Generate Rules wizard quickly creates rules for the appl
 Using the **Audit only** enforcement method permits you to view the logs because it collects information about every process on the computers receiving the Group Policy Object (GPO). Therefore, you can evaluate the possible effects of enforcement on computers in a business group. AppLocker includes Windows PowerShell cmdlets that you can use to analyze the events from the event log and cmdlets to create rules. However, when you use Group Policy to deploy to several computers, a means to collect events in a central location is important for manageability. Because AppLocker logs information about files that users or other processes start on a computer, you could miss creating some rules initially. Therefore, you should continue your evaluation until you can verify that all required applications that are allowed to run are accessed successfully.
 
 > [!TIP]
-> If you run Application Verifier against a custom application with any AppLocker policies enabled, it might prevent the application from running. You should either disable Application Verifier or AppLocker.  
+> If you run Application Verifier against a custom application with any AppLocker policies enabled, it might prevent the application from running. You should either disable Application Verifier or AppLocker.
 
 You can create an inventory of Packaged apps on a device by using two methods: the **Get-AppxPackage** Windows PowerShell cmdlet or the AppLocker console.
 
@@ -44,7 +44,7 @@ The following articles describe how to perform each method:
 Identify the business group and each organizational unit (OU) within that group for application control policies. In addition, you should identify whether or not AppLocker is the most appropriate solution for these policies. For info about these steps, see the following articles:
 
 - [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md)
-- [Determine your application control objectives](determine-your-application-control-objectives.md)
+- [Determine your application control objectives](../appcontrol-and-applocker-overview.md)
 
 ## Next steps
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md
index 1b14478169..69119137f4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md
@@ -3,7 +3,7 @@ title: Create Your AppLocker policies
 description: This overview article for the IT professional describes the steps to create an AppLocker policy and prepare it for deployment.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Create Your AppLocker policies
@@ -18,7 +18,7 @@ You can develop an application control policy plan to guide you in making succes
 
 1. [Understand the AppLocker policy deployment process](understand-the-applocker-policy-deployment-process.md)
 2. [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md)
-3. [Determine your application control objectives](determine-your-application-control-objectives.md)
+3. [Determine your application control objectives](../appcontrol-and-applocker-overview.md)
 4. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md)
 5. [Select the types of rules to create](select-types-of-rules-to-create.md)
 6. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md
index e04367462f..415e9582f8 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md
@@ -3,7 +3,7 @@ title: Create Your AppLocker rules
 description: This article for the IT professional describes what you need to know about AppLocker rules and the methods that you can to create rules.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Create Your AppLocker rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md
index 0c7ba5799c..95836e5b28 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md
@@ -3,7 +3,7 @@ title: Delete an AppLocker rule
 description: This article for IT professionals describes the steps to delete an AppLocker rule.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Delete an AppLocker rule
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
similarity index 92%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
index e974fdf194..83e603b364 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
@@ -3,7 +3,7 @@ title: Deploy AppLocker policies by using the enforce rules setting
 description: This article for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Deploy AppLocker policies by using the enforce rules setting
@@ -14,7 +14,7 @@ This article for IT professionals describes the steps to deploy AppLocker polici
 
 These procedures assume that your AppLocker policies are deployed with the enforcement mode set to **Audit only**, and you have been collecting data through the AppLocker event logs and other channels to determine what effect these policies have on your environment and the policy's adherence to your application control design.
 
-For info about the AppLocker policy enforcement setting, see [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md).
+For info about the AppLocker policy enforcement setting, see [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes).
 
 For info about how to plan an AppLocker policy deployment, see [AppLocker Design Guide](applocker-policies-design-guide.md).
 
@@ -24,7 +24,7 @@ Updating an AppLocker policy that is currently enforced in your production envir
 
 ## Step 2: Alter the enforcement setting
 
-Rule enforcement is applied to all rules within a rule collection, not to individual rules. AppLocker divides the rules into collections: executable files, Windows Installer files, packaged apps, scripts, and DLL files. For information about the enforcement mode setting, see [Understand AppLocker Enforcement Settings](understand-applocker-enforcement-settings.md). For the procedure to alter the enforcement mode setting, see [Configure an AppLocker policy for audit only](configure-an-applocker-policy-for-audit-only.md).
+Rule enforcement is applied to all rules within a rule collection, not to individual rules. AppLocker divides the rules into collections: executable files, Windows Installer files, packaged apps, scripts, and DLL files. For information about the enforcement mode setting, see [Understand AppLocker Enforcement Settings](working-with-applocker-rules.md#enforcement-modes). For the procedure to alter the enforcement mode setting, see [Configure an AppLocker policy for audit only](configure-an-applocker-policy-for-audit-only.md).
 
 ## Step 3: Update the policy
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md
index d2ef52adad..941a047e99 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md
@@ -3,7 +3,7 @@ title: Deploy the AppLocker policy into production
 description: This article for the IT professional describes the tasks that should be completed before you deploy AppLocker application control settings.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Deploy the AppLocker policy into production
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md
similarity index 87%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md
index fb13e22d88..29380fe1e1 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md
@@ -3,7 +3,7 @@ title: Determine the Group Policy structure and rule enforcement
 description: This overview article describes the process to follow when you're planning to deploy AppLocker rules.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Determine the Group Policy structure and rule enforcement
@@ -14,7 +14,7 @@ This overview article describes the process to follow when you're planning to de
 
 | Article | Description |
 | --- | --- |
-| [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md) | This article describes the AppLocker enforcement settings for rule collections. |
+| [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes) | This article describes the AppLocker enforcement settings for rule collections. |
 | [Understand AppLocker rules and enforcement setting inheritance in Group Policy](understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md) | This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.|
 | [Document the Group Policy structure and AppLocker rule enforcement](document-group-policy-structure-and-applocker-rule-enforcement.md) | This planning article describes what you need to investigate, determine, and document for your policy plan when you use AppLocker. |
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
index 56fef83f74..e1c6c88c0a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
@@ -3,7 +3,7 @@ title: Find digitally signed apps on a reference device
 description: This article for the IT professional describes how to use AppLocker logs and tools to determine which applications are digitally signed.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Determine which apps are digitally signed on a reference device
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
index 64307b01ba..bf1a962a76 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
@@ -3,7 +3,7 @@ title: Display a custom URL message when users try to run a blocked app
 description: This article for IT professionals describes the steps for displaying a customized message to users when an AppLocker policy blocks an app.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Display a custom URL message when users try to run a blocked app
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md
index 36da65e276..054c18fb61 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md
@@ -3,7 +3,7 @@ title: DLL rules in AppLocker
 description: This article describes the file formats and available default rules for the DLL rule collection.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # DLL rules in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
similarity index 95%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
index 294689bc28..b440a69b68 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
@@ -3,7 +3,7 @@ title: Document Group Policy structure & AppLocker rule enforcement
 description: This planning article describes what you need to include in your plan when you use AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Document the Group Policy structure and AppLocker rule enforcement
@@ -14,7 +14,7 @@ This planning article describes what you should include in your plan when you us
 
 To complete this AppLocker planning document, you should first complete the following steps:
 
-1. [Determine your application control objectives](determine-your-application-control-objectives.md)
+1. [Determine your application control objectives](../appcontrol-and-applocker-overview.md)
 2. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md)
 3. [Select the types of rules to create](select-types-of-rules-to-create.md)
 4. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md
index f42d12d410..00e357875d 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md
@@ -3,7 +3,7 @@ title: Document your app list
 description: This planning article describes the app information that you should document when you create a list of apps for AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Document your app list
@@ -14,7 +14,7 @@ This planning article describes the app information that you should document whe
 
 ### Apps
 
-Record the name of the app, its publisher information (if digitally signed), and its importance to the business. 
+Record the name of the app, its publisher information (if digitally signed), and its importance to the business.
 
 ### Installation path
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md
index 1d5ff7d78e..efd0c0211f 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md
@@ -3,7 +3,7 @@ title: Document your AppLocker rules
 description: Learn how to document your AppLocker rules and associate rule conditions with files, permissions, rule source, and implementation.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Document your AppLocker rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md
index fe3ac2062b..3ebf404dc6 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md
@@ -3,7 +3,7 @@ title: Edit an AppLocker policy
 description: This article for IT professionals describes the steps required to modify an AppLocker policy.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Edit an AppLocker policy
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md
index 111678d496..7ae6e91083 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md
@@ -3,7 +3,7 @@ title: Edit AppLocker rules
 description: This article for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Edit AppLocker rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md
index d48deeaad8..c2569a0918 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md
@@ -3,7 +3,7 @@ title: Enable the DLL rule collection
 description: This article for IT professionals describes the steps to enable the DLL rule collection feature for AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Enable the DLL rule collection
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md
index 757d76eb6c..2abb621ddc 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md
@@ -3,7 +3,7 @@ title: Enforce AppLocker rules
 description: This article for IT professionals describes how to enforce application control rules by using AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Enforce AppLocker rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md
index e90dc2b98e..99ffe04a6d 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md
@@ -3,7 +3,7 @@ title: Executable rules in AppLocker
 description: This article describes the file formats and available default rules for the executable rule collection.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Executable rules in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md
index b4150f2544..c9fe560838 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md
@@ -3,7 +3,7 @@ title: Export an AppLocker policy from a GPO
 description: This article for IT professionals describes the steps to export an AppLocker policy from a Group Policy Object (GPO) so that it can be modified.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Export an AppLocker policy from a GPO
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md
similarity index 97%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md
index 9612096a6e..106a4d836e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md
@@ -3,7 +3,7 @@ title: Export an AppLocker policy to an XML file
 description: This article for IT professionals describes the steps to export an AppLocker policy to an XML file for review or testing.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Export an AppLocker policy to an XML file
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md b/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md
index b2f3e10097..c704a9e977 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md
@@ -3,7 +3,7 @@ title: How AppLocker works
 description: This article for the IT professional provides links to articles about AppLocker architecture and components, processes and interactions, rules and policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # How AppLocker works
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plan-inheritance.gif
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif
rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plan-inheritance.gif
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plandeploy-quickreference.gif
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif
rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plandeploy-quickreference.gif
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/blockedappmsg.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/blockedappmsg.gif
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/blockedappmsg.gif
rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/blockedappmsg.gif
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md
index 6998942c9b..2472b7892c 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md
@@ -3,7 +3,7 @@ title: Import an AppLocker policy from another computer
 description: This article for IT professionals describes how to import an AppLocker policy.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Import an AppLocker policy from another computer
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md
index cf00b805b3..039d978649 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md
@@ -3,7 +3,7 @@ title: Import an AppLocker policy into a GPO
 description: This article for IT professionals describes the steps to import an AppLocker policy into a Group Policy Object (GPO).
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Import an AppLocker policy into a GPO
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md
index 75f6df943a..a4926c5f73 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md
@@ -3,7 +3,7 @@ title: Maintain AppLocker policies
 description: Learn how to maintain rules within AppLocker policies. View common AppLocker maintenance scenarios and see the methods to use to maintain AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Maintain AppLocker policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md
index f190ea35b7..b3e041a0f1 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md
@@ -3,7 +3,7 @@ title: Manage packaged apps with AppLocker
 description: Learn concepts and lists procedures to help you manage packaged apps with AppLocker as part of your overall application control strategy.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/20/2023
+ms.date: 09/11/2024
 ---
 
 # Manage packaged apps with AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
similarity index 89%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
index 2489e8b738..4df24222a0 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
@@ -3,14 +3,14 @@ title: Merge AppLocker policies by using Set-ApplockerPolicy
 description: This article for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Merge AppLocker policies by using Set-ApplockerPolicy
 
 This article for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell.
 
-The **Set-AppLockerPolicy** cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local policy is used. When the Merge parameter is used, rules in the specified AppLocker policy are merged with the AppLocker rules in the target GPO specified in the LDAP path. Merging policies removes rules with duplicate rule IDs, and the enforcement mode setting is chosen as described in [Working with AppLocker rules](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#enforcement-modes). If the Merge parameter isn't specified, then the new policy overwrites the existing policy.
+The **Set-AppLockerPolicy** cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local policy is used. When the Merge parameter is used, rules in the specified AppLocker policy are merged with the AppLocker rules in the target GPO specified in the LDAP path. Merging policies removes rules with duplicate rule IDs, and the enforcement mode setting is chosen as described in [Working with AppLocker rules](working-with-applocker-rules.md#enforcement-modes). If the Merge parameter isn't specified, then the new policy overwrites the existing policy.
 
 For info about using **Set-AppLockerPolicy**, including syntax descriptions and parameters, see [Set-AppLockerPolicy](/powershell/module/applocker/set-applockerpolicy).
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md
similarity index 79%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md
index a17f0dbc2f..324bef3248 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md
@@ -3,7 +3,7 @@ title: Merge AppLocker policies manually
 description: This article for IT professionals describes the steps to manually merge AppLocker policies to update the Group Policy Object (GPO).
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Merge AppLocker policies manually
@@ -12,7 +12,7 @@ This article for IT professionals describes the steps to manually merge AppLocke
 
 If you need to merge multiple AppLocker policies into a single one, you can either manually merge the policies or use the Windows PowerShell cmdlets for AppLocker. You can't automatically merge policies by using the AppLocker console. For info about merging policies by using Windows PowerShell, see [Merge AppLocker policies by using Set-ApplockerPolicy](merge-applocker-policies-by-using-set-applockerpolicy.md).
 
-The AppLocker policy is stored in XML format, and an exported policy can be edited with any text or XML editor. To export an AppLocker policy, see [Export an AppLocker policy to an XML file](/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file). Before making changes to an AppLocker policy manually, review [Working with AppLocker rules](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules).
+The AppLocker policy is stored in XML format, and an exported policy can be edited with any text or XML editor. To export an AppLocker policy, see [Export an AppLocker policy to an XML file](export-an-applocker-policy-to-an-xml-file.md). Before making changes to an AppLocker policy manually, review [Working with AppLocker rules](working-with-applocker-rules.md).
 
 Membership in the local **Administrators** group, or equivalent, is the minimum required to complete this procedure.
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md
index 984bdf95d2..14b704afe3 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md
@@ -3,7 +3,7 @@ title: Monitor app usage with AppLocker
 description: This article for IT professionals describes how to monitor app usage when AppLocker policies are applied.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/19/2023
+ms.date: 09/11/2024
 ---
 
 # Monitor app usage with AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md b/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md
index 63277272b1..f160bda367 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md
@@ -3,7 +3,7 @@ title: Optimize AppLocker performance
 description: This article for IT professionals describes how to optimize AppLocker policy enforcement.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Optimize AppLocker performance
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
index d084a76681..7085567383 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
@@ -3,7 +3,7 @@ title: Packaged apps and packaged app installer rules in AppLocker
 description: This article explains the AppLocker rule collection for packaged app installers and packaged apps.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Packaged apps and packaged app installer rules in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md
index d82b85d412..51f30ea841 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md
@@ -3,7 +3,7 @@ title: Plan for AppLocker policy management
 description: This article describes the decisions you need to make to establish the processes for managing and maintaining AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Plan for AppLocker policy management
@@ -58,7 +58,7 @@ AppLocker event log is located in the following path: **Applications and Service
 2. **MSI and Script**. Contains events for all files affected by the Windows Installer and script rule collections (.msi, .msp, .ps1, .bat, .cmd, .vbs, and .js).
 3. **Packaged app-Deployment** or **Packaged app-Execution**, contains events for all Universal Windows apps affected by the packaged app and packed app installer rule collection (.appx).
 
-Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems. 
+Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems.
 
 ### Policy maintenance
 
@@ -101,7 +101,7 @@ Before editing the rule collection, first determine what rule is preventing the
 
 To complete this AppLocker planning document, you should first complete the following steps:
 
-1. [Determine your application control objectives](determine-your-application-control-objectives.md)
+1. [Determine your application control objectives](../appcontrol-and-applocker-overview.md)
 2. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md)
 3. [Select the types of rules to create](select-types-of-rules-to-create.md)
 4. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md
index 4dcd7f89ab..5d2df1f250 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md
@@ -3,7 +3,7 @@ title: Refresh an AppLocker policy
 description: This article for IT professionals describes the steps to force an update for an AppLocker policy.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Refresh an AppLocker policy
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md
index eb55e89166..2caf917483 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md
@@ -3,7 +3,7 @@ title: Requirements for deploying AppLocker policies
 description: This deployment article for the IT professional lists the requirements that you need to consider before you deploy AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Requirements for deploying AppLocker policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md
index 3d5dcd1008..7bb94f1197 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md
@@ -3,7 +3,7 @@ title: Requirements to use AppLocker
 description: This article for the IT professional lists software requirements to use AppLocker on the supported Windows operating systems.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Requirements to use AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md
similarity index 86%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md
index f8756d82ac..e4481ab2c7 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md
@@ -6,7 +6,7 @@ ms.collection:
 - must-keep
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 06/07/2024
+ms.date: 09/11/2024
 ---
 
 # AppLocker rule collection extensions
@@ -29,7 +29,7 @@ This article describes the rule collection extensions added in Windows 10 and la
 
 ## Services enforcement
 
-By default, AppLocker policy only applies to code running in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to nonuser processes, including services running as SYSTEM. You must enable services enforcement when using AppLocker with Windows Defender Application Control's (WDAC) [managed installer](/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer) feature.
+By default, AppLocker policy only applies to code running in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to nonuser processes, including services running as SYSTEM. You must enable services enforcement when using AppLocker with App Control for Business's [managed installer](../design/configure-authorized-apps-deployed-with-a-managed-installer.md) feature.
 
 To apply AppLocker policy to nonuser processes, set ``<Services EnforcementMode="Enabled"/>`` in the ``<ThresholdExtensions>`` section as shown in the preceding XML fragment.
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md
index d4d62202c4..3108458c0f 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md
@@ -3,7 +3,7 @@ title: Run the Automatically Generate Rules wizard
 description: This article for IT professionals describes steps to run the wizard to create AppLocker rules on a reference device.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Run the Automatically Generate Rules wizard
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md
index 0343d4d644..bc342eba8b 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md
@@ -3,7 +3,7 @@ title: Script rules in AppLocker
 description: This article describes the file formats and available default rules for the script rule collection.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Script rules in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md
index 0422c26a4d..6a11796ca7 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md
@@ -3,7 +3,7 @@ title: Security considerations for AppLocker
 description: This article for the IT professional describes the security considerations you need to address when implementing AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Security considerations for AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md
index 6c5dde6cc8..8000ce41d4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md
@@ -3,7 +3,7 @@ title: Select the types of rules to create
 description: This article lists resources you can use when selecting your application control policy rules by using AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Select the types of rules to create
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
index 180145ef77..c7042db13e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
@@ -3,7 +3,7 @@ title: Test an AppLocker policy by using Test-AppLockerPolicy
 description: This article for IT professionals describes the steps to test an AppLocker policy prior to importing it into a Group Policy Object (GPO) or another computer.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Test an AppLocker policy by using Test-AppLockerPolicy
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md
index e47477a31a..00e03f5081 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md
@@ -3,7 +3,7 @@ title: Test and update an AppLocker policy
 description: This article discusses the steps required to test an AppLocker policy prior to deployment.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Test and update an AppLocker policy
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md
index 38354ddb98..5b1ed0083d 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md
@@ -3,7 +3,7 @@ title: Tools to use with AppLocker
 description: This article for the IT professional describes the tools available to create and administer AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Tools to use with AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md
index 898b41da58..3cc00fdf6e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md
@@ -3,7 +3,7 @@ title: Understand AppLocker policy design decisions
 description: Review some common considerations while you're planning to use AppLocker to deploy application control policies within a Windows environment.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Understand AppLocker policy design decisions
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
similarity index 93%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
index e2740a5bf6..89f62e0cb9 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
@@ -3,14 +3,14 @@ title: Understand AppLocker rules and enforcement setting inheritance in Group P
 description: This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Understand AppLocker rules and enforcement setting inheritance in Group Policy
 
 This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.
 
-Rule enforcement is applied only to collections of rules, not individual rules. For more info on rule collections, see [AppLocker rule collections](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#rule-collections).
+Rule enforcement is applied only to collections of rules, not individual rules. For more info on rule collections, see [AppLocker rule collections](working-with-applocker-rules.md#rule-collections).
 
 Group Policy merges AppLocker policy in two ways:
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md
index 3340e10f44..43e63220e5 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md
@@ -3,7 +3,7 @@ title: Understand the AppLocker policy deployment process
 description: This planning and deployment article for the IT professional describes the process for using AppLocker when deploying application control policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Understand the AppLocker policy deployment process
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
index bd84599f4e..86c795601f 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker allow and deny actions on rules
 description: This article explains the differences between allow and deny actions on AppLocker rules.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker allow and deny actions on rules
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md
similarity index 95%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md
index b70374af0f..67b52608e3 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker default rules
 description: This article for IT professional describes the set of rules that can be used to ensure that required Windows system files continue to run when the policy is applied.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker default rules
@@ -29,9 +29,9 @@ These permissions settings are applied to this folder for app compatibility. How
 | --- | --- |
 | [Executable rules in AppLocker](executable-rules-in-applocker.md) | This article describes the file formats and available default rules for the executable rule collection. |
 | [Windows Installer rules in AppLocker](windows-installer-rules-in-applocker.md) | This article describes the file formats and available default rules for the Windows Installer rule collection.|
-| [Script rules in AppLocker](script-rules-in-applocker.md) | This article describes the file formats and available default rules for the script rule collection.| 
-| [DLL rules in AppLocker](dll-rules-in-applocker.md) | This article describes the file formats and available default rules for the DLL rule collection.| 
-| [Packaged apps and packaged app installer rules in AppLocker](packaged-apps-and-packaged-app-installer-rules-in-applocker.md) | This article explains the AppLocker rule collection for packaged app installers and packaged apps.| 
+| [Script rules in AppLocker](script-rules-in-applocker.md) | This article describes the file formats and available default rules for the script rule collection.|
+| [DLL rules in AppLocker](dll-rules-in-applocker.md) | This article describes the file formats and available default rules for the DLL rule collection.|
+| [Packaged apps and packaged app installer rules in AppLocker](packaged-apps-and-packaged-app-installer-rules-in-applocker.md) | This article explains the AppLocker rule collection for packaged app installers and packaged apps.|
 
 ## Related articles
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md
index e97d2e0962..0d9b08e51c 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker rule behavior
 description: This article describes how AppLocker rules are enforced by using the allow and deny options in AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker rule behavior
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md
index bd418d4ce7..8ee9ed92d5 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker rule collections
 description: This article explains the five different types of AppLocker rule collections used to enforce AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker rule collections
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md
index 2c4967a466..1bbbc6329c 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker rule condition types
 description: This article for the IT professional describes the three types of AppLocker rule conditions.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker rule condition types
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md
similarity index 94%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md
index 2df99102d0..b95fadae6e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md
@@ -3,7 +3,7 @@ title: Understanding AppLocker rule exceptions
 description: This article describes the result of applying AppLocker rule exceptions to rule collections.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding AppLocker rule exceptions
@@ -14,8 +14,8 @@ This article describes the result of applying AppLocker rule exceptions to rule
 
 You can apply AppLocker rules to individual users or a group of users. If you apply a rule to a group of users, the rule affects all users in that group. If you need to allow a subset of a user group to use an app, you can create a special rule for that subset.
 
-For example, the rule "Allow Everyone to run Windows except Registry Editor" allows Everyone to run Windows binaries, but doesn't allow anyone to run Registry Editor (by adding %WINDIR%\regedit.exe as a Path Exception for the rule).  
-The effect of this rule would prevent users such as Helpdesk personnel from running the Registry Editor, a program that is necessary for their support tasks.  
+For example, the rule "Allow Everyone to run Windows except Registry Editor" allows Everyone to run Windows binaries, but doesn't allow anyone to run Registry Editor (by adding %WINDIR%\regedit.exe as a Path Exception for the rule).
+The effect of this rule would prevent users such as Helpdesk personnel from running the Registry Editor, a program that is necessary for their support tasks.
 To resolve this problem, create a second rule that applies to the Helpdesk user group: "Allow Helpdesk to run Registry Editor" and add %WINDIR%\regedit.exe as an allowed path. If you create a deny rule that blocks Registry Editor for all users, the deny rule overrides the second rule that allows the Helpdesk user group to run Registry Editor.
 
 ## Related articles
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
index 9937009a5e..b9460ff54a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
@@ -3,7 +3,7 @@ title: Understanding the file hash rule condition in AppLocker
 description: This article explains how to use the AppLocker file hash rule condition and its advantages and disadvantages.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding the file hash rule condition in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md
index 2d1d4b9cae..4175eba0ef 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md
@@ -3,7 +3,7 @@ title: Understanding the path rule condition in AppLocker
 description: This article explains how to apply the AppLocker path rule condition and its advantages and disadvantages.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding the path rule condition in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md
index 171ef6e3f1..be3c3767d4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md
@@ -3,7 +3,7 @@ title: Understanding the publisher rule condition in AppLocker
 description: This article explains how to apply the AppLocker publisher rule condition and what controls are available.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # Understanding the publisher rule condition in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
index 47b1b1388d..8bc76ea93a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
@@ -3,7 +3,7 @@ title: Use a reference device to create and maintain AppLocker policies
 description: This article for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/22/2023
+ms.date: 09/11/2024
 ---
 
 # Use a reference device to create and maintain AppLocker policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md
index 0678fb60b9..574c33a03b 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md
@@ -3,7 +3,7 @@ title: Use the AppLocker Windows PowerShell cmdlets
 description: This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 01/03/2024
+ms.date: 09/11/2024
 ---
 
 # Use the AppLocker Windows PowerShell cmdlets
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md
index 19b2256345..65fa1be015 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md
@@ -3,7 +3,7 @@ title: Using Event Viewer with AppLocker
 description: This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 <!-- NOTE to reviewers. This article might fail Acrolinx checks because the Events documented are poorly worded... -->
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md
similarity index 86%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md
index 256c416dbf..9fa362969d 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md
@@ -3,14 +3,14 @@ title: What Is AppLocker
 description: This article for the IT professional describes what AppLocker is.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/23/2023
+ms.date: 09/11/2024
 ---
 
 # What Is AppLocker?
 
 This article for the IT professional describes what AppLocker is.
 
-Windows includes two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker. For information to help you choose when to use WDAC or AppLocker, see [WDAC and AppLocker overview](/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview).
+Windows includes two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: App Control for Business and AppLocker. For information to help you choose when to use App Control or AppLocker, see [App Control and AppLocker overview](../appcontrol-and-applocker-overview.md).
 
 AppLocker helps you create rules to allow or deny apps from running based on information about the apps' files. You can also use AppLocker to control which users or groups can run those apps.
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md
index e64e6e97ff..cfc1ce02c6 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md
@@ -3,7 +3,7 @@ title: Windows Installer rules in AppLocker
 description: This article describes the file formats and available default rules for the Windows Installer rule collection.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/24/2023
+ms.date: 09/11/2024
 ---
 
 # Windows Installer rules in AppLocker
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md
index 189d8f1654..2a7f5153ec 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md
@@ -3,7 +3,7 @@ title: Working with AppLocker policies
 description: This article for IT professionals provides links to procedural articles about creating, maintaining, and testing AppLocker policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ---
 
 # Working with AppLocker policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md
index e06ef57ede..c827358a61 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md
@@ -3,7 +3,7 @@ title: Working with AppLocker rules
 description: This article for IT professionals describes AppLocker rule types and how to work with them for your application control policies.
 ms.localizationpriority: medium
 msauthor: jsuther
-ms.date: 12/21/2023
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md
new file mode 100644
index 0000000000..4ee7ef2757
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md
@@ -0,0 +1,55 @@
+---
+title: Deploying App Control for Business policies
+description: Learn how to plan and implement an App Control deployment.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: overview
+---
+
+# Deploying App Control for Business policies
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+You should now have one or more App Control for Business policies ready to deploy. If you haven't yet completed the steps described in the [App Control Design Guide](../design/appcontrol-design-guide.md), do so now before proceeding.
+
+## Convert your App Control policy XML to binary
+
+Before you deploy your App Control policies, you must first convert the XML to its binary form. You can do this using the following PowerShell example. You must set the $AppControlPolicyXMLFile variable to point to your App Control policy XML file.
+
+```powershell
+## Update the path to your App Control policy XML
+$AppControlPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyAppControlPolicy.xml"
+[xml]$AppControlPolicy = Get-Content -Path $AppControlPolicyXMLFile
+if (($AppControlPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022)
+{
+    $PolicyID = $AppControlPolicy.SiPolicy.PolicyID
+    $PolicyBinary = $PolicyID+".cip"
+}
+else ## Single policy format (Windows Server 2016 and 2019, and Windows 10 1809 LTSC)
+{
+    $PolicyBinary = "SiPolicy.p7b"
+}
+
+## Binary file will be written to your desktop
+ConvertFrom-CIPolicy -XmlFilePath $AppControlPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary
+```
+
+## Plan your deployment
+
+As with any significant change to your environment, implementing App Control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with App Control and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next.
+
+All App Control for Business policy changes should be deployed in audit mode before proceeding to enforcement. Carefully monitor events from devices where the policy has been deployed to ensure the block events you observe match your expectation before broadening the deployment to other deployment rings. If your organization uses Microsoft Defender for Endpoint, you can use the Advanced Hunting feature to centrally monitor App Control-related events. Otherwise, we recommend using an event log forwarding solution to collect relevant events from your managed endpoints.
+
+## Choose how to deploy App Control policies
+
+> [!IMPORTANT]
+> Due to a known issue, you should always activate new **signed** App Control Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-appcontrol-policies-with-script.md) in this case.
+>
+> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
+
+There are several options to deploy App Control for Business policies to managed endpoints, including:
+
+- [Deploy using a Mobile Device Management (MDM) solution](deploy-appcontrol-policies-using-intune.md), such as Microsoft Intune
+- [Deploy using Microsoft Configuration Manager](deploy-appcontrol-policies-with-memcm.md)
+- [Deploy via script](deploy-appcontrol-policies-with-script.md)
+- [Deploy via group policy](deploy-appcontrol-policies-using-group-policy.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md
new file mode 100644
index 0000000000..6f8919e77d
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md
@@ -0,0 +1,60 @@
+---
+title: Use audit events to create App Control policy rules
+description: Audits allow admins to discover apps, binaries, and scripts that should be added to the App Control policy.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# Use audit events to create App Control policy rules
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+Running App Control in audit mode lets you discover applications, binaries, and scripts that are missing from your App Control policy but should be included.
+
+While an App Control policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new App Control policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed.
+
+## Overview of the process to create App Control policy to allow apps using audit events
+
+> [!Note]
+> You must have already deployed an App Control audit mode policy to use this process. If you have not already done so, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
+
+To familiarize yourself with creating App Control rules from audit events, follow these steps on a device with an App Control audit mode policy.
+
+1. Install and run an application not allowed by the App Control policy but that you want to allow.
+
+2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding App Control events](../operations/event-id-explanations.md).
+
+   **Figure 1. Exceptions to the deployed App Control policy**<br>
+   :::image type="content" alt-text="Event showing exception to App Control policy." source="../images/dg-fig23-exceptionstocode.png":::
+
+3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create an App Control policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**.
+
+   ```powershell
+   $PolicyName= "Lamna_FullyManagedClients_Audit"
+   $LamnaPolicy=$env:userprofile+"\Desktop\"+$PolicyName+".xml"
+   $EventsPolicy=$env:userprofile+"\Desktop\EventsPolicy.xml"
+   $EventsPolicyWarnings=$env:userprofile+"\Desktop\EventsPolicyWarnings.txt"
+   ```
+
+4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new App Control policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**.
+
+   ```powershell
+   New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash -UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
+   ```
+
+   > [!NOTE]
+   > When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of  **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about App Control rule levels, see [Understand App Control policy rules and file rules](../design/select-types-of-rules-to-create.md).
+
+5. Find and review the App Control policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the App Control Policy Wizard tool (see [Editing existing base and supplemental App Control policies with the Wizard](../design/appcontrol-wizard-editing-policy.md)).
+
+6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that App Control couldn't create a rule for at either the specified rule level or fallback rule level.
+
+   > [!NOTE]
+   > New-CIPolicy only creates rules for files that can still be found on disk. Files which are no longer present on the system will not have a rule created to allow them. However, the event log should have sufficient information to allow these files by manually editing the policy XML to add rules. You can use an existing rule as a template and verify your results against the App Control policy schema definition found at **%windir%\schemas\CodeIntegrity\cipolicy.xsd**.
+
+7. Merge **EventsPolicy.xml** with the Base policy **Lamna_FullyManagedClients_Audit.xml** or convert it to a supplemental policy.
+
+    For information on merging policies, refer to [Merge App Control for Business policies](merge-appcontrol-policies.md) and for information on supplemental policies see [Use multiple App Control for Business Policies](../design/deploy-multiple-appcontrol-policies.md).
+
+8. Convert the Base or Supplemental policy to binary and deploy using your preferred method.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md
similarity index 77%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md
index 7c3eabc52d..773daf6a82 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md
@@ -1,22 +1,21 @@
 ---
-title: Create a code signing cert for Windows Defender Application Control
-description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or WDAC policies internally.
+title: Create a code signing cert for App Control for Business
+description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or App Control policies internally.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 12/01/2022
+ms.date: 09/11/2024
 ---
 
-# Optional: Create a code signing cert for Windows Defender Application Control  
+# Optional: Create a code signing cert for App Control for Business
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](wdac-deployment-guide.md).
+As you deploy App Control for Business, you might need to sign catalog files or App Control policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [App Control for Business Deployment Guide](appcontrol-deployment-guide.md).
 
 If you have an internal CA, complete these steps to create a code signing certificate.
 
 > [!WARNING]
-> When creating signing certificates for WDAC policy signing, Boot failure (blue screen) may occur if your signing certificate does not follow these rules:
+> When creating signing certificates for App Control policy signing, Boot failure (blue screen) may occur if your signing certificate does not follow these rules:
 >
 > - All policies, including base and supplemental, must be signed according to the [PKCS 7 Standard](https://datatracker.ietf.org/doc/html/rfc5652).
 > - Use RSA keys with 2K, 3K, or 4K key size only. ECDSA isn't supported.
@@ -34,7 +33,7 @@ If you have an internal CA, complete these steps to create a code signing certif
 
 4. On the **Compatibility** tab, clear the **Show resulting changes** check box. Select **Windows Server 2012** from the **Certification Authority** list, and then select **Windows 8 / Windows Server 2012** from the **Certificate recipient** list.
 
-5. On the **General** tab, specify the **Template display name** and **Template name**. This example uses the name **WDAC Catalog Signing Certificate**.
+5. On the **General** tab, specify the **Template display name** and **Template name**. This example uses the name **App Control Catalog Signing Certificate**.
 
 6. On the **Request Handling** tab, select the **Allow private key to be exported** check box.
 
@@ -64,7 +63,7 @@ When this certificate template has been created, you must publish it to the CA p
 
     A list of available templates to issue appears, including the template you created.
 
-2. Select the WDAC Catalog signing certificate, and then select **OK**.
+2. Select the App Control Catalog signing certificate, and then select **OK**.
 
 Now that the template is available to be issued, you must request one from the computer running Windows 10 or Windows 11 on which you create and sign catalog files. To begin, open the MMC, and then complete the following steps:
 
@@ -76,7 +75,7 @@ Now that the template is available to be issued, you must request one from the c
 
 4. In the **Request Certificate** list, select your newly created code signing certificate, and then select the blue text that requests additional information, as shown in Figure 4.
 
-    ![Request Certificates: more information required.](../images/dg-fig31-getmoreinfo.png)
+    :::image type="content" alt-text="Request Certificates: more information required." source="../images/dg-fig31-getmoreinfo.png":::
 
     Figure 4. Get more information for your code signing certificate
 
@@ -95,6 +94,6 @@ This certificate must be installed in the user's personal store on the computer
 
 3. Choose the default settings, and then select **Export all extended properties**.
 
-4. Set a password, select an export path, and then select **WDACCatSigningCert.pfx** as the file name.
+4. Set a password, select an export path, and then select **AppControlCatSigningCert.pfx** as the file name.
 
 When the certificate has been exported, import it into the personal store for the user who will be signing the catalog files or code integrity policies on the specific computer that will be signing them.
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md
new file mode 100644
index 0000000000..5efe8cdcdb
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md
@@ -0,0 +1,58 @@
+---
+title: Deploy App Control policies via Group Policy
+description: App Control for Business policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# Deploy App Control for Business policies by using Group Policy
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+> [!IMPORTANT]
+> Due to a known issue, you should always activate new **signed** App Control Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Group Policy, deploy new signed App Control Base policies [via script](deploy-appcontrol-policies-with-script.md#deploying-signed-policies) and activate the policy with a system restart.
+>
+> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
+
+Single-policy format App Control for Business policies (pre-1903 policy schema) can be easily deployed and managed with Group Policy.
+
+> [!IMPORTANT]
+> Group Policy-based deployment of App Control for Business policies only supports single-policy format App Control policies. To use App Control on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for policy deployment.
+
+You should now have an App Control policy converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
+
+The following procedure walks you through how to deploy an App Control policy called **SiPolicy.p7b** to a test OU called *App Control Enabled PCs* by using a GPO called **Contoso GPO Test**.
+
+To deploy and manage an App Control for Business policy with Group Policy:
+
+1. On a client computer on which RSAT is installed, open the GPMC by running **GPMC.MSC**
+
+2. Create a new GPO: right-click an OU and then select **Create a GPO in this domain, and Link it here**.
+
+   > [!NOTE]
+   > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies (or keeping them separate), as discussed in [Plan for App Control for Business lifecycle policy management](../design/plan-appcontrol-management.md).
+
+   :::image type="content" alt-text="Group Policy Management, create a GPO." source="../images/dg-fig24-creategpo.png":::
+
+3. Name the new GPO. You can choose any name.
+
+4. Open the Group Policy Management Editor: right-click the new GPO, and then select **Edit**.
+
+5. In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy App Control for Business** and then select **Edit**.
+
+    ![Edit the Group Policy for App Control for Business.](../images/appcontrol-edit-gp.png)
+
+6. In the **Deploy App Control for Business** dialog box, select the **Enabled** option, and then specify the App Control policy deployment path.
+
+    In this policy setting, you specify either the local path where the policy will exist on each client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. For example, the path to SiPolicy.p7b using the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md) would be %USERPROFILE%\Desktop\SiPolicy.p7b.
+
+    > [!NOTE]
+    > This policy file does not need to be copied to every computer. You can instead copy the App Control policies to a file share to which all computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers.
+
+    :::image type="content" alt-text="Group Policy called Deploy App Control for Business." source="../images/dg-fig26-enablecode.png":::
+
+    > [!NOTE]
+    > You may have noticed that the GPO setting references a .p7b file, but the file extension and name of the policy binary do not matter. Regardless of what you name your policy binary, they are all converted to SIPolicy.p7b when applied to the client computers running Windows 10. If you are deploying different App Control policies to different sets of devices, you may want to give each of your App Control policies a friendly name and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository.
+
+7. Close the Group Policy Management Editor, and then restart the Windows test computer. Restarting the computer updates the App Control policy.
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md
new file mode 100644
index 0000000000..472b039866
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md
@@ -0,0 +1,89 @@
+---
+title: Deploy App Control policies using Mobile Device Management (MDM)
+description: You can use an MDM like Microsoft Intune to configure App Control for Business. Learn how with this step-by-step guide.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# Deploy App Control policies using Mobile Device Management (MDM)
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure App Control for Business on client machines. Intune includes native support for App Control, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for App Control policy deployment steps.
+
+> [!IMPORTANT]
+> Due to a known issue, you should always activate new **signed** App Control Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed App Control Base policies [via script](deploy-appcontrol-policies-with-script.md) and activate the policy with a system restart.
+>
+> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
+
+## Use Intune's built-in policies
+
+Intune's built-in App Control for Business support allows you to configure Windows client computers to only run:
+
+- Windows components
+- Third-party hardware and software kernel drivers
+- Microsoft Store-signed apps
+- [Optional] Reputable apps as defined by the Intelligent Security Graph (ISG)
+
+> [!NOTE]
+> Intune's built-in policies use the pre-1903 single-policy format version of the DefaultWindows policy. Use the [improved Intune App Control experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to create and deploy multiple-policy format files. Or, you can use Intune's custom OMA-URI feature to deploy your own multiple-policy format App Control policies and leverage features available on Windows 10 1903+ or Windows 11 as described later in this topic.
+
+> [!NOTE]
+> Intune currently uses the AppLocker CSP to deploy its built-in policies. The AppLocker CSP always requests a device restart when it applies App Control policies. Use the [improved Intune App Control experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to deploy your own App Control policies without a restart. Or, you can use Intune's custom OMA-URI feature with the ApplicationControl CSP.
+
+To use Intune's built-in App Control policies, configure [Endpoint Protection for Windows 10 (and later)](/mem/intune/protect/endpoint-protection-windows-10?toc=/intune/configuration/toc.json&bc=/intune/configuration/breadcrumb/toc.json).
+
+## Deploy App Control policies with custom OMA-URI
+
+> [!NOTE]
+> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create App Control for Business policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-appcontrol-policies.md) which allow more granular policy.
+
+You should now have one or more App Control policies converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
+
+### Deploy custom App Control policies on Windows 10 1903+
+
+Beginning with Windows 10 1903, custom OMA-URI policy deployment can use the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies.
+
+> [!NOTE]
+> You must convert your custom policy XML to binary form before deploying with OMA-URI.
+
+The steps to use Intune's custom OMA-URI functionality are:
+
+1. Open the Microsoft Intune portal and [create a profile with custom settings](/mem/intune/configuration/custom-settings-windows-10).
+
+2. Specify a **Name** and **Description** and use the following values for the remaining custom OMA-URI settings:
+    - **OMA-URI**: `./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy`
+    - **Data type**: Base64 (file)
+    - **Certificate file**: Upload your binary format policy file. To do this, change your {GUID}.cip file to {GUID}.bin. You don't need to upload a Base64 file, as Intune converts the uploaded .bin file to Base64 on your behalf.
+
+    :::image type="content" alt-text="Configure custom App Control." source="../images/appcontrol-intune-custom-oma-uri.png" lightbox="../images/appcontrol-intune-custom-oma-uri.png":::
+
+> [!NOTE]
+> For the _Policy GUID_ value, do not include the curly brackets.
+
+### Remove App Control policies on Windows 10 1903+
+
+Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to disable App Control for Business enforcement, first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example  policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, you can then delete the policy from the Intune portal. This deletion will prevent anything from being blocked and fully remove the App Control policy on the next reboot.
+
+### For pre-1903 systems
+
+#### Deploying policies
+
+The steps to use Intune's Custom OMA-URI functionality to apply the [AppLocker CSP](/windows/client-management/mdm/applocker-csp) and deploy a custom App Control policy to pre-1903 systems are:
+
+1. Convert the policy XML to binary format using the [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) cmdlet in order to be deployed. The binary policy may be signed or unsigned.
+
+2. Open the Microsoft Intune portal and [create a profile with custom settings](/mem/intune/configuration/custom-settings-windows-10).
+
+3. Specify a **Name** and **Description** and use the following values for the remaining custom OMA-URI settings:
+    - **OMA-URI**: `./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy`
+    - **Data type**: Base64 (file)
+    - **Certificate file**: upload your binary format policy file
+
+   > [!NOTE]
+   > Deploying policies via the AppLocker CSP will force a reboot during OOBE.
+
+#### Removing policies
+
+Policies deployed through Intune via the AppLocker CSP can't be deleted through the Intune console. In order to disable App Control for Business policy enforcement, either deploy an audit-mode policy or use a script to delete the existing policy.
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md
new file mode 100644
index 0000000000..5baec955a9
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md
@@ -0,0 +1,81 @@
+---
+title: Deploy App Control for Business policies with Configuration Manager
+description: You can use Microsoft Configuration Manager to configure App Control for Business. Learn how with this step-by-step guide.
+ms.date: 09/11/2024
+ms.topic: how-to
+ms.localizationpriority: medium
+---
+
+# Deploy App Control policies by using Microsoft Configuration Manager
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+You can use Microsoft Configuration Manager to configure App Control for Business on client machines.
+
+## Use Configuration Manager's built-in policies
+
+Configuration Manager includes native support for App Control, which allows you to configure Windows 10 and Windows 11 client computers with a policy that will only allow:
+
+- Windows components
+- Microsoft Store apps
+- Apps installed by Configuration Manager (Configuration Manager self-configured as a managed installer)
+- (Optional) Reputable apps as defined by the Intelligent Security Graph (ISG)
+- (Optional) Apps and executables already installed in admin-definable folder locations that Configuration Manager will allow through a one-time scan during policy creation on managed endpoints.
+
+Configuration Manager doesn't remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable App Control for Business altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot.
+
+### Create an App Control Policy in Configuration Manager
+
+1. Select **Asset and Compliance** > **Endpoint Protection** > **App Control for Business** > **Create Application Control Policy**
+
+   :::image type="content" alt-text="Create an App Control policy in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-policy.jpg":::
+
+2. Enter the name of the policy > **Next**
+3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes**
+4. Select the mode that you want the policy to run (Enforcement enabled / Audit Only)
+5. Select **Next**
+
+   :::image type="content" alt-text="Create an enforced App Control policy in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-policy-2.jpg":::
+
+6. Select **Add** to begin creating rules for trusted software
+
+   :::image type="content" alt-text="Create an App Control path rule in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-rule.jpg":::
+
+7. Select **File** or **Folder** to create a path rule > **Browse**
+
+   :::image type="content" alt-text="Select a file or folder to create a path rule." source="../images/memcm/memcm-create-appcontrol-rule-2.jpg":::
+
+8. Select the executable or folder for your path rule > **OK**
+
+   :::image type="content" alt-text="Select the executable file or folder." source="../images/memcm/memcm-create-appcontrol-rule-3.jpg":::
+
+9. Select **OK** to add the rule to the table of trusted files or folder
+10. Select **Next** to navigate to the summary page > **Close**
+
+    :::image type="content" alt-text="Confirm the App Control path rule in Configuration Manager." source="../images/memcm/memcm-confirm-appcontrol-rule.jpg":::
+
+### Deploy the App Control policy in Configuration Manager
+
+1. Right-click the newly created policy > **Deploy Application Control Policy**
+
+   :::image type="content" alt-text="Deploy App Control via Configuration Manager." source="../images/memcm/memcm-deploy-appcontrol.jpg":::
+
+2. Select **Browse**
+
+   :::image type="content" alt-text="Select Browse." source="../images/memcm/memcm-deploy-appcontrol-2.jpg":::
+
+3. Select the Device Collection you created earlier > **OK**
+
+   :::image type="content" alt-text="Select the device collection." source="../images/memcm/memcm-deploy-appcontrol-3.jpg":::
+
+4. Change the schedule > **OK**
+
+   :::image type="content" alt-text="Change the App Control deployment schedule." source="../images/memcm/memcm-deploy-appcontrol-4.jpg":::
+
+For more information on using Configuration Manager's native App Control policies, see [App Control for Business management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager).
+
+Download the entire [App Control in Configuration Manager lab paper](https://download.microsoft.com/download/c/f/d/cfd6227c-8ec4-442d-8c50-825550d412f6/WDAC-Deploy-WDAC-using-MEMCM.pdf).
+
+## Deploy custom App Control policies using Packages/Programs or Task Sequences
+
+Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom App Control policies using [script-based deployment](deploy-appcontrol-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences.
diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md
new file mode 100644
index 0000000000..369252b993
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md
@@ -0,0 +1,104 @@
+---
+title: Deploy App Control for Business policies using script
+description: Use scripts to deploy App Control for Business policies. Learn how with this step-by-step guide.
+ms.manager: jsuther
+ms.date: 09/11/2024
+ms.topic: how-to
+ms.localizationpriority: medium
+---
+
+# Deploy App Control policies using script
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This article describes how to deploy App Control for Business policies using script. The following instructions use PowerShell but can work with any scripting host.
+
+You should now have one or more App Control policies converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
+
+> [!IMPORTANT]
+> Due to a known issue, you should always activate new **signed** App Control Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Skip all steps below that use CiTool, RefreshPolicy.exe, or WMI to initiate a policy activation. Instead, copy the policy binary to the correct system32 and EFI locations and then activate the policy with a system restart.
+>
+> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
+
+## Deploying policies for Windows 11 22H2 and above
+
+You can use the inbox [CiTool](../operations/citool-commands.md) to apply policies on Windows 11 22H2 with the following commands. Be sure to replace **&lt;Path to policy binary file to deploy&gt;** in the following example with the actual path to your App Control policy binary file.
+
+```powershell
+# Policy binary files should be named as {GUID}.cip for multiple policy format files (where {GUID} = <PolicyId> from the Policy XML)
+$PolicyBinary = "<Path to policy binary file to deploy>"
+CiTool --update-policy $PolicyBinary [-json]
+```
+
+## Deploying policies for Windows 11, Windows 10 version 1903 and above, and Windows Server 2022 and above
+
+To use this procedure, download and distribute the [App Control policy refresh tool](https://aka.ms/refreshpolicy) to all managed endpoints. Ensure your App Control policies allow the App Control policy refresh tool or use a managed installer to distribute the tool.
+
+1. Initialize the variables to be used by the script.
+
+    ```powershell
+    # Policy binary files should be named as {GUID}.cip for multiple policy format files (where {GUID} = <PolicyId> from the Policy XML)
+    $PolicyBinary = "<Path to policy binary file to deploy>"
+    $DestinationFolder = $env:windir+"\System32\CodeIntegrity\CIPolicies\Active\"
+    $RefreshPolicyTool = "<Path where RefreshPolicy.exe can be found from managed endpoints>"
+    ```
+
+2. Copy App Control for Business policy binary to the destination folder.
+
+   ```powershell
+   Copy-Item -Path $PolicyBinary -Destination $DestinationFolder -Force
+   ```
+
+3. Repeat steps 1-2 as appropriate to deploy more App Control policies.
+4. Run RefreshPolicy.exe to activate and refresh all App Control policies on the managed endpoint.
+
+   ```powershell
+   & $RefreshPolicyTool
+   ```
+
+## Deploying policies for all other versions of Windows and Windows Server
+
+Use WMI to apply policies on all other versions of Windows and Windows Server.
+
+1. Initialize the variables to be used by the script.
+
+    ```powershell
+    # Policy binary files should be named as SiPolicy.p7b for Windows 10 versions earlier than 1903
+    $PolicyBinary = "<Path to policy binary file to deploy>"
+    $DestinationBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b"
+    ```
+
+2. Copy App Control for Business policy binary to the destination.
+
+   ```powershell
+   Copy-Item  -Path $PolicyBinary -Destination $DestinationBinary -Force
+   ```
+
+3. Refresh and activate App Control policy using WMI
+
+   ```powershell
+   Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = $DestinationBinary}
+   ```
+
+## Deploying signed policies
+
+If you're using [signed App Control policies](use-signed-policies-to-protect-appcontrol-against-tampering.md), the policies must be deployed into your device's EFI partition in addition to the locations outlined in the earlier sections. Unsigned App Control policies don't need to be present in the EFI partition.
+
+1. Mount the EFI volume and make the directory, if it doesn't exist, in an elevated PowerShell prompt:
+
+    ```powershell
+   $MountPoint = 'C:\EFIMount'
+   $EFIDestinationFolder = "$MountPoint\EFI\Microsoft\Boot\CiPolicies\Active"
+   $EFIPartition = (Get-Partition | Where-Object IsSystem).AccessPaths[0]
+   if (-Not (Test-Path $MountPoint)) { New-Item -Path $MountPoint -Type Directory -Force }
+   mountvol $MountPoint $EFIPartition
+   if (-Not (Test-Path $EFIDestinationFolder)) { New-Item -Path $EFIDestinationFolder -Type Directory -Force }
+    ```
+
+2. Copy the signed policy to the created folder:
+
+    ```powershell
+   Copy-Item -Path $PolicyBinary -Destination $EFIDestinationFolder -Force
+    ```
+
+3. Restart the system.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md
similarity index 89%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md
index 2265945d4e..ff49b5a9fe 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md
@@ -1,21 +1,20 @@
 ---
-title: Deploy catalog files to support Windows Defender Application Control
-description: Catalog files simplify running unsigned applications in the presence of a Windows Defender Application Control (WDAC) policy.
+title: Deploy catalog files to support App Control for Business
+description: Catalog files simplify running unsigned applications in the presence of an App Control for Business policy.
 ms.localizationpriority: medium
 ms.topic: how-to
-ms.date: 11/30/2022
+ms.date: 09/11/2024
 ---
 
-# Deploy catalog files to support Windows Defender Application Control
+# Deploy catalog files to support App Control for Business
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-*Catalog files* can be important in your deployment of Windows Defender Application Control (WDAC) if you have unsigned line-of-business (LOB) applications for which the process of signing is difficult. You can also use catalog files to add your own signature to apps you get from independent software vendors (ISV) when you don't want to trust all code signed by that ISV. In this way, catalog files provide a convenient way for you to "bless" apps for use in your WDAC-managed environment. And, you can create catalog files for existing apps without requiring access to the original source code or needing any expensive repackaging.
+*Catalog files* can be important in your deployment of App Control for Business if you have unsigned line-of-business (LOB) applications for which the process of signing is difficult. You can also use catalog files to add your own signature to apps you get from independent software vendors (ISV) when you don't want to trust all code signed by that ISV. In this way, catalog files provide a convenient way for you to "bless" apps for use in your App Control-managed environment. And, you can create catalog files for existing apps without requiring access to the original source code or needing any expensive repackaging.
 
 You need to [obtain a code signing certificate for your own use](use-code-signing-for-better-control-and-protection.md#obtain-code-signing-certificates-for-your-own-use) and use it to sign the catalog file. Then, distribute the signed catalog file using your preferred content deployment mechanism.
 
-Finally, add a signer rule to your WDAC policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build a WDAC policy that blocks all unsigned code, because most malware is unsigned.
+Finally, add a signer rule to your App Control policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build an App Control policy that blocks all unsigned code, because most malware is unsigned.
 
 ## Create catalog files using Package Inspector
 
@@ -34,7 +33,7 @@ To create a catalog file for an existing app, you can use a tool called **Packag
     $PolicyBinary = $env:USERPROFILE+"\Desktop\"+$PolicyId.substring(11)+".cip"
     ```
 
-    Then apply the policy as described in [Deploy Windows Defender Application Control policies with script](deploy-wdac-policies-with-script.md).
+    Then apply the policy as described in [Deploy App Control for Business policies with script](deploy-appcontrol-policies-with-script.md).
 
 2. Start Package Inspector to monitor file creation on a **local drive** where you install the app, for example, drive C:
 
@@ -92,15 +91,15 @@ For the code signing certificate that you use to sign the catalog file, import i
 1. Initialize the variables to use. Replace the `$ExamplePath` and `$CatFileName` variables as needed:
 
    ```powershell
-    $ExamplePath=$env:userprofile+"\Desktop"
-    $CatFileName=$ExamplePath+"\LOBApp-Contoso.cat"
-    ```
+   $ExamplePath=$env:userprofile+"\Desktop"
+   $CatFileName=$ExamplePath+"\LOBApp-Contoso.cat"
+   ```
 
 2. Sign the catalog file with Signtool.exe:
 
    ```powershell
-    <path to signtool.exe> sign /n "ContosoSigningCert" /fd sha256 /v $CatFileName
-    ```
+   <path to signtool.exe> sign /n "ContosoSigningCert" /fd sha256 /v $CatFileName
+   ```
 
    > [!NOTE]
    > The `<Path to signtool.exe>` variable should be the full path to the Signtool.exe utility. `ContosoSigningCert` represents the subject name of the certificate that you use to sign the catalog file. This certificate should be imported to your personal certificate store on the computer on which you are attempting to sign the catalog file.
@@ -109,7 +108,7 @@ For the code signing certificate that you use to sign the catalog file, import i
 
 3. Verify the catalog file's digital signature. Right-click the catalog file, and then select **Properties**. On the **Digital Signatures** tab, verify that your signing certificate exists with a **sha256** algorithm, as shown in Figure 1.
 
-   ![Digital Signature list in file Properties.](../images/dg-fig12-verifysigning.png)
+   :::image type="content" alt-text="Digital Signature list in file Properties." source="../images/dg-fig12-verifysigning.png":::
 
    Figure 1. Verify that the signing certificate exists.
 
@@ -123,16 +122,16 @@ For testing purposes, you can manually copy signed catalog files to this folder.
 
 To simplify the management of catalog files, you can use group policy preferences to deploy catalog files to the appropriate computers in your organization.
 
-The following process walks you through the deployment of a signed catalog file called **LOBApp-Contoso.cat** to a test OU called **WDAC Enabled PCs** with a GPO called **Contoso Catalog File GPO Test**.
+The following process walks you through the deployment of a signed catalog file called **LOBApp-Contoso.cat** to a test OU called **App Control Enabled PCs** with a GPO called **Contoso Catalog File GPO Test**.
 
 1. From either a domain controller or a client computer that has Remote Server Administration Tools installed, open the Group Policy Management Console by running **GPMC.MSC** or by searching for Group Policy Management.
 
-2. Create a new GPO: right-click an OU, for example, the **WDAC Enabled PCs OU**, and then select **Create a GPO in this domain, and Link it here**, as shown in Figure 2.
+2. Create a new GPO: right-click an OU, for example, the **App Control Enabled PCs OU**, and then select **Create a GPO in this domain, and Link it here**, as shown in Figure 2.
 
    > [!NOTE]
-   > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies.
+   > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies.
 
-   ![Group Policy Management, create a GPO.](../images/dg-fig13-createnewgpo.png)
+   :::image type="content" alt-text="Group Policy Management, create a GPO." source="../images/dg-fig13-createnewgpo.png":::
 
    Figure 2. Create a new GPO.
 
@@ -142,7 +141,7 @@ The following process walks you through the deployment of a signed catalog file
 
 5. Within the selected GPO, navigate to **Computer Configuration\\Preferences\\Windows Settings\\Files**. Right-click **Files**, point to **New**, and then select **File**, as shown in Figure 3.
 
-   ![Group Policy Management Editor, New File.](../images/dg-fig14-createnewfile.png)
+   :::image type="content" alt-text="Group Policy Management Editor, New File." source="../images/dg-fig14-createnewfile.png":::
 
    Figure 3. Create a new file.
 
@@ -299,9 +298,9 @@ At the time of the next software inventory cycle, when the targeted clients rece
 > [!NOTE]
 > If nothing is displayed in this view, navigate to Software\\Last Software Scan in Resource Explorer to verify that the client has recently completed a software inventory scan.
 
-## Allow apps signed by your catalog signing certificate in your WDAC policy
+## Allow apps signed by your catalog signing certificate in your App Control policy
 
-Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a WDAC policy, see the [Windows Defender Application Control design guide](../design/wdac-design-guide.md).
+Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created an App Control policy, see the [App Control for Business design guide](../design/appcontrol-design-guide.md).
 
 On a computer where the signed catalog file has been deployed, you can use [New-CiPolicyRule](/powershell/module/configci/new-cipolicyrule) to create a signer rule from any file included in that catalog. Then use [Merge-CiPolicy](/powershell/module/configci/merge-cipolicy) to add the rule to your policy XML. Be sure to replace the path values in the following sample:
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md
similarity index 50%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md
index 2685a6db1d..c2434abfb4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md
@@ -1,24 +1,23 @@
 ---
-title: Remove Windows Defender Application Control policies
-description: Learn how to disable both signed and unsigned Windows Defender Application Control policies, within Windows and within the BIOS.
+title: Remove App Control for Business policies
+description: Learn how to disable both signed and unsigned App Control for Business policies, within Windows and within the BIOS.
 ms.localizationpriority: medium
-ms.date: 11/04/2022
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Remove Windows Defender Application Control (WDAC) policies
+# Remove App Control for Business policies
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-## Removing WDAC policies
+## Removing App Control policies
 
-There may come a time when you want to remove one or more WDAC policies, or remove all WDAC policies you've deployed. This article describes the various ways to remove WDAC policies.
+There may come a time when you want to remove one or more App Control policies, or remove all App Control policies you've deployed. This article describes the various ways to remove App Control policies.
 
 > [!IMPORTANT]
-> **Signed WDAC policy**
+> **Signed App Control policy**
 >
-> If the policy you are trying to remove is a signed WDAC policy, you must first deploy a signed replacement policy that includes option **6 Enabled:Unsigned System Integrity Policy**.
+> If the policy you are trying to remove is a signed App Control policy, you must first deploy a signed replacement policy that includes option **6 Enabled:Unsigned System Integrity Policy**.
 >
 > The replacement policy must have the same PolicyId as the one it's replacing and a version that's equal to or greater than the existing policy. The replacement policy must also include \<UpdatePolicySigners\>.
 >
@@ -33,66 +32,48 @@ To make a policy effectively inactive before removing it, you can first replace
 1. Replace the policy rules with "Allow *" rules;
 2. Set option **3 Enabled:Audit Mode** to change the policy to audit mode only;
 3. Set option **11 Disabled:Script Enforcement**;
-4. Allow all COM objects. See [Allow COM object registration in a WDAC policy](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy#examples);
+4. Allow all COM objects. See [Allow COM object registration in an App Control policy](../design/allow-com-object-registration-in-appcontrol-policy.md#examples);
 5. If applicable, remove option **0 Enabled:UMCI** to convert the policy to kernel mode only.
 
 > [!IMPORTANT]
-> After you remove a policy, restart the computer for it to take effect. You can't remove WDAC policies without restarting the device.
+> After you remove a policy, restart the computer for it to take effect. You can't remove App Control policies without restarting the device.
 
-### Remove WDAC policies using CiTool.exe
+### Remove App Control policies using CiTool.exe
 
-Beginning with the Windows 11 2022 Update, you can remove WDAC policies using CiTool.exe. From an elevated command window, run the following command. Be sure to replace the text *PolicyId GUID* with the actual PolicyId of the WDAC policy you want to remove:
+Beginning with the Windows 11 2022 Update, you can remove App Control policies using CiTool.exe. From an elevated command window, run the following command. Be sure to replace the text *PolicyId GUID* with the actual PolicyId of the App Control policy you want to remove:
 
 ```powershell
-    CiTool.exe -rp "{PolicyId GUID}" -json
+CiTool.exe -rp "{PolicyId GUID}" -json
 ```
 
 Then restart the computer.
 
-### Remove WDAC policies using MDM solutions like Intune
+### Remove App Control policies using MDM solutions like Intune
 
-You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to remove WDAC policies from client machines using the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp).
-
-<!-- Waiting for information from Intune team on specific steps...
-
-The steps to use Intune's custom OMA-URI functionality to remove a WDAC policy are:
-
-1. Open the Microsoft Intune portal and [create a profile with custom settings](/mem/intune/configuration/custom-settings-windows-10).
-
-2. Specify a **Name** and **Description** and use the following values for the remaining custom OMA-URI settings:
-    - **OMA-URI**: `./Vendor/MSFT/ApplicationControl/Policies/_PolicyId GUID_/Policy`
-    - **Data type**: Base64 (file)
-    - **Certificate file**: upload your binary format policy file. You don't need to upload a Base64 file, as Intune will convert the uploaded .bin file to Base64 on your behalf.
-
-    > [!div class="mx-imgBorder"]
-    > ![Configure custom WDAC.](../images/wdac-intune-custom-oma-uri.png)
-
-> [!NOTE]
-> For the _Policy GUID_ value, do not include the curly brackets.
--->
+You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to remove App Control policies from client machines using the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp).
 
 Consult your MDM solution provider for specific information on using the ApplicationControl CSP.
 
 Then restart the computer.
 
-### Remove WDAC policies using script
+### Remove App Control policies using script
 
-To remove WDAC policies using script, your script must delete the policy file(s) from the computer. For **multiple policy format (1903+) WDAC policies**, look for the policy files in the following locations. Be sure to replace the *PolicyId GUID* with the actual PolicyId of the WDAC policy you want to remove.
+To remove App Control policies using script, your script must delete the policy file(s) from the computer. For **multiple policy format (1903+) App Control policies**, look for the policy files in the following locations. Be sure to replace the *PolicyId GUID* with the actual PolicyId of the App Control policy you want to remove.
 
 - &lt;EFI System Partition&gt;\\Microsoft\\Boot\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
 - &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
 
-For **single policy format WDAC policies**, in addition to the two locations above, also look for a file called SiPolicy.p7b that may be found in the following locations:
+For **single policy format App Control policies**, in addition to the two locations above, also look for a file called SiPolicy.p7b that may be found in the following locations:
 
 - &lt;EFI System Partition&gt;\\Microsoft\\Boot\\SiPolicy.p7b
 - &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\SiPolicy.p7b
 
 Then restart the computer.
 
-#### Sample script to delete a single WDAC policy
+#### Sample script to delete a single App Control policy
 
 ```powershell
-# Set PolicyId GUID to the PolicyId from your WDAC policy XML
+# Set PolicyId GUID to the PolicyId from your App Control policy XML
 $PolicyId = "{PolicyId GUID}"
 
 # Initialize variables
@@ -138,17 +119,17 @@ mountvol $MountPoint /D
 ```
 
 > [!NOTE]
-> You must run the script as administrator to remove WDAC policies on your computer.
+> You must run the script as administrator to remove App Control policies on your computer.
 
-## Remove WDAC policies causing boot stop failures
+## Remove App Control policies causing boot stop failures
 
-A WDAC policy that blocks boot critical drivers can cause a boot stop failure (BSOD) to occur, though this can be mitigated by setting option **10 Enabled:Boot Audit On Failure** in your policies. Additionally, signed WDAC policies protect the policy from administrative manipulation and malware that has gained administrative-level access to the system. For this reason, signed WDAC policies are intentionally more difficult to remove than unsigned policies even for administrators. Tampering with or removing a signed WDAC policy will cause a BSOD to occur.
+An App Control policy that blocks boot critical drivers can cause a boot stop failure (BSOD) to occur, though this can be mitigated by setting option **10 Enabled:Boot Audit On Failure** in your policies. Additionally, signed App Control policies protect the policy from administrative manipulation and malware that has gained administrative-level access to the system. For this reason, signed App Control policies are intentionally more difficult to remove than unsigned policies even for administrators. Tampering with or removing a signed App Control policy will cause a BSOD to occur.
 
 To remove a policy that is causing boot stop failures:
 
-1. If the policy is a **signed** WDAC policy, turn off Secure Boot from your [UEFI BIOS menu](/windows-hardware/manufacture/desktop/boot-to-uefi-mode-or-legacy-bios-mode). For help with locating where to turn off Secure Boot within your BIOS menu, consult with your original equipment manufacturer (OEM).
-2. Access the Advanced Boot Options menu on your computer and choose the option to **Disable Driver Signature Enforcement**. For instructions on accessing the Advanced Boot Options menu during startup, consult with your OEM. This option will suspend all code integrity checks, including WDAC, for a single boot session.
-3. Start Windows normally and sign in. Then, [remove WDAC policies using script](#remove-wdac-policies-using-script).
+1. If the policy is a **signed** App Control policy, turn off Secure Boot from your [UEFI BIOS menu](/windows-hardware/manufacture/desktop/boot-to-uefi-mode-or-legacy-bios-mode). For help with locating where to turn off Secure Boot within your BIOS menu, consult with your original equipment manufacturer (OEM).
+2. Access the Advanced Boot Options menu on your computer and choose the option to **Disable Driver Signature Enforcement**. For instructions on accessing the Advanced Boot Options menu during startup, consult with your OEM. This option will suspend all code integrity checks, including App Control, for a single boot session.
+3. Start Windows normally and sign in. Then, [remove App Control policies using script](#remove-app-control-policies-using-script).
 4. If you turned off Secure Boot in step 1 above and your drive is protected by BitLocker, [suspend BitLocker protection](/troubleshoot/windows-client/windows-security/suspend-bitlocker-protection-non-microsoft-updates) then turn on Secure Boot from your UEFI BIOS menu.
 5. Restart the computer.
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md
similarity index 60%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md
index 07bc66c51a..41a77beb33 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md
@@ -1,29 +1,28 @@
 ---
-title: Enforce Windows Defender Application Control (WDAC) policies
-description: Learn how to switch a WDAC policy from audit to enforced mode.
+title: Enforce App Control for Business policies
+description: Learn how to switch an App Control policy from audit to enforced mode.
 ms.manager: jsuther
-ms.date: 04/22/2021
+ms.date: 09/11/2024
 ms.topic: how-to
 ms.localizationpriority: medium
 ---
 
-# Enforce Windows Defender Application Control (WDAC) policies
+# Enforce App Control for Business policies
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-You should now have one or more Windows Defender Application Control policies broadly deployed in audit mode. You have analyzed events collected from the devices with those policies and you're ready to enforce. Use this procedure to prepare and deploy your WDAC policies in enforcement mode.
+You should now have one or more App Control for Business policies broadly deployed in audit mode. You have analyzed events collected from the devices with those policies and you're ready to enforce. Use this procedure to prepare and deploy your App Control policies in enforcement mode.
 
 > [!NOTE]
-> Some of the steps described in this article only apply to Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features. Evaluate the impact for any features that may be unavailable on your clients running earlier versions of Windows 10 and Windows Server. You may need to adapt this guidance to meet your specific organization's needs.
+> Some of the steps described in this article only apply to Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features. Evaluate the impact for any features that may be unavailable on your clients running earlier versions of Windows 10 and Windows Server. You may need to adapt this guidance to meet your specific organization's needs.
 
-## Convert WDAC **base** policy from audit to enforced
+## Convert App Control **base** policy from audit to enforced
 
-As described in [common Windows Defender Application Control deployment scenarios](../design/common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices.
+As described in [common App Control for Business deployment scenarios](../design/common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices.
 
-**Alice Pena** is the IT team lead responsible for Lamna's WDAC rollout.
+**Alice Pena** is the IT team lead responsible for Lamna's App Control rollout.
 
-Alice previously created and deployed a policy for the organization's [fully managed devices](../design/create-wdac-policy-for-fully-managed-devices.md). They updated the policy based on audit event data as described in [Use audit events to create WDAC policy rules](audit-wdac-policies.md) and redeployed it. All remaining audit events are as expected and Alice is ready to switch to enforcement mode.
+Alice previously created and deployed a policy for the organization's [fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md). They updated the policy based on audit event data as described in [Use audit events to create App Control policy rules](audit-appcontrol-policies.md) and redeployed it. All remaining audit events are as expected and Alice is ready to switch to enforcement mode.
 
 1. Initialize the variables that will be used and create the enforced policy by copying the audit version.
 
@@ -34,14 +33,14 @@ Alice previously created and deployed a policy for the organization's [fully man
    cp $AuditPolicyXML $EnforcedPolicyXML
    ```
 
-2. Use [Set-CIPolicyIdInfo](/powershell/module/configci/set-cipolicyidinfo) to give the new policy a unique ID, and descriptive name. Changing the ID and name lets you deploy the enforced policy side by side with the audit policy. Do this step if you plan to harden your WDAC policy over time. If you prefer to replace the audit policy in-place, you can skip this step.
+2. Use [Set-CIPolicyIdInfo](/powershell/module/configci/set-cipolicyidinfo) to give the new policy a unique ID, and descriptive name. Changing the ID and name lets you deploy the enforced policy side by side with the audit policy. Do this step if you plan to harden your App Control policy over time. If you prefer to replace the audit policy in-place, you can skip this step.
 
    ```powershell
    $EnforcedPolicyID = Set-CIPolicyIdInfo -FilePath $EnforcedPolicyXML -PolicyName $EnforcedPolicyName -ResetPolicyID
    $EnforcedPolicyID = $EnforcedPolicyID.Substring(11)
    ```
 
-3. *[Optionally]* Use [Set-RuleOption](/powershell/module/configci/set-ruleoption) to enable rule options 9 ("Advanced Boot Options Menu") and 10 ("Boot Audit on Failure"). Option 9 allows users to disable WDAC enforcement for a single boot session from a pre-boot menu. Option 10 instructs Windows to switch the policy from enforcement to audit only if a boot critical kernel-mode driver is blocked. We strongly recommend these options when deploying a new enforced policy to your first deployment ring. Then, if no issues are found, you can remove the options and restart your deployment.
+3. *[Optionally]* Use [Set-RuleOption](/powershell/module/configci/set-ruleoption) to enable rule options 9 ("Advanced Boot Options Menu") and 10 ("Boot Audit on Failure"). Option 9 allows users to disable App Control enforcement for a single boot session from a pre-boot menu. Option 10 instructs Windows to switch the policy from enforcement to audit only if a boot critical kernel-mode driver is blocked. We strongly recommend these options when deploying a new enforced policy to your first deployment ring. Then, if no issues are found, you can remove the options and restart your deployment.
 
    ```powershell
    Set-RuleOption -FilePath $EnforcedPolicyXML -Option 9
@@ -54,7 +53,7 @@ Alice previously created and deployed a policy for the organization's [fully man
    Set-RuleOption -FilePath $EnforcedPolicyXML -Option 3 -Delete
    ```
 
-5. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the new WDAC policy to binary:
+5. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the new App Control policy to binary:
 
    > [!NOTE]
    > If you did not use -ResetPolicyID in Step 2 above, then you must replace $EnforcedPolicyID in the following command with the *PolicyID* attribute found in your base policy XML.
@@ -86,7 +85,7 @@ Since the enforced policy was given a unique PolicyID in the previous procedure,
    > [!NOTE]
    > If Set-CIPolicyIdInfo does not output the new PolicyID value on your Windows 10 version, you will need to obtain the *PolicyId* value from the XML directly.
 
-3. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the new Windows Defender Application Control supplemental policy to binary:
+3. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the new App Control for Business supplemental policy to binary:
 
    ```powershell
    $EnforcedSuppPolicyBinary = $env:USERPROFILE+"\Desktop\"+$SupplementalPolicyName+"_"+$SupplementalPolicyID+".xml"
@@ -96,4 +95,4 @@ Since the enforced policy was given a unique PolicyID in the previous procedure,
 
 ## Deploy your enforced policy and supplemental policies
 
-Now that your base policy is in enforced mode, you can begin to deploy it to your managed endpoints. For information about deploying policies, see [Deploying Windows Defender Application Control (WDAC) policies](wdac-deployment-guide.md).
+Now that your base policy is in enforced mode, you can begin to deploy it to your managed endpoints. For information about deploying policies, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md
similarity index 57%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md
index d1b96ca2d6..e17a4dfdd6 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md
@@ -1,25 +1,24 @@
 ---
-title: Merge Windows Defender Application Control policies (WDAC)
-description: Learn how to merge WDAC policies as part of your policy lifecycle management.
+title: Merge App Control for Business policies (App Control)
+description: Learn how to merge App Control policies as part of your policy lifecycle management.
 ms.manager: jsuther
-ms.date: 04/22/2021
+ms.date: 09/11/2024
 ms.topic: how-to
 ms.localizationpriority: medium
 ---
 
-# Merge Windows Defender Application Control (WDAC) policies
+# Merge App Control for Business policies
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This article shows how to merge multiple policy XML files together and how to merge rules directly into a policy. Windows Defender Application Control deployments often include a few base policies and optional supplemental policies for specific use cases.
+This article shows how to merge multiple policy XML files together and how to merge rules directly into a policy. App Control for Business deployments often include a few base policies and optional supplemental policies for specific use cases.
 
 > [!NOTE]
-> Prior to Windows version 1903, including Windows Server 2019 and earlier, only one Windows Defender Application Control policy can be active on a system at a time. If you need to use WDAC on systems running these earlier versions of Windows, you must merge all policies before deploying.
+> Prior to Windows version 1903, including Windows Server 2019 and earlier, only one App Control for Business policy can be active on a system at a time. If you need to use App Control on systems running these earlier versions of Windows, you must merge all policies before deploying.
 
-## Merge multiple WDAC policy XML files together
+## Merge multiple App Control policy XML files together
 
-There are many scenarios where you may want to merge two or more policy files together. For example, if you [use audit events to create Windows Defender Application Control policy rules](audit-wdac-policies.md), you can merge those rules with your existing WDAC base policy. To merge the two WDAC policies referenced in that article, complete the following steps in an elevated Windows PowerShell session.
+There are many scenarios where you may want to merge two or more policy files together. For example, if you [use audit events to create App Control for Business policy rules](audit-appcontrol-policies.md), you can merge those rules with your existing App Control base policy. To merge the two App Control policies referenced in that article, complete the following steps in an elevated Windows PowerShell session.
 
 1. Initialize the variables that will be used:
 
@@ -30,7 +29,7 @@ There are many scenarios where you may want to merge two or more policy files to
    $MergedPolicy=$env:userprofile+"\Desktop\"+$PolicyName+"_Merged.xml"
    ```
 
-2. Use [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) to merge two policies and create a new Windows Defender Application Control policy:
+2. Use [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) to merge two policies and create a new App Control for Business policy:
 
    ```powershell
    Merge-CIPolicy -PolicyPaths $LamnaPolicy,$EventsPolicy -OutputFilePath $MergedPolicy
@@ -39,16 +38,16 @@ There are many scenarios where you may want to merge two or more policy files to
    > [!NOTE]
    > You can merge additional policies with the Merge-CIPolicy step above by adding them to the -PolicyPaths parameter separated by commas. The new policy file specified by -OutputFilePath will have the Policy information from the first policy in the list. For example, in the above example, the $MergedPolicy will inherit the policy type, ID, name, and version information from $LamnaPolicy. To change any of those values, use [Set-CIPolicyIdInfo](/powershell/module/configci/set-cipolicyidinfo) and [Set-CIPolicyVersion](/powershell/module/configci/set-cipolicyversion).
 
-## Merge WDAC rules directly into a policy XML
+## Merge App Control rules directly into a policy XML
 
-Besides merging multiple policy XML files, you can also merge rules created with the New-CIPolicyRule cmdlet directly into an existing WDAC policy XML file. Directly merging rules is a convenient way to update your policy without creating extra policy XML files. For example, to add rules that allow the WDAC Wizard and the WDAC RefreshPolicy.exe tool, follow these steps:
+Besides merging multiple policy XML files, you can also merge rules created with the New-CIPolicyRule cmdlet directly into an existing App Control policy XML file. Directly merging rules is a convenient way to update your policy without creating extra policy XML files. For example, to add rules that allow the App Control Wizard and the App Control RefreshPolicy.exe tool, follow these steps:
 
-1. Install the [WDAC Wizard](../design/wdac-wizard.md) packaged MSIX app.
+1. Install the [App Control Wizard](../design/appcontrol-wizard.md) packaged MSIX app.
 2. Download the [Refresh Policy tool](https://aka.ms/refreshpolicy) for your processor architecture and save it to your desktop as RefreshPolicy.exe.
-3. From a PowerShell session, run the following commands to create packaged app allow rules for the WDAC Wizard:
+3. From a PowerShell session, run the following commands to create packaged app allow rules for the App Control Wizard:
 
    ```powershell
-   $PackageInfo = Get-AppxPackage -Name Microsoft.WDAC.WDACWizard
+   $PackageInfo = Get-AppxPackage -Name Microsoft.App Control.WDACWizard
    $Rules = New-CIPolicyRule -Package $PackageInfo
    ```
 
@@ -68,16 +67,16 @@ Besides merging multiple policy XML files, you can also merge rules created with
 
 Now that you have your new, merged policy, you can convert and deploy the policy binary to your managed endpoints.
 
-1. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the WDAC policy to a binary format:
+1. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the App Control policy to a binary format:
 
    ```powershell
-   $WDACPolicyBin=$env:userprofile+"\Desktop\"+$PolicyName+"_{InsertPolicyID}.bin"
-   ConvertFrom-CIPolicy -XMLFilePath $MergedPolicy -BinaryFilePath $WDACPolicyBin
+   $AppControlPolicyBin=$env:userprofile+"\Desktop\"+$PolicyName+"_{InsertPolicyID}.bin"
+   ConvertFrom-CIPolicy -XMLFilePath $MergedPolicy -BinaryFilePath $AppControlPolicyBin
    ```
 
    > [!NOTE]
    > In the sample commands above, for policies targeting Windows 10 version 1903+ or Windows 11, replace the string "{InsertPolicyID}" with the actual PolicyID GUID (including braces **{ }**) found in your policy XML file. For Windows 10 versions prior to 1903, use the name SiPolicy.p7b for the binary file name.
 
-2. Upload your merged policy XML and the associated binary to the source control solution you are using for your Windows Defender Application Control policies. such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
+2. Upload your merged policy XML and the associated binary to the source control solution you are using for your App Control for Business policies. such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
 
-3. Deploy the merged policy using your preferred deployment solution. See [Deploying Windows Defender Application Control (WDAC) policies](wdac-deployment-guide.md)
+3. Deploy the merged policy using your preferred deployment solution. See [Deploying App Control for Business policies](appcontrol-deployment-guide.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md
similarity index 51%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md
index 7e9e07b044..69735b11bd 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md
@@ -1,19 +1,18 @@
 ---
-title: Use code signing for added control and protection with WDAC
-description: Code signing can be used to better control Win32 app authorization and add protection for your Windows Defender Application Control (WDAC) policies.
+title: Use code signing for added control and protection with App Control
+description: Code signing can be used to better control Win32 app authorization and add protection for your App Control for Business policies.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 11/29/2022
+ms.date: 09/11/2024
 ---
 
-# Use code signing for added control and protection with Windows Defender Application Control
+# Use code signing for added control and protection with App Control for Business
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 ## What is code signing and why is it important?
 
-Code signing provides some important benefits to application security features like Windows Defender Application Control (WDAC). First, it allows the system to cryptographically verify that a file hasn't been tampered with since it was signed and before any code is allowed to run. Second, it associates the file with a real-world identity, such as a company or an individual developer. This identity can make your policy trust decisions easier and allows for real-world consequences when code signing is abused or used maliciously. Although Windows doesn't require software developers to digitally sign their code, most major independent software vendors (ISV) do use code signing for much of their code. And metadata that a developer includes in a file's resource header (.RSRC), such as OriginalFileName or ProductName, can be combined with the file's signing certificate to limit the scope of trust decisions. For example, instead of allowing everything signed by Microsoft, you can choose to allow only files signed by Microsoft where ProductName is "Microsoft Teams". Then use other rules to authorize any other files that need to run.
+Code signing provides some important benefits to application security features like App Control for Business. First, it allows the system to cryptographically verify that a file hasn't been tampered with since it was signed and before any code is allowed to run. Second, it associates the file with a real-world identity, such as a company or an individual developer. This identity can make your policy trust decisions easier and allows for real-world consequences when code signing is abused or used maliciously. Although Windows doesn't require software developers to digitally sign their code, most major independent software vendors (ISV) do use code signing for much of their code. And metadata that a developer includes in a file's resource header (.RSRC), such as OriginalFileName or ProductName, can be combined with the file's signing certificate to limit the scope of trust decisions. For example, instead of allowing everything signed by Microsoft, you can choose to allow only files signed by Microsoft where ProductName is "Microsoft Teams". Then use other rules to authorize any other files that need to run.
 
 Wherever possible, you should require all app binaries and scripts are code signed as part of your app acceptance criteria. And, you should ensure that internal line-of-business (LOB) app developers have access to code signing certificates controlled by your organization.
 
@@ -26,13 +25,13 @@ You can use catalog files to easily add a signature to an existing application w
 > [!NOTE]
 > Since catalogs identify the files they sign by hash, any change to the file may invalidate its signature. You will need to deploy updated catalog signatures any time the application is updated. Integrating code signing with your app development or app deployment processes is generally the best approach. Be aware of self-updating apps, as their app binaries may change without your knowledge.
 
-To learn how to create and manage catalog files for existing apps, see [Deploy catalog files to support Windows Defender Application Control](deploy-catalog-files-to-support-wdac.md).
+To learn how to create and manage catalog files for existing apps, see [Deploy catalog files to support App Control for Business](deploy-catalog-files-to-support-appcontrol.md).
 
-## Signed WDAC policies
+## Signed App Control policies
 
-While a WDAC policy begins as an XML document, it's then converted into a binary-encoded file before deployment. This binary version of your policy can be code signed like any other application binary, offering many of the same benefits as described above for signed code. Additionally, signed policies are treated specially by WDAC and help protect against tampering or removal of a policy even by an admin user.
+While an App Control policy begins as an XML document, it's then converted into a binary-encoded file before deployment. This binary version of your policy can be code signed like any other application binary, offering many of the same benefits as described above for signed code. Additionally, signed policies are treated specially by App Control and help protect against tampering or removal of a policy even by an admin user.
 
-For more information on using signed policies, see [Use signed policies to protect Windows Defender Application Control against tampering](/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering)
+For more information on using signed policies, see [Use signed policies to protect App Control for Business against tampering](use-signed-policies-to-protect-appcontrol-against-tampering.md)
 
 ## Obtain code signing certificates for your own use
 
@@ -40,4 +39,4 @@ Some ways to obtain code signing certificates for your own use, include:
 
 - Use Microsoft's [Trusted Signing service](/azure/trusted-signing/).
 - Purchase a code signing certificate from one of the [Microsoft Trusted Root Program participants](/security/trusted-root/participants-list).
-- To use your own digital certificate or public key infrastructure (PKI) to issue code signing certificates, see [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-wdac.md).
\ No newline at end of file
+- To use your own digital certificate or public key infrastructure (PKI) to issue code signing certificates, see [Optional: Create a code signing certificate for App Control for Business](create-code-signing-cert-for-appcontrol.md).
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md
similarity index 69%
rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md
rename to windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md
index a7f4170ab2..6aa667b28a 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md
+++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md
@@ -1,17 +1,16 @@
 ---
-title: Use signed policies to protect Windows Defender Application Control against tampering
-description: Signed Windows Defender Application Control (WDAC) policies give organizations the highest level of malware protection available in Windows 10 and Windows 11.
+title: Use signed policies to protect App Control for Business against tampering
+description: Signed App Control for Business policies give organizations the highest level of malware protection available in Windows 10 and Windows 11.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 11/04/2022
+ms.date: 09/11/2024
 ---
 
-# Use signed policies to protect Windows Defender Application Control against tampering
+# Use signed policies to protect App Control for Business against tampering
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Signed Windows Defender Application Control (WDAC) policies give organizations the highest level of protection available in Windows. These policies are designed to detect administrative tampering of the policy, such as by malware running as admin, and will result in a boot failure or blue screen. With this goal in mind, it's much more difficult to remove signed WDAC policies. SecureBoot must be enabled in order to provide this protection for signed WDAC policies.
+Signed App Control for Business policies give organizations the highest level of protection available in Windows. These policies are designed to detect administrative tampering of the policy, such as by malware running as admin, and will result in a boot failure or blue screen. With this goal in mind, it's much more difficult to remove signed App Control policies. SecureBoot must be enabled in order to provide this protection for signed App Control policies.
 
 If you don't currently have a code signing certificate you can use to sign your policies, see [Obtain code signing certificates for your own use](use-code-signing-for-better-control-and-protection.md#obtain-code-signing-certificates-for-your-own-use).
 
@@ -22,12 +21,12 @@ If you don't currently have a code signing certificate you can use to sign your
 > - Use RSA keys with 2K, 3K, or 4K key size only. ECDSA isn't supported.
 > - You can use SHA-256, SHA-384, or SHA-512 as the digest algorithm on Windows 11, as well as Windows 10 and Windows Server 2019 and above after applying the November 2022 cumulative security update. All other devices only support SHA-256.
 
-Before you attempt to deploy a signed policy, you should first deploy an unsigned version of the policy to uncover any issues with the policy rules. We also recommend you enable rule options **9 - Enabled:Advanced Boot Options Menu** and **10 - Enabled:Boot Audit on Failure** to leave troubleshooting options available to administrators. To ensure that a rule option is enabled, you can run a command such as `Set-RuleOption -FilePath <PathAndFilename> -Option 9`, even if you're not sure whether the option is already enabled. If so, the command has no effect. When validated and ready for enterprise deployment, you can remove these options. For more information about rule options, see [Windows Defender Application Control policy rules](../design/select-types-of-rules-to-create.md).
+Before you attempt to deploy a signed policy, you should first deploy an unsigned version of the policy to uncover any issues with the policy rules. We also recommend you enable rule options **9 - Enabled:Advanced Boot Options Menu** and **10 - Enabled:Boot Audit on Failure** to leave troubleshooting options available to administrators. To ensure that a rule option is enabled, you can run a command such as `Set-RuleOption -FilePath <PathAndFilename> -Option 9`, even if you're not sure whether the option is already enabled. If so, the command has no effect. When validated and ready for enterprise deployment, you can remove these options. For more information about rule options, see [App Control for Business policy rules](../design/select-types-of-rules-to-create.md).
 
 > [!NOTE]
 > When signing a Base policy that has existing Supplemental policies, you must also switch to signed policy for all of the Supplementals. Authorize the signed supplemental policies by adding a `<SupplementalPolicySigner>` rule to the Base policy.
 
-## Prepare your WDAC policy for signing
+## Prepare your App Control policy for signing
 
 1. Open an elevated Windows PowerShell session and initialize the variables to use:
 
@@ -38,7 +37,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne
    ```
 
    > [!NOTE]
-   > This example uses an enforced version of the WDAC policy that you created in [Create a Windows Defender Application Control policy from a reference computer](../design/create-wdac-policy-using-reference-computer.md) article. If you sign another policy, be sure to update the **$PolicyPath** and **$PolicyName** variables with the correct information.
+   > This example uses an enforced version of the App Control policy that you created in [Create an App Control for Business policy from a reference computer](../design/create-appcontrol-policy-using-reference-computer.md) article. If you sign another policy, be sure to update the **$PolicyPath** and **$PolicyName** variables with the correct information.
 
 2. Navigate to your desktop as the working directory:
 
@@ -46,7 +45,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne
     cd $PolicyPath
     ```
 
-3. If your WDAC policy doesn't already include an `<UpdatePolicySigner>` rule for your policy signing certificate, you must add it. At least one `<UpdatePolicySigner>` rule must exist to convert your policy XML with [ConvertFrom-CiPolicy](/powershell/module/configci/convertfrom-cipolicy).
+3. If your App Control policy doesn't already include an `<UpdatePolicySigner>` rule for your policy signing certificate, you must add it. At least one `<UpdatePolicySigner>` rule must exist to convert your policy XML with [ConvertFrom-CiPolicy](/powershell/module/configci/convertfrom-cipolicy).
 
     Use [Add-SignerRule](/powershell/module/configci/add-signerrule) and create an `<UpdatePolicySigner>` rule from your certificate file (.cer). If you purchased a code signing certificate or issued one from your own public key infrastructure (PKI), you can export the certificate file.
 
@@ -58,7 +57,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne
     ```
 
     > [!IMPORTANT]
-    > Failing to perform this step will leave you unable to modify or disable this policy and will lead to boot failure. For more information about how to disable signed policies causing boot failure, see [Remove Windows Defender Application Control policies causing boot stop failures](disable-wdac-policies.md#remove-wdac-policies-causing-boot-stop-failures).
+    > Failing to perform this step will leave you unable to modify or disable this policy and will lead to boot failure. For more information about how to disable signed policies causing boot failure, see [Remove App Control for Business policies causing boot stop failures](disable-appcontrol-policies.md#remove-app-control-policies-causing-boot-stop-failures).
 
 4. Use [Set-RuleOption](/powershell/module/configci/set-ruleoption) to remove the unsigned policy rule option:
 
@@ -86,11 +85,11 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne
 
 ### Policy signing with signtool.exe
 
-If you purchased a code signing certificate or issued one from your own PKI, you can use [SignTool.exe](/windows/win32/seccrypto/signtool) to sign your WDAC policy files:
+If you purchased a code signing certificate or issued one from your own PKI, you can use [SignTool.exe](/windows/win32/seccrypto/signtool) to sign your App Control policy files:
 
-1. Import the .pfx code signing certificate into the user's personal store on the computer where the signing will happen. In this example, you use the certificate that was created in [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-wdac.md).
+1. Import the .pfx code signing certificate into the user's personal store on the computer where the signing will happen. In this example, you use the certificate that was created in [Optional: Create a code signing certificate for App Control for Business](create-code-signing-cert-for-appcontrol.md).
 
-2. Sign the WDAC policy by using SignTool.exe:
+2. Sign the App Control policy by using SignTool.exe:
 
    ```powershell
    <Path to signtool.exe> sign -v -n "ContosoSigningCert" -p7 . -p7co 1.3.6.1.4.1.311.79.1 -fd sha256 $CIPolicyBin
@@ -99,7 +98,7 @@ If you purchased a code signing certificate or issued one from your own PKI, you
    > [!NOTE]
    > The *&lt;Path to signtool.exe&gt;* variable should be the full path to the SignTool.exe utility. **ContosoSigningCert** is the subject name of the certificate that will be used to sign the policy. You should import this certificate to your personal certificate store on the computer you use to sign the policy.
 
-When complete, the commands should output a signed policy file with a `.p7` extension. You must rename the file to `{GUID}.cip` where "{GUID}" is the &lt;PolicyId&gt; from your original WDAC policy XML.
+When complete, the commands should output a signed policy file with a `.p7` extension. You must rename the file to `{GUID}.cip` where "{GUID}" is the &lt;PolicyId&gt; from your original App Control policy XML.
 
 ## Verify and deploy the signed policy
 
@@ -117,9 +116,9 @@ $SignedCryptoMsgSyntax.Decode([System.IO.File]::ReadAllBytes($CIPolicyBin))
 $SignedCryptoMsgSyntax.Certificates | Format-List -Property *
 ```
 
-Thoroughly test the signed policy on a representative set of computers before proceeding with deployment. Be sure to reboot the test computers at least twice after applying the signed WDAC policy to ensure you don't encounter a boot failure.
+Thoroughly test the signed policy on a representative set of computers before proceeding with deployment. Be sure to reboot the test computers at least twice after applying the signed App Control policy to ensure you don't encounter a boot failure.
 
-Once you've verified the signed policy, deploy it using your preferred deployment method. For more information about deploying policies, see [Deploying Windows Defender Application Control policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
+Once you've verified the signed policy, deploy it using your preferred deployment method. For more information about deploying policies, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md).
 
 > [!NOTE]
 > Anti-tampering protection for signed policies takes effect after the first reboot once the signed policy is applied to a computer. This protection only applies to computers with UEFI Secure Boot enabled.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md
similarity index 85%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md
index fc9395851d..7968a8fb46 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md
@@ -1,21 +1,20 @@
 ---
-title: Allow COM object registration in a WDAC policy
-description: You can allow COM object registration in a Windows Defender Application Control policy.
+title: Allow COM object registration in an App Control policy
+description: You can allow COM object registration in an App Control for Business policy.
 ms.localizationpriority: medium
-ms.date: 04/05/2023
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Allow COM object registration in a Windows Defender Application Control policy
+# Allow COM object registration in an App Control for Business policy
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 The [Microsoft Component Object Model (COM)](/windows/desktop/com/the-component-object-model) is a platform-independent, distributed, object-oriented system for creating binary software components that can interact. COM specifies an object model and programming requirements that enable COM objects to interact with other objects.
 
-## COM object configurability in WDAC policy
+## COM object configurability in App Control policy
 
-Windows Defender Application Control (WDAC) enforces a built-in allowlist for COM object registration. While this list works for most common application usage scenarios, you may need to allow more COM objects to support the apps used in your organization. You can specify allowed COM objects via their GUID in your WDAC policy as described in this article.
+App Control for Business enforces a built-in allowlist for COM object registration. While this list works for most common application usage scenarios, you may need to allow more COM objects to support the apps used in your organization. You can specify allowed COM objects via their GUID in your App Control policy as described in this article.
 
 > [!NOTE]
 > To add this functionality to other versions of Windows 10, you can install the following or later updates.
@@ -46,7 +45,7 @@ One attribute:
 
 ### Multiple policy considerations
 
-Similar to executable files, COM objects must pass all enforced WDAC policies on the system to run. For example, if the COM object under evaluation passes most but not all of your WDAC policies, the COM object is blocked. If you're using a combination of base and supplemental policies, the COM object just needs to be allowlisted in either the base policy or one of the supplemental policies.
+Similar to executable files, COM objects must pass all enforced App Control policies on the system to run. For example, if the COM object under evaluation passes most but not all of your App Control policies, the COM object is blocked. If you're using a combination of base and supplemental policies, the COM object just needs to be allowlisted in either the base policy or one of the supplemental policies.
 
 ### Examples
 
@@ -126,10 +125,10 @@ To add this CLSID to the existing policy, follow these steps:
 
 1. Open PowerShell ISE with Administrative privileges.
 
-2. Copy and edit this command, then run it from the admin PowerShell ISE. Consider the policy name to be `WDAC_policy.xml`.
+2. Copy and edit this command, then run it from the admin PowerShell ISE. Consider the policy name to be `AppControl_policy.xml`.
 
     ```PowerShell
-    PS C:\WINDOWS\system32> Set-CIPolicySetting -FilePath <path to policy xml>\WDAC_policy.xml -Key "{f8d253d9-89a4-4daa-87b6-1168369f0b21}" -Provider WSH -Value true -ValueName EnterpriseDefinedClsId -ValueType Boolean
+    PS C:\WINDOWS\system32> Set-CIPolicySetting -FilePath <path to policy xml>\AppControl_policy.xml -Key "{f8d253d9-89a4-4daa-87b6-1168369f0b21}" -Provider WSH -Value true -ValueName EnterpriseDefinedClsId -ValueType Boolean
     ```
 
     Once the command has run, find the following section added to the policy XML.
@@ -145,7 +144,7 @@ To add this CLSID to the existing policy, follow these steps:
 
 ### Default COM Object allowlist
 
-The table that follows describes the list of COM objects that are inherently trusted in Windows Defender Application Control. Objects in this list don't need to be allowlisted in your WDAC policies. They can be denied by creating explicit deny rules in your WDAC policy.
+The table that follows describes the list of COM objects that are inherently trusted in App Control for Business. Objects in this list don't need to be allowlisted in your App Control policies. They can be denied by creating explicit deny rules in your App Control policy.
 
 | File Name | CLSID |
 |--------|-----------|
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md
new file mode 100644
index 0000000000..6e31a5e523
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md
@@ -0,0 +1,47 @@
+---
+title: App Control for Business and .NET
+description: Understand how App Control and .NET work together and use Dynamic Code Security to verify code loaded by .NET at runtime.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# App Control for Business and .NET
+
+.NET apps (as written in a high-level language like C#) are compiled to an Intermediate Language (IL). IL is a compact code format that can be supported on any operating system or architecture. Most .NET apps use APIs that are supported in multiple environments, requiring only the .NET runtime to run. IL needs to be compiled to native code in order to execute on a CPU, for example Arm64 or x64. When .NET compiles IL to native image (NI) on a device with an App Control user mode policy, it first checks whether the original IL file passes the current App Control policies. If so, .NET sets an NTFS extended attribute (EA) on the generated NI file so that App Control knows to trust it as well. When the .NET app runs, App Control sees the EA on the NI file and allows it.
+
+The EA set on the NI file only applies to the currently active App Control policies. If one of the active App Control policies is updated or a new policy is applied, the EA on the NI file is invalidated. The next time the app runs, App Control will block the NI file. .NET handles the block gracefully and falls back to the original IL code. If the IL still passes the latest App Control policies, then the app runs without any functional impact. Since the IL is now being compiled at runtime, you might notice a slight impact to performance of the app. When .NET must fall back to IL, .NET will also schedule a process to run at the next maintenance window to regenerate all NI files, thus reestablishing the App Control EA for all code that passes the latest App Control policies.
+
+In some cases, if an NI file is blocked, you might see a "false positive" block event in the *CodeIntegrity - Operational* event log as described in [App Control Admin Tips & Known Issues](../operations/known-issues.md#net-native-images-may-generate-false-positive-block-events).
+
+To mitigate any performance impact caused when the App Control EA isn't valid or missing:
+
+- Avoid updating the App Control policies often.
+- Run `ngen update` (on all machine architectures) to force .NET to regenerate all NI files immediately after applying changes to your App Control policies.
+- Migrate applications to .NET Core (.NET 6 or greater).
+
+## App Control and .NET hardening
+
+Security researchers found that some .NET capabilities that allow apps to load libraries from external sources or generate new code at runtime can be used to circumvent App Control controls.
+To address this potential vulnerability, App Control includes an option called *Dynamic Code Security* that works with .NET to verify code loaded at runtime.
+
+When the Dynamic Code Security option is enabled, the App Control policy is applied to libraries that .NET loads from external sources. For example, any remote sources, such as the internet or a network share.
+
+> [!IMPORTANT]
+> .Net dynamic code security hardening is *turned on and enforced* if any App Control policy with UMCI enabled has set option **19 Enabled:Dynamic Code Security**. There is no audit mode for this feature. You should test your apps with this option set before turning it on across large numbers of devices.
+
+Additionally, it detects tampering in code generated to disk by .NET and blocks loading code that was tampered with.
+
+Dynamic Code Security isn't enabled by default because existing policies might not account for externally loaded libraries.
+Additionally, a few .NET loading features, including loading unsigned assemblies built with System.Reflection.Emit, aren't currently supported with Dynamic Code Security enabled.
+Microsoft recommends testing Dynamic Code Security in audit mode before enforcing it to discover whether any new libraries should be included in the policy.
+
+Additionally, customers can precompile for deployment only to prevent an allowed executable from being terminated because it tries to load unsigned dynamically generated code. See the "Precompiling for Deployment Only" section in the [ASP.NET Precompilation Overview](/previous-versions/aspnet/bb398860(v=vs.100)) document for how to fix that.
+
+To enable Dynamic Code Security, add the following option to the `<Rules>` section of your App Control policy:
+
+```xml
+<Rule>
+    <Option>Enabled:Dynamic Code Security</Option>
+</Rule>
+```
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md
new file mode 100644
index 0000000000..73bbde562c
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md
@@ -0,0 +1,36 @@
+---
+title: App Control for Business design guide
+description: Microsoft App Control for Business allows organizations to control what apps and drivers will run on their managed Windows devices.
+ms.localizationpriority: medium
+ms.topic: conceptual
+ms.date: 09/11/2024
+---
+
+# App Control for Business design guide
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This guide covers design and planning for App Control for Business. It's intended to help security architects, security administrators, and system administrators create a plan that addresses specific App Control requirements for different departments or business groups within an organization.
+
+## Plan for success
+
+A common refrain you may hear about App Control is that it is "too hard." While it's true that App Control isn't as simple as flipping a switch, organizations can be successful, if they're methodical when carefully planning their approach. In reality, the issues that lead to failure with App Control often arise from business issues rather than technology challenges. Organizations that have successfully deployed App Control have ensured the following before starting their planning:
+
+-   Executive sponsorship and organizational buy-in is in place.
+-   There's a clear **business** objective for using App Control, and it's not being planned as a purely technical problem from IT.
+-   The organization has a plan to handle potential helpdesk support requests for users who are blocked from running some apps.
+-   The organization has considered where App Control can be most useful (for example, securing sensitive workloads or business functions) and also where it may be difficult to achieve (for example, developer workstations).
+
+Once these business factors are in place, you're ready to begin planning your App Control for Business deployment. The following topics can help guide you through your planning process.
+
+## In this section
+
+| Topic | Description |
+| - | - |
+| [Plan for App Control policy management](plan-appcontrol-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining App Control policies. |
+| [Understand App Control policy design decisions](understand-appcontrol-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of App Control policies. |
+| [Understand App Control policy rules and file rules](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your policy rules by using App Control. |
+| [Policy creation for common App Control usage scenarios](common-appcontrol-use-cases.md) | This set of topics outlines common use case scenarios, and helps you begin to develop a plan for deploying App Control in your organization. |
+| [Policy creation using the App Control Wizard tool](appcontrol-wizard.md) | This set of topics describes how to use the App Control Wizard desktop app to easily create, edit, and merge App Control policies. |
+
+After planning is complete, the next step is to deploy App Control. The [App Control for Business Deployment Guide](../deployment/appcontrol-deployment-guide.md) covers creating and testing policies, deploying the enforcement setting, and managing and maintaining policies.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md
similarity index 68%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md
index 38dd2726e4..5de28ef21c 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md
@@ -1,35 +1,34 @@
 ---
-title: Windows Defender Application Control Wizard Base Policy Creation
-description: Creating new base application control policies with the Microsoft Windows Defender Application (WDAC) Wizard.
+title: App Control for Business Wizard Base Policy Creation
+description: Creating new base App Control policies with the App Control Wizard.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 06/07/2023
+ms.date: 09/11/2024
 ---
 
 # Creating a new Base Policy with the Wizard
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-When creating policies for use with Windows Defender Application Control (WDAC), it's recommended to start with a template policy, and then add or remove rules to suit your application control scenario. For this reason, the WDAC Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [WDAC design guide](wdac-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules.
+When creating policies for use with App Control for Business, it's recommended to start with a template policy, and then add or remove rules to suit your App Control scenario. For this reason, the App Control Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about App Control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a new App Control policy from a template, configure the policy options, and the signer and file rules.
 
 ## Template Base Policies
 
-Each of the template policies has a unique set of policy allowlist rules that affect the circle-of-trust and security model of the policy. The following table lists the policies in increasing order of trust and freedom. For instance, the Default Windows mode policy trusts fewer application publishers and signers than the Signed and Reputable mode policy. The Default Windows policy has a smaller circle-of-trust with better security than the Signed and Reputable policy, but at the expense of compatibility.  
+Each of the template policies has a unique set of policy allowlist rules that affect the circle-of-trust and security model of the policy. The following table lists the policies in increasing order of trust and freedom. For instance, the Default Windows mode policy trusts fewer application publishers and signers than the Signed and Reputable mode policy. The Default Windows policy has a smaller circle-of-trust with better security than the Signed and Reputable policy, but at the expense of compatibility.
 
 | Template Base Policy | Description |
 |---------------------------------|-------------------------------------------------------------------|
 | **Default Windows Mode**      | Default Windows mode authorizes the following components: </br><ul><li>Windows operating components - any binary installed by a fresh install of Windows</li><li>Apps installed from the Microsoft Store</li><li>Microsoft Office365 apps, OneDrive, and Microsoft Teams</li><li>Third-party [Windows Hardware Compatible drivers](/windows-hardware/drivers/install/whql-release-signature)</li></ul>|
 | **Allow Microsoft Mode**      | Allow mode authorizes the following components: </br><ul><li>Windows operating components - any binary installed by a fresh install of Windows</li><li>Apps installed from the Microsoft Store</li><li>Microsoft Office365 apps, OneDrive, and Microsoft Teams</li><li>Third-party [Windows Hardware Compatible drivers](/windows-hardware/drivers/install/whql-release-signature)</li><li>*All Microsoft-signed software*</li></ul>|
-| **Signed and Reputable Mode** | Signed and Reputable mode authorizes the following components: </br><ul><li>Windows operating components - any binary installed by a fresh install of Windows</li><li>Apps installed from the Microsoft Store</li><li>Microsoft Office365 apps, OneDrive, and Microsoft Teams</li><li>Third-party [Windows Hardware Compatible drivers](/windows-hardware/drivers/install/whql-release-signature)</li><li>All Microsoft-signed software</li><li>*Files with good reputation per [Microsoft Defender's Intelligent Security Graph technology](use-wdac-with-intelligent-security-graph.md)*</li></ul>|
+| **Signed and Reputable Mode** | Signed and Reputable mode authorizes the following components: </br><ul><li>Windows operating components - any binary installed by a fresh install of Windows</li><li>Apps installed from the Microsoft Store</li><li>Microsoft Office365 apps, OneDrive, and Microsoft Teams</li><li>Third-party [Windows Hardware Compatible drivers](/windows-hardware/drivers/install/whql-release-signature)</li><li>All Microsoft-signed software</li><li>*Files with good reputation per [Microsoft Defender's Intelligent Security Graph technology](use-appcontrol-with-intelligent-security-graph.md)*</li></ul>|
 
 *Italicized content denotes the changes in the current policy with respect to the policy prior.*
 
-More information about the Default Windows Mode and Allow Microsoft Mode policies can be accessed through the [Example Windows Defender Application Control base policies article](example-wdac-base-policies.md).
+More information about the Default Windows Mode and Allow Microsoft Mode policies can be accessed through the [Example App Control for Business base policies article](example-appcontrol-base-policies.md).
 
-![Selecting a base template for the policy.](../images/wdac-wizard-template-selection.png)
+![Selecting a base template for the policy.](../images/appcontrol-wizard-template-selection.png)
 
-Once the base template is selected, give the policy a name and choose where to save the application control policy on disk.
+Once the base template is selected, give the policy a name and choose where to save the App Control policy on disk.
 
 ## Configuring Policy Rules
 
@@ -37,23 +36,23 @@ Upon page launch, policy rules are automatically enabled/disabled depending on t
 
 ### Policy Rules Description
 
-The following table has a description of each policy rule, beginning with the left-most column. The [Policy rules article](select-types-of-rules-to-create.md#windows-defender-application-control-policy-rules) provides a fuller description of each policy rule.
+The following table has a description of each policy rule, beginning with the left-most column. The [Policy rules article](select-types-of-rules-to-create.md#app-control-for-business-policy-rules) provides a fuller description of each policy rule.
 
 | Rule option | Description |
 |------------ | ----------- |
-| **Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all Windows Defender Application Control policies. Setting this rule option allows the F8 menu to appear to physically present users. |
+| **Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all App Control for Business policies. Setting this rule option allows the F8 menu to appear to physically present users. |
 | **Allow Supplemental Policies** | Use this option on a base policy to allow supplemental policies to expand it. |
 | **Disable Script Enforcement** | This option disables script enforcement options. Unsigned PowerShell scripts and interactive PowerShell are no longer restricted to [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). NOTE: This option is required to run HTA files, and is only supported with the Windows 10 May 2019 Update (1903) and higher. Using it on earlier versions of Windows 10 isn't supported and may have unintended results. |
 |**[Hypervisor-protected code integrity (HVCI)](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md)**| When enabled, policy enforcement uses virtualization-based security to run the code integrity service inside a secure environment. HVCI provides stronger protections against kernel malware.|
 | **Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by the Microsoft Intelligent Security Graph (ISG). |
 | **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. |
 | **Require WHQL** | By default, legacy drivers that aren't Windows Hardware Quality Labs (WHQL) signed are allowed to execute. Enabling this rule requires that every executed driver is WHQL signed and removes legacy driver support. Henceforth, every new Windows-compatible driver must be WHQL certified. |
-| **Update Policy without Rebooting** | Use this option to allow future Windows Defender Application Control policy updates to apply without requiring a system reboot. |
+| **Update Policy without Rebooting** | Use this option to allow future App Control for Business policy updates to apply without requiring a system reboot. |
 | **Unsigned System Integrity Policy** | Allows the policy to remain unsigned. When this option is removed, the policy must be signed and have UpdatePolicySigners added to the policy to enable future policy modifications. |
-| **User Mode Code Integrity** | Windows Defender Application Control policies restrict both kernel-mode and user-mode binaries. By default, only kernel-mode binaries are restricted. Enabling this rule option validates user mode executables and scripts. |
+| **User Mode Code Integrity** | App Control for Business policies restrict both kernel-mode and user-mode binaries. By default, only kernel-mode binaries are restricted. Enabling this rule option validates user mode executables and scripts. |
 
 > [!div class="mx-imgBorder"]
-> ![Rule options UI for Windows Allowed mode policy.](../images/wdac-wizard-rule-options-UI-advanced-collapsed.png)
+> ![Rule options UI for Windows Allowed mode policy.](../images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png)
 
 ### Advanced Policy Rules Description
 
@@ -61,34 +60,34 @@ Selecting the **+ Advanced Options** label shows another column of policy rules,
 
 | Rule option | Description |
 |------------ | ----------- |
-| **Boot Audit on Failure** | Used when the Windows Defender Application Control (WDAC) policy is in enforcement mode. When a driver fails during startup, the WDAC policy is placed in audit mode so that Windows loads. Administrators can validate the reason for the failure in the CodeIntegrity event log. |
-| **Disable Flight Signing** | If enabled, WDAC policies block flightroot-signed binaries. This option would be used in the scenario in which organizations only want to run released binaries, not flight/preview-signed builds. |
+| **Boot Audit on Failure** | Used when the App Control for Business policy is in enforcement mode. When a driver fails during startup, the App Control policy is placed in audit mode so that Windows loads. Administrators can validate the reason for the failure in the CodeIntegrity event log. |
+| **Disable Flight Signing** | If enabled, App Control policies block flightroot-signed binaries. This option would be used in the scenario in which organizations only want to run released binaries, not flight/preview-signed builds. |
 | **Disable Runtime FilePath Rule Protection** | This option disables the default runtime check that only allows FilePath rules for paths that are only writable by an administrator. |
 | **Dynamic Code Security** | Enables policy enforcement for .NET applications and dynamically loaded libraries (DLLs). |
-| **Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option causes WDAC to periodically revalidate the reputation for files authorized by the ISG.|
+| **Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, App Control sets an extended file attribute that indicates that the file was authorized to run. This option causes App Control to periodically revalidate the reputation for files authorized by the ISG.|
 | **Require EV Signers** | This option isn't currently supported. |
 
-![Rule options UI for Windows Allowed mode.](../images/wdac-wizard-rule-options-UI.png)
+![Rule options UI for Windows Allowed mode.](../images/appcontrol-wizard-rule-options-UI.png)
 
 > [!NOTE]
-> We recommend that you **enable Audit Mode** initially because it allows you to test new Windows Defender Application Control policies before you enforce them. With audit mode, no application is blocked-instead the policy logs an event whenever an application outside the policy is started. For this reason, all templates have Audit Mode enabled by default.
+> We recommend that you **enable Audit Mode** initially because it allows you to test new App Control for Business policies before you enforce them. With audit mode, no application is blocked-instead the policy logs an event whenever an application outside the policy is started. For this reason, all templates have Audit Mode enabled by default.
 
 ## Creating custom file rules
 
-[File rules](select-types-of-rules-to-create.md#windows-defender-application-control-file-rule-levels) in an application control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the application control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create custom file rules for your policy. The Wizard supports four types of file rules:
+[File rules](select-types-of-rules-to-create.md#app-control-for-business-file-rule-levels) in an App Control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the App Control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create custom file rules for your policy. The Wizard supports four types of file rules:
 
 ### Publisher Rules
 
-The Publisher file rule type uses properties in the code signing certificate chain to base file rules. Once the file to base the rule off of, called the *reference file*, is selected, use the slider to indicate the specificity of the rule.  The following table shows the relationship between the slider placement, the corresponding Windows Defender Application Control (WDAC) rule level and its description. The lower the placement on the table and the UI slider, the greater the specificity of the rule.
+The Publisher file rule type uses properties in the code signing certificate chain to base file rules. Once the file to base the rule off of, called the *reference file*, is selected, use the slider to indicate the specificity of the rule.  The following table shows the relationship between the slider placement, the corresponding App Control for Business rule level and its description. The lower the placement on the table and the UI slider, the greater the specificity of the rule.
 
-| Rule Condition | WDAC Rule Level | Description |
+| Rule Condition | App Control Rule Level | Description |
 |------------ | ----------- | ----------- |
 | **Issuing CA** | PCACertificate | Highest available certificate is added to the signers. This certificate is typically the PCA certificate, one level below the root certificate. Any file signed by this certificate is affected. |
 | **Publisher** | Publisher | This rule is a combination of the PCACertificate rule and the common name (CN) of the leaf certificate. Any file signed by a major CA but with a leaf from a specific company, for example, a device driver corp, is affected. |
 | **File version** | SignedVersion | This rule is a combination of PCACertificate, publisher, and a version number. Anything from the specified publisher with a version at or above the one specified is affected. |
 | **File name** | FilePublisher | Most specific. Combination of the file name, publisher, and PCA certificate and a minimum version number. Files from the publisher with the specified name and greater or equal to the specified version are affected. |
 
-![Custom filepublisher file rule creation.](../images/wdac-wizard-custom-publisher-rule.png)
+![Custom filepublisher file rule creation.](../images/appcontrol-wizard-custom-publisher-rule.png)
 
 ### Filepath Rules
 
@@ -106,16 +105,16 @@ The Wizard supports the creation of [file name rules](select-types-of-rules-to-c
 | **Internal name** | Specifies the internal name of the binary. |
 
 > [!div class="mx-imgBorder"]
-> ![Custom file attributes rule.](../images/wdac-wizard-custom-file-attribute-rule.png)
+> ![Custom file attributes rule.](../images/appcontrol-wizard-custom-file-attribute-rule.png)
 
 ### File Hash Rules
 
 Lastly, the Wizard supports creating file rules using the hash of the file. Although this level is specific, it can cause extra administrative overhead to maintain the current product version's hash values. Each time a binary is updated, the hash value changes, therefore requiring a policy update. By default, the Wizard uses file hash as the fallback in case a file rule can't be created using the specified file rule level.
 
 #### Deleting Signing Rules
-  
+
 The policy signing rules list table on the left of the page documents the allow and deny rules in the template, and any custom rules you create. Template signing rules and custom rules can be deleted from the policy by selecting the rule from the rules list table. Once the rule is highlighted, press the delete button underneath the table. You're then prompted for another confirmation. Select `Yes` to remove the rule from the policy and the rules table.
 
 ## Up next
 
-- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](wdac-wizard-editing-policy.md)
+- [Editing an App Control for Business policy using the Wizard](appcontrol-wizard-editing-policy.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md
similarity index 68%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md
index 2d1d9a8c91..3cd72d3fcd 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md
@@ -1,33 +1,32 @@
 ---
-title: Windows Defender Application Control Wizard Supplemental Policy Creation
-description: Creating supplemental application control policies with the WDAC Wizard.
+title: App Control for Business Wizard Supplemental Policy Creation
+description: Creating supplemental App Control policies with the App Control Wizard.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 06/07/2023
+ms.date: 09/11/2024
 ---
 
 # Creating a new Supplemental Policy with the Wizard
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Beginning in Windows 10 version 1903, Windows Defender Application Control (WDAC) supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [WDAC base policy](wdac-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When supplemental policies are used, applications allowed by the base or any of its supplemental policies are allowed to run.
+Beginning in Windows 10 version 1903, App Control for Business supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [App Control base policy](appcontrol-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When supplemental policies are used, applications allowed by the base or any of its supplemental policies are allowed to run.
 
-Prerequisite information about application control can be accessed through the [WDAC design guide](wdac-design-guide.md). This page outlines the steps to create a supplemental application control policy, configure the policy options, and the signer and file rules.
+Prerequisite information about App Control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a supplemental App Control policy, configure the policy options, and the signer and file rules.
 
 ## Expanding a Base Policy
 
-Once the Supplemental Policy type is chosen on the New Policy page, policy name and file dialog fields can be used to name and save the supplemental policy. The next step requires selecting a base policy to expand. To expand a base policy, the base must allow supplemental policies. The WDAC Wizard verifies if the base policy allows supplementals and shows the following confirmation.
+Once the Supplemental Policy type is chosen on the New Policy page, policy name and file dialog fields can be used to name and save the supplemental policy. The next step requires selecting a base policy to expand. To expand a base policy, the base must allow supplemental policies. The App Control Wizard verifies if the base policy allows supplementals and shows the following confirmation.
 
-![Base policy allows supplemental policies.](../images/wdac-wizard-supplemental-expandable.png)
+![Base policy allows supplemental policies.](../images/appcontrol-wizard-supplemental-expandable.png)
 
-If the base policy isn't configured for supplemental policies, the Wizard attempts to convert the policy to one that can be supplemented. Once successful, the Wizard shows a dialog demonstrating that the addition of the Allow Supplemental Policy rule was completed.  
+If the base policy isn't configured for supplemental policies, the Wizard attempts to convert the policy to one that can be supplemented. Once successful, the Wizard shows a dialog demonstrating that the addition of the Allow Supplemental Policy rule was completed.
 
-![Wizard confirms modification of base policy.](../images/wdac-wizard-confirm-base-policy-modification.png)
+:::image type="content" alt-text="Wizard confirms modification of base policy." source="../images/appcontrol-wizard-confirm-base-policy-modification.png":::
 
-Policies that can't be supplemented, for instance another supplemental policy, are detected by the Wizard and show the following error. Only a base policy can be supplemented. More information on supplemental policies can be found on our [Multiple Policies article](deploy-multiple-wdac-policies.md).
+Policies that can't be supplemented, for instance another supplemental policy, are detected by the Wizard and show the following error. Only a base policy can be supplemented. More information on supplemental policies can be found on our [Multiple Policies article](deploy-multiple-appcontrol-policies.md).
 
-![Wizard detects a bad base policy.](../images/wdac-wizard-supplemental-not-base.png)
+:::image type="content" alt-text="Wizard detects a bad base policy." source="../images/appcontrol-wizard-supplemental-not-base.png":::
 
 ## Configuring Policy Rules
 
@@ -45,24 +44,24 @@ Supplemental policies can only configure three policy rules. The following table
 | **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. |
 | **Disable Runtime FilePath Rule Protection** | This option disables the default runtime check that only allows FilePath rules for paths that are only writable by an administrator. |
 
-![Rule options UI for Windows Allowed mode.](../images/wdac-wizard-supplemental-policy-rule-options-UI.png)
+:::image type="content" alt-text="Rule options UI for Windows Allowed mode." source="../images/appcontrol-wizard-supplemental-policy-rule-options-UI.png":::
 
 ## Creating custom file rules
 
-File rules in an application control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the application control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create and customize targeted file rules for your policy. The Wizard supports four types of file rules:
+File rules in an App Control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the App Control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create and customize targeted file rules for your policy. The Wizard supports four types of file rules:
 
 ### Publisher Rules
 
-The Publisher file rule type uses properties in the code signing certificate chain to base file rules. Once the file to base the rule off of, called the *reference file*, is selected, use the slider to indicate the specificity of the rule.  The following table shows the relationship between the slider placement, the corresponding Windows Defender Application Control (WDAC) rule level, and its description. The lower the placement on the table and the UI slider, the greater the specificity of the rule.
+The Publisher file rule type uses properties in the code signing certificate chain to base file rules. Once the file to base the rule off of, called the *reference file*, is selected, use the slider to indicate the specificity of the rule.  The following table shows the relationship between the slider placement, the corresponding App Control for Business rule level, and its description. The lower the placement on the table and the UI slider, the greater the specificity of the rule.
 
-| Rule Condition | WDAC Rule Level | Description |
+| Rule Condition | App Control Rule Level | Description |
 |------------ | ----------- | ----------- |
 | **Issuing CA** | PCACertificate | Highest available certificate is added to the signers. This certificate is typically the PCA certificate, one level below the root certificate. Any file signed by this certificate is affected. |
 | **Publisher** | Publisher | This rule is a combination of the PCACertificate rule and the common name (CN) of the leaf certificate. Any file signed by a major CA but with a leaf from a specific company, for example, a device driver publisher, is affected. |
 | **File version** | SignedVersion | This rule is a combination of the PCACertificate and Publisher rule, and a version number. Anything from the specified publisher with a version at or above the one specified is affected. |
 | **File name** | FilePublisher | Most specific. Combination of the file name, publisher, and PCA certificate and a minimum version number. Files from the publisher with the specified name and greater or equal to the specified version are affected. |
 
-![Custom filepublisher file rule creation.](../images/wdac-wizard-custom-publisher-rule.png)
+![Custom filepublisher file rule creation.](../images/appcontrol-wizard-custom-publisher-rule.png)
 
 ### Filepath Rules
 
@@ -79,16 +78,16 @@ The Wizard supports the creation of [file name rules](select-types-of-rules-to-c
 | **Product name** | Specifies the name of the product with which the binary ships. |
 | **Internal name** | Specifies the internal name of the binary. |
 
-![Custom file attributes rule.](../images/wdac-wizard-custom-file-attribute-rule.png)
+:::image type="content" alt-text="Custom file attributes rule." source="../images/appcontrol-wizard-custom-file-attribute-rule.png":::
 
 ### File Hash Rules
 
 Lastly, the Wizard supports creating file rules using the hash of the file. Although this level is specific, it can cause extra administrative overhead to maintain the current product versions' hash values. Each time a binary is updated, the hash value changes, therefore requiring a policy update. By default, the Wizard uses file hash as the fallback in case a file rule can't be created using the specified file rule level.
 
 #### Deleting Signing Rules
-  
+
 The table on the left of the page documents the allow and deny rules in the template, and any custom rules you create. Rules can be deleted from the policy by selecting the rule from the rules list table. Once the rule is highlighted, press the delete button underneath the table. You're again prompted for another confirmation. Select `Yes` to remove the rule from the policy and the rules table.
 
 ## Up next
 
-- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](wdac-wizard-editing-policy.md)
+- [Editing an App Control for Business policy using the Wizard](appcontrol-wizard-editing-policy.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md
new file mode 100644
index 0000000000..8818dc5ae7
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md
@@ -0,0 +1,56 @@
+---
+title: Editing App Control for Business Policies with the Wizard
+description: Editing existing base and supplemental policies with the Microsoft App Control Wizard.
+ms.localizationpriority: medium
+ms.topic: conceptual
+ms.date: 09/11/2024
+---
+
+# Editing existing base and supplemental App Control policies with the Wizard
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+The App Control for Business Wizard makes editing and viewing App Control policies easier than the PowerShell cmdlets or manually. The Wizard currently supports the following editing capabilities:
+
+- Configuring policy rules
+- Adding new allow or block file rules to existing policies
+- Removing allow or block file rules on existing policies
+
+## Configuring Policy Rules
+
+The `Policy Rules` page loads with the in-edit policy rules configured per the set rules. Selecting the `+ Advanced Options` button reveals the advanced policy rule options panel. This grouping of rules contains other policy rule options that are less common to most users. To edit any of the rules, flip the corresponding policy rule state. For instance, to disable Audit Mode and enable Enforcement Mode in the figure below, the button beside the `Audit Mode` label needs only to be pressed. Once the policy rules are configured, select the Next button to continue the next stage of editing: [Adding File Rules](#adding-file-rules).
+
+![Configuring the policy rules.](../images/appcontrol-wizard-edit-policy-rules.png)
+
+A description of the policy rule is shown at the bottom of the page when the cursor is placed over the rule title. For a complete list of the policy rules and their capabilities, see the [App Control for Business policy rules table](select-types-of-rules-to-create.md#app-control-for-business-policy-rules).
+
+## Adding File Rules
+
+The App Control for Business Wizard allows users to add rules to their existing policy seamlessly. Previously, this rule-adding task would have involved creating a new policy with the new rules and merging it with the existing policy.
+
+Selecting the `+ Custom Rules` button opens the Custom Rules panel. For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](appcontrol-wizard-create-base-policy.md#creating-custom-file-rules).
+
+## Removing File Rules
+
+The App Control Wizard makes deleting file rules from an existing policy quick and easy. To remove any type of file rule: publisher rule, path rule, filename rule, or a hash rule, select the rule in the `Policy Signing Rules List` table on the left-hand side of the page. Selecting the rule highlights the entire row. Once the row is highlighted, select the remove icon underneath the table. The Wizard prompts for user confirmation before removing the file rule. Once removed, the rule no longer appears in the policy or the table.
+
+:::image type="content" alt-text="Removing file rule from policy during edit." source="../images/appcontrol-wizard-edit-remove-file-rule.png":::
+
+> [!NOTE]
+> Removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2.
+
+```xml
+<Signer ID="ID_SIGNER_CONTOSO_PUBLISHER" Name="Contoso LOB Publisher CA">
+  <CertRoot Type="TBS" Value="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" />
+  <CertPublisher Value="Contoso IT Dept App Publisher" />
+  <FileAttribRef RuleID="ID_FILEATTRIB_LOB_APP_1" />
+  <FileAttribRef RuleID="ID_FILEATTRIB_LOB_APP_2" />
+```
+
+### Policy Creation
+
+Once the policy is created, the new policy is written to the same path as the in-edit policy. The new policy file name has the policy version appended to the end of the file name. For instance, if the in-edit policy is saved at `MyDocuments\BasePolicy.xml`, after edit, the new policy will be saved at `MyDocuments\BasePolicy_v10.0.0.1.xml`.
+
+## Up next
+
+- [Merging App Control for Business policies using the Wizard](appcontrol-wizard-merging-policies.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md
new file mode 100644
index 0000000000..a0c8c1e69a
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md
@@ -0,0 +1,20 @@
+---
+title: App Control for Business Wizard Policy Merging Operation
+description: Merging multiple policies into a single App Control policy with the App Control Wizard.
+ms.localizationpriority: medium
+ms.topic: conceptual
+ms.date: 09/11/2024
+---
+
+# Merging existing policies with the App Control Wizard
+
+Beginning in Windows 10 version 1903, App Control for Business supports multiple policies. Before version 1903, however, Windows 10 could only have one App Control policy. So, users were required to merge multiple App Control policies into one. The App Control Wizard has a simple to use user interface to allow users to merge multiple App Control policies. The Wizard can support up to 15 policy files as input during the merge workflow.
+
+Select the policies you wish to merge into one policy using the `+ Add Policy` button under the table. Once added, policies will be enumerated within the table. To remove a policy from the table, if accidentally added, highlight the policy row and select the `- Remove Policy` button. Confirmation will be required before the policy is withdrawn from the table.
+
+> [!NOTE]
+> The policy type and ID of the final output policy will be determined based on the type and ID of the **first policy** in the policy list table. For instance, if a legacy policy format policy and a multi-policy format policy are merged together, the output format of the policy will be whichever policy is specified first in the table. For more information on policy formats, visit the [Multiple App Control for Business Policies page](deploy-multiple-appcontrol-policies.md).
+
+Lastly, select a filepath save location for the final merged policy using the `Browse` button. If a minimum of two policies are selected, and the save location is specified, select the `Next` button to build the policy.
+
+:::image type="content" alt-text="Merging App Control policies into a final App Control policy." source="../images/appcontrol-wizard-merge.png":::
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md
new file mode 100644
index 0000000000..5e2b4e4017
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md
@@ -0,0 +1,115 @@
+---
+title: App Control for Business Wizard App Control Event Parsing
+description: Creating App Control policy rules from the App Control event logs and the MDE Advanced Hunting App Control events.
+ms.localizationpriority: medium
+ms.topic: conceptual
+ms.date: 09/11/2024
+---
+
+# Creating App Control Policy Rules from App Control Events in the Wizard
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+As of [version 2.2.0.0](https://webapp-wdac-wizard.azurewebsites.net/archives.html), the App Control Wizard supports creating App Control policy rules from the following event log types:
+
+1. [App Control event log events on the system](#app-control-event-viewer-log-parsing)
+2. [Exported App Control events (EVTX files) from any system](#app-control-event-log-file-parsing)
+3. [Exported App Control events from MDE Advanced Hunting](#mde-advanced-hunting-app-control-event-parsing)
+
+## App Control Event Viewer Log Parsing
+
+To create rules from the App Control event logs on the system:
+
+1. Select **Policy Editor** from the main page.
+2. Select **Convert Event Log to an App Control Policy**.
+3. Select the **Parse Event Logs** button under the **Parse Event Logs from the System Event Viewer to Policy** header.
+
+   The Wizard parses the relevant audit and block events from the CodeIntegrity (App Control) Operational and AppLocker MSI and Script logs. You see a notification when the Wizard successfully finishes reading the events.
+
+   :::image type="content" alt-text="Parse App Control and AppLocker event log system events." source="../images/appcontrol-wizard-event-log-system.png" lightbox="../images/appcontrol-wizard-event-log-system.png":::
+
+4. Select the Next button to view the audit and block events and create rules.
+5. [Generate rules from the events](#creating-policy-rules-from-the-events).
+
+## App Control Event Log File Parsing
+
+To create rules from the App Control `.EVTX` event logs files on the system:
+
+1. Select **Policy Editor** from the main page.
+2. Select **Convert Event Log to an App Control Policy**.
+3. Select the **Parse Log File(s)** button under the **Parse Event Log evtx Files to Policy** header.
+4. Select the App Control CodeIntegrity Event log EVTX file(s) from the disk to parse.
+
+   The Wizard parses the relevant audit and block events from the selected log files. You see a notification when the Wizard successfully finishes reading the events.
+
+   :::image type="content" alt-text="Parse evtx file App Control events" source="../images/appcontrol-wizard-event-log-files.png" lightbox="../images/appcontrol-wizard-event-log-files.png":::
+
+5. Select the Next button to view the audit and block events and create rules.
+6. [Generate rules from the events](#creating-policy-rules-from-the-events).
+
+## MDE Advanced Hunting App Control Event Parsing
+
+To create rules from the App Control events in [MDE Advanced Hunting](../operations/querying-application-control-events-centrally-using-advanced-hunting.md):
+
+1. Navigate to the Advanced Hunting section within the MDE console and query the App Control events. **The Wizard requires the following fields** in the Advanced Hunting csv file export:
+
+   ```kusto
+   | project-keep Timestamp, DeviceId, DeviceName, ActionType, FileName, FolderPath, SHA1, SHA256, IssuerName, IssuerTBSHash, PublisherName, PublisherTBSHash, AuthenticodeHash, PolicyId, PolicyName
+   ```
+
+   The following Advanced Hunting query is recommended:
+
+   ```kusto
+   DeviceEvents
+   // Take only App Control events
+   | where ActionType startswith 'AppControlCodeIntegrity'
+   // SigningInfo Fields
+   | extend IssuerName = parsejson(AdditionalFields).IssuerName
+   | extend IssuerTBSHash = parsejson(AdditionalFields).IssuerTBSHash
+   | extend PublisherName = parsejson(AdditionalFields).PublisherName
+   | extend PublisherTBSHash = parsejson(AdditionalFields).PublisherTBSHash
+   // Audit/Block Fields
+   | extend AuthenticodeHash = parsejson(AdditionalFields).AuthenticodeHash
+   | extend PolicyId = parsejson(AdditionalFields).PolicyID
+   | extend PolicyName = parsejson(AdditionalFields).PolicyName
+   // Keep only required fields for the App Control Wizard
+   | project-keep Timestamp,DeviceId,DeviceName,ActionType,FileName,FolderPath,SHA1,SHA256,IssuerName,IssuerTBSHash,PublisherName,PublisherTBSHash,AuthenticodeHash,PolicyId,PolicyName
+   ```
+
+2. Export the App Control event results by selecting the **Export** button in the results view.
+
+   :::image type="content" alt-text="Export the MDE Advanced Hunting results to CSV" source="../images/appcontrol-wizard-event-log-mde-ah-export.png" lightbox="../images/appcontrol-wizard-event-log-mde-ah-export.png":::
+
+3. Select **Policy Editor** from the main page.
+4. Select **Convert Event Log to an App Control Policy**.
+5. Select the **Parse Log File(s)** button under the "Parse MDE Advanced Hunting Events to Policy" header.
+6. Select the App Control MDE Advanced Hunting export CSV files from the disk to parse.
+
+   The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You see a notification when the Wizard successfully finishes reading the events.
+
+   :::image type="content" alt-text="Parse the Advanced Hunting CSV App Control event files." source="../images/appcontrol-wizard-event-log-mde-ah-parsing.png" lightbox="../images/appcontrol-wizard-event-log-mde-ah-parsing.png":::
+
+7. Select the Next button to view the audit and block events and create rules.
+8. [Generate rules from the events](#creating-policy-rules-from-the-events).
+
+## Creating Policy Rules from the Events
+
+On the "Configure Event Log Rules" page, the unique App Control log events are shown in the table. Event Ids, filenames, product names, the policy name that audited or blocked the file, and the file publisher are all shown in the table. The table can be sorted alphabetically by clicking on any of the headers.
+
+To create a rule and add it to the App Control policy:
+
+1. Select an audit or block event in the table by selecting the row of interest.
+2. Select a rule type from the dropdown. The Wizard supports creating Publisher, Path, File Attribute, Packaged App and Hash rules.
+3. Select the attributes and fields that should be added to the policy rules using the checkboxes provided for the rule type.
+4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label is shown in the selected row confirming that the rule will be generated.
+
+   :::image type="content" alt-text="Adding a publisher rule to the App Control policy" source="../images/appcontrol-wizard-event-rule-creation.png" lightbox="../images/appcontrol-wizard-event-rule-creation.png":::
+
+5. Select the **Next** button to output the policy. Once generated, the event log policy should be merged with your base or supplemental policies.
+
+> [!WARNING]
+> It is not recommended to deploy the event log policy on its own, as it likely lacks rules to authorize Windows and may cause blue screens.
+
+## Up next
+
+- [Merging App Control for Business policies using the Wizard](appcontrol-wizard-merging-policies.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md
new file mode 100644
index 0000000000..5fab393481
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md
@@ -0,0 +1,35 @@
+---
+title: App Control for Business Wizard
+description: The App Control for Business policy wizard tool allows you to create, edit, and merge App Control policies in a simple to use Windows application.
+ms.localizationpriority: medium
+ms.topic: conceptual
+ms.date: 09/11/2024
+---
+
+# App Control for Business Wizard
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+The App Control for Business policy wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. It was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge App Control policies. This tool uses the [ConfigCI PowerShell cmdlets](/powershell/module/configci) in the backend so the output policy of the tool and PowerShell cmdlets is identical.
+
+## Downloading the application
+
+Download the tool from the official [App Control for Business Policy Wizard website](https://webapp-wdac-wizard.azurewebsites.net/) as an MSIX packaged application. The tool's source code is available as part of Microsoft's Open Source Software offerings on GitHub at the [App Control for Business Policy Wizard repository](https://github.com/MicrosoftDocs/WDAC-Toolkit).
+
+### Supported clients
+
+As the tool uses the cmdlets in the background, it's functional on clients only where the cmdlets are supported. For more information, see [App Control feature availability](../feature-availability.md). Specifically, the tool verifies that the client meets one of the following requirements:
+
+- Windows 10, version 1909 or later
+- For pre-1909 builds, the Enterprise SKU of Windows is installed
+
+If neither requirement is satisfied, it throws an error as the cmdlets aren't available.
+
+## Resources to learn more
+
+| Article | Description |
+| - | - |
+| [Creating a new base policy](appcontrol-wizard-create-base-policy.md) | This article describes how to create a new base policy using one of the supplied policy templates. |
+| [Creating a new supplemental policy](appcontrol-wizard-create-supplemental-policy.md) | This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy. |
+| [Editing a base or supplemental policy](appcontrol-wizard-editing-policy.md) | This article demonstrates how to modify an existing policy and the tool's editing capabilities. |
+| [Merging policies](appcontrol-wizard-merging-policies.md) | This article describes how to merge policies into a single App Control policy. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
similarity index 98%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
rename to windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
index 13ff7f41f2..23d40c8440 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
@@ -1,19 +1,18 @@
 ---
-title: Applications that can bypass WDAC and how to block them
+title: Applications that can bypass App Control and how to block them
 description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community.
 ms.localizationpriority: medium
-ms.date: 06/14/2023
+ms.date: 09/11/2024
 ms.topic: reference
 ---
 
-# Applications that can bypass WDAC and how to block them
+# Applications that can bypass App Control and how to block them
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass WDAC.
+Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass App Control.
 
-Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications. An attacker can use these applications or files to circumvent application allow policies, including WDAC:
+Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications. An attacker can use these applications or files to circumvent application allow policies, including App Control:
 
 - addinprocess.exe
 - addinprocess32.exe
@@ -88,9 +87,9 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 > [!NOTE]
 > This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered.
 
-Certain software applications may allow other code to run by design. Unless these applications are business critical, you should block them in your WDAC policy. In addition, when an application version is upgraded to fix a security vulnerability or potential WDAC bypass, add *deny* rules to your application control policies for that application's previous, less secure versions.
+Certain software applications may allow other code to run by design. Unless these applications are business critical, you should block them in your App Control policy. In addition, when an application version is upgraded to fix a security vulnerability or potential App Control bypass, add *deny* rules to your App Control policies for that application's previous, less secure versions.
 
-Microsoft recommends that you install the latest security updates. For example, updates help resolve several issues in PowerShell modules that allowed an attacker to bypass WDAC. These modules can be blocked by their corresponding hashes.
+Microsoft recommends that you install the latest security updates. For example, updates help resolve several issues in PowerShell modules that allowed an attacker to bypass App Control. These modules can be blocked by their corresponding hashes.
 
 As of October 2017, system.management.automation.dll is updated to revoke earlier versions by hash values, instead of version rules.
 
@@ -100,9 +99,9 @@ If you wish to use this blocklist policy on Windows Server 2016, locate the deny
 - msxml6.dll
 - jscript9.dll
 
-The blocklist policy that follows includes "Allow all" rules for both kernel and user mode that make it safe to deploy as a standalone WDAC policy. On Windows versions 1903 and above, Microsoft recommends converting this policy to multiple policy format using the *Set-CiPolicyIdInfo* cmdlet with the *-ResetPolicyId* switch. Then, you can deploy it as a Base policy side-by-side with any other policies in your environment. To instead add these rules to an existing Base policy, you can merge the policy that follows using the *Merge-CIPolicy* cmdlet. If merging into an existing policy that includes an explicit allowlist, you should first remove the two "Allow all" rules and their corresponding FileRuleRefs from the blocklist policy.
+The blocklist policy that follows includes "Allow all" rules for both kernel and user mode that make it safe to deploy as a standalone App Control policy. On Windows versions 1903 and above, Microsoft recommends converting this policy to multiple policy format using the *Set-CiPolicyIdInfo* cmdlet with the *-ResetPolicyId* switch. Then, you can deploy it as a Base policy side-by-side with any other policies in your environment. To instead add these rules to an existing Base policy, you can merge the policy that follows using the *Merge-CIPolicy* cmdlet. If merging into an existing policy that includes an explicit allowlist, you should first remove the two "Allow all" rules and their corresponding FileRuleRefs from the blocklist policy.
 
-**WDAC policy XML**:
+**App Control policy XML**:
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -1531,4 +1530,4 @@ The blocklist policy that follows includes "Allow all" rules for both kernel and
 
 ## More information
 
-- [Merge WDAC policies](../deployment/merge-wdac-policies.md)
+- [Merge App Control policies](../deployment/merge-appcontrol-policies.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md
new file mode 100644
index 0000000000..4ba40200b3
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md
@@ -0,0 +1,36 @@
+---
+title: Policy creation for common App Control usage scenarios
+description: Develop a plan for deploying App Control for Business in your organization based on these common scenarios.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# App Control for Business deployment in different scenarios: types of devices
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+Typically, deployment of App Control for Business happens best in phases, rather than being a feature that you simply "turn on." The choice and sequence of phases depends on the way various computers and other devices are used in your organization, and to what degree IT manages those devices. The following table can help you begin to develop a plan for deploying App Control in your organization. It's common for organizations to have device use cases across each of the categories described.
+
+## Types of devices
+
+|  Type of device                 | How App Control relates to this type of device  |
+|------------------------------------|------------------------------------------------------|
+| **Lightly managed devices**: Company-owned, but users are free to install software.<br>Devices are required to run organization's antivirus solution and client management tools. | App Control for Business can be used to help protect the kernel, and to monitor (audit) for problem applications rather than limiting the applications that can be run. |
+| **Fully managed devices**: Allowed software is restricted by IT department.<br>Users can request for more software, or install from a list of applications provided by IT department.<br>Examples: locked-down, company-owned desktops and laptops. | An initial baseline App Control for Business policy can be established and enforced. Whenever the IT department approves more applications, it updates the App Control policy and (for unsigned LOB applications) the catalog. |
+| **Fixed-workload devices**: Perform same tasks every day.<br>Lists of approved applications rarely change.<br>Examples: kiosks, point-of-sale systems, call center computers. | App Control for Business can be deployed fully, and deployment and ongoing administration are relatively straightforward.<br>After App Control for Business deployment, only approved applications can run. This rule is because of protections offered by App Control. |
+| **Bring Your Own Device**: Employees are allowed to bring their own devices, and also use those devices away from work. | In most cases, App Control for Business doesn't apply. Instead, you can explore other hardening and security features with MDM-based conditional access solutions, such as Microsoft Intune. However, you may choose to deploy an audit-mode policy to these devices or employ a blocklist only policy to prevent specific apps or binaries that are considered malicious or vulnerable by your organization. |
+
+## An introduction to Lamna Healthcare Company
+
+In the next set of articles, we'll explore each of the above scenarios using a fictional organization called Lamna Healthcare Company.
+
+Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the United States. Lamna employs thousands of people, from doctors and nurses to accountants, in-house lawyers, and IT technicians. Their device use cases are varied and include single-user workstations for their professional staff, shared kiosks used by doctors and nurses to access patient records, dedicated medical devices such as MRI scanners, and many others. Additionally, Lamna has a relaxed, bring-your-own-device policy for many of their professional staff.
+
+Lamna uses [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) in hybrid mode with both Configuration Manager and Intune. Although they use Microsoft Intune to deploy many applications, Lamna has always had relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) for better endpoint detection and response.
+
+Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an App Control policy. In response, Lamna's executive board has authorized many new security IT responses, including tightening policies for application use and introducing App Control.
+
+## Up next
+
+- [Create an App Control for Business policy for lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md
similarity index 80%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md
rename to windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md
index ff3b5d8fa8..4e7dac4f2e 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md
@@ -1,43 +1,42 @@
 ---
-title: Allow apps deployed with a WDAC managed installer
+title: Allow apps deployed with an App Control managed installer
 description: Explains how to configure a custom Managed Installer.
 ms.localizationpriority: medium
-ms.date: 02/02/2023
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Automatically allow apps deployed by a managed installer with Windows Defender Application Control
+# Automatically allow apps deployed by a managed installer with App Control for Business
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Windows Defender Application Control (WDAC) includes an option called **managed installer** that helps balance security and manageability when enforcing application control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Configuration Manager (MEMCM) or Microsoft Intune.
+App Control for Business includes an option called **managed installer** that helps balance security and manageability when enforcing App Control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Configuration Manager (MEMCM) or Microsoft Intune.
 
 ## How does a managed installer work?
 
 Managed installer uses a special rule collection in **AppLocker** to designate binaries that are trusted by your organization as an authorized source for application installation. When one of these trusted binaries runs, Windows monitors the binary's process (and any child processes it launches) and watches for files being written to disk. As files are written, they're tagged as originating from a managed installer.
 
-You can then configure WDAC to trust files that are installed by a managed installer by adding the "Enabled:Managed Installer" option to your WDAC policy. When that option is set, WDAC will check for managed installer origin information when determining whether or not to allow a binary to run. As long as there are no deny rules for the binary, WDAC will allow it to run based purely on its managed installer origin.
+You can then configure App Control to trust files that are installed by a managed installer by adding the "Enabled:Managed Installer" option to your App Control policy. When that option is set, App Control will check for managed installer origin information when determining whether or not to allow a binary to run. As long as there are no deny rules for the binary, App Control will allow it to run based purely on its managed installer origin.
 
 ## Security considerations with managed installer
 
 Since managed installer is a heuristic-based mechanism, it doesn't provide the same security guarantees as explicit allow or deny rules do. Managed installer is best suited where users operate as standard user, and where all software is deployed and installed by a software distribution solution such as MEMCM.
 
-Users with administrator privileges, or malware running as an administrator user on the system, may be able to circumvent the intent of your WDAC policies when the managed installer option is allowed.
+Users with administrator privileges, or malware running as an administrator user on the system, may be able to circumvent the intent of your App Control policies when the managed installer option is allowed.
 
-If a managed installer process runs in the context of a user with standard privileges, then it's possible that standard users or malware running as standard user may be able to circumvent the intent of your WDAC policies.
+If a managed installer process runs in the context of a user with standard privileges, then it's possible that standard users or malware running as standard user may be able to circumvent the intent of your App Control policies.
 
 Some application installers may automatically run the application at the end of the installation process. If the application runs automatically, and the installer was run by a managed installer, then the managed installer's heuristic tracking and authorization will extend to all files that are created during the first run of the application. This extension could result in unintentional authorization of an executable. To avoid that, ensure that the method of application deployment that is used as a managed installer limits running applications as part of installation.
 
 ## Known limitations with managed installer
 
-- Application control, based on managed installer, doesn't support applications that self-update. If an application that was deployed by a managed installer later updates itself, the updated application files won't include the origin information from the managed installer, and they might not be able to run. When you rely on managed installers, you must deploy and install all application updates by using a managed installer, or include rules to authorize the app in the WDAC policy. In some cases, it may be possible to also designate an application binary that performs self-updates as a managed installer. Proper review for functionality and security should be performed for the application before using this method.
+- App Control, based on managed installer, doesn't support applications that self-update. If an application that was deployed by a managed installer later updates itself, the updated application files won't include the origin information from the managed installer, and they might not be able to run. When you rely on managed installers, you must deploy and install all application updates by using a managed installer, or include rules to authorize the app in the App Control policy. In some cases, it may be possible to also designate an application binary that performs self-updates as a managed installer. Proper review for functionality and security should be performed for the application before using this method.
 
 - Some applications or installers may extract, download, or generate binaries and immediately attempt to run them. Files run by such a process may not be allowed by the managed installer heuristic. In some cases, it may be possible to also designate an application binary that performs such an operation as a managed installer. Proper review for functionality and security should be performed for the application before using this method.
 
-- The managed installer heuristic doesn't authorize kernel drivers. The WDAC policy must have rules that allow the necessary drivers to run.
+- The managed installer heuristic doesn't authorize kernel drivers. The App Control policy must have rules that allow the necessary drivers to run.
 
-## Configure managed installer tracking with AppLocker and WDAC
+## Configure managed installer tracking with AppLocker and App Control
 
 To turn on managed installer tracking, you must:
 
@@ -48,7 +47,7 @@ To turn on managed installer tracking, you must:
 > The managed installer AppLocker policy below is designed to be safely merged with any pre-existing AppLocker policies and won't change the behavior of those policies. However, if applied on a device that doesn't currently have any AppLocker policy, you will see a large increase in warning events generated in the *AppLocker - EXE and DLL* event log. If you're using an event forwarding and collection service, like LogAnalytics, you may want to adjust the configuration for that event log to only collect Error events or stop collecting events from that log altogether.
 
 > [!NOTE]
-> MEMCM will automatically configure itself as a managed installer, and enable the required AppLocker components, if you deploy one of its inbox WDAC policies. If you are configuring MEMCM as a managed installer using any other method, additional setup is required. Use the [**ManagedInstaller** cmdline switch in your ccmsetup.exe setup](/mem/configmgr/core/clients/deploy/about-client-installation-properties#managedinstaller). Or you can deploy one of the MEMCM inbox audit mode policies alongside your custom policy.
+> MEMCM will automatically configure itself as a managed installer, and enable the required AppLocker components, if you deploy one of its inbox App Control policies. If you are configuring MEMCM as a managed installer using any other method, additional setup is required. Use the [**ManagedInstaller** cmdline switch in your ccmsetup.exe setup](/mem/configmgr/core/clients/deploy/about-client-installation-properties#managedinstaller). Or you can deploy one of the MEMCM inbox audit mode policies alongside your custom policy.
 
 ### Create and deploy an AppLocker policy that defines your managed installer rules and enables services enforcement for executables and DLLs
 
@@ -189,12 +188,12 @@ The AppLocker policy creation UI in GPO Editor and the AppLocker PowerShell cmdl
 > [!NOTE]
 > Managed installer tracking will start the next time a process runs that matches your managed installer rules. If an intended process is already running, you must restart it.
 
-## Enable the managed installer option in WDAC policy
+## Enable the managed installer option in App Control policy
 
-In order to enable trust for the binaries laid down by managed installers, the "Enabled: Managed Installer" option must be specified in your WDAC policy.
+In order to enable trust for the binaries laid down by managed installers, the "Enabled: Managed Installer" option must be specified in your App Control policy.
 This setting can be defined by using the [Set-RuleOption cmdlet](/powershell/module/configci/set-ruleoption) with Option 13.
 
-Below are steps to create a WDAC policy that allows Windows to boot and enables the managed installer option.
+Below are steps to create an App Control policy that allows Windows to boot and enables the managed installer option.
 
 1. Copy the DefaultWindows_Audit policy into your working folder from "C:\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Audit.xml"
 
@@ -212,10 +211,10 @@ Below are steps to create a WDAC policy that allows Windows to boot and enables
     Set-RuleOption -FilePath <XML filepath> -Option 13
     ```
 
-4. Deploy your WDAC policy. See [Deploying Windows Defender Application Control (WDAC) policies](../deployment/wdac-deployment-guide.md).
+4. Deploy your App Control policy. See [Deploying App Control for Business policies](../deployment/appcontrol-deployment-guide.md).
 
 > [!NOTE]
-> Your WDAC policy must include rules for all system/boot components, kernel drivers, and any other authorized applications that can't be deployed through a managed installer.
+> Your App Control policy must include rules for all system/boot components, kernel drivers, and any other authorized applications that can't be deployed through a managed installer.
 
 ## Remove Managed Installer feature
 
@@ -223,4 +222,4 @@ To remove the Managed Installer feature from the device, you'll need to remove t
 
 ## Related articles
 
-- [Managed installer and ISG technical reference and troubleshooting guide](../operations/configure-wdac-managed-installer.md)
+- [Managed installer and ISG technical reference and troubleshooting guide](../operations/configure-appcontrol-managed-installer.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md
similarity index 70%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md
rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md
index 3e76a698d2..0e52f30f3d 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md
@@ -1,18 +1,18 @@
 ---
-title: Create WDAC Deny Policy
-description: Explains how to create WDAC deny policies
+title: Create App Control Deny Policy
+description: Explains how to create App Control deny policies
 ms.localizationpriority: medium
-ms.date: 12/31/2017
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Guidance on Creating WDAC Deny Policies
+# Guidance on Creating App Control Deny Policies
 
-With Windows Defender Application Control (WDAC), you can create policies to explicitly deny specific drivers and applications. To create effective Windows Defender Application Control deny policies, you should [understand the order of rule precedence](/windows/security/threat-protection/windows-defender-application-control/operations/known-issues#file-rule-precedence-order) WDAC applies as it evaluates files against the active policies.
+With App Control for Business, you can create policies to explicitly deny specific drivers and applications. To create effective App Control for Business deny policies, you should [understand the order of rule precedence](../operations/known-issues.md#file-rule-precedence-order) App Control applies as it evaluates files against the active policies.
 
 ## Standalone Deny policy
 
-When creating a policy that consists solely of deny rules, you must include "Allow All" rules in both the kernel and user mode sections of the policy in addition to your explicit deny rules. The "Allow All" rules ensure that anything not explicitly denied by your policy is allowed to run. If you fail to add "Allow All" rules to a deny-only policy, then you risk blocking everything. This outcome happens because some code is *explicitly* denied and all other code is *implicitly* denied, because there are no rules to authorize it. We recommend using the [AllowAll policy template](/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies) when creating your standalone deny policies.
+When creating a policy that consists solely of deny rules, you must include "Allow All" rules in both the kernel and user mode sections of the policy in addition to your explicit deny rules. The "Allow All" rules ensure that anything not explicitly denied by your policy is allowed to run. If you fail to add "Allow All" rules to a deny-only policy, then you risk blocking everything. This outcome happens because some code is *explicitly* denied and all other code is *implicitly* denied, because there are no rules to authorize it. We recommend using the [AllowAll policy template](example-appcontrol-base-policies.md) when creating your standalone deny policies.
 
 ```xml
 <FileRules>
@@ -37,7 +37,7 @@ When creating a policy that consists solely of deny rules, you must include "All
 </SigningScenarios>
 ```
 
-Adding the preceding "Allow All" rules don't affect any other WDAC policies you've deployed that apply an explicit allowlist. To illustrate, consider the following example:
+Adding the preceding "Allow All" rules don't affect any other App Control policies you've deployed that apply an explicit allowlist. To illustrate, consider the following example:
 
 Policy1 is an allowlist for Windows- and Microsoft-signed applications.
 
@@ -50,7 +50,7 @@ Policy2 is our new deny policy, which blocks MaliciousApp.exe and also the Windo
 
 ## Mixed Allow and Deny policy considerations
 
-If the set of deny rules is to be added into an existing policy that includes explicit allow rules, then don't include the preceding "Allow All" rules. Instead, the deny rules should be merged with the existing WDAC policy via the [WDAC Wizard](wdac-wizard-merging-policies.md) or using the following PowerShell command:
+If the set of deny rules is to be added into an existing policy that includes explicit allow rules, then don't include the preceding "Allow All" rules. Instead, the deny rules should be merged with the existing App Control policy via the [App Control Wizard](appcontrol-wizard-merging-policies.md) or using the following PowerShell command:
 
 ```PowerShell
 $DenyPolicy = <path_to_deny_policy>
@@ -60,13 +60,13 @@ Merge-CIPolicy -PolicyPaths $ DenyPolicy, $ExistingPolicy -OutputFilePath $Exist
 
 ## Best Practices
 
-1. **Test first in Audit mode** - as with all new policies, we recommend rolling out your new deny policy in Audit Mode and monitoring the [3076 audit block events](../operations/event-id-explanations.md) to ensure only the applications you intended to block are blocked. More information on monitoring block events via the Event Viewer logs and Advanced Hunting: [Managing and troubleshooting Windows Defender Application Control policies](../operations/wdac-operational-guide.md)
+1. **Test first in Audit mode** - as with all new policies, we recommend rolling out your new deny policy in Audit Mode and monitoring the [3076 audit block events](../operations/event-id-explanations.md) to ensure only the applications you intended to block are blocked. More information on monitoring block events via the Event Viewer logs and Advanced Hunting: [Managing and troubleshooting App Control for Business policies](../operations/appcontrol-operational-guide.md)
 
-2. **Recommended Deny Rules Types** - signer and file attribute rules are recommended from a security, manageability, and performance perspective. Hash rules should only be used if necessary. Since the hash of a file changes with any change to the file, it's hard to keep up with a hash-based block policy where the attacker can trivially update the file. While WDAC has optimized parsing of hash rules, some devices may see performance impacts at runtime evaluation if policies have tens of thousands or more hash rules.
+2. **Recommended Deny Rules Types** - signer and file attribute rules are recommended from a security, manageability, and performance perspective. Hash rules should only be used if necessary. Since the hash of a file changes with any change to the file, it's hard to keep up with a hash-based block policy where the attacker can trivially update the file. While App Control has optimized parsing of hash rules, some devices may see performance impacts at runtime evaluation if policies have tens of thousands or more hash rules.
 
 ## Creating a Deny policy tutorial
 
-Deny rules and policies can be created using the PowerShell cmdlets or the [WDAC Wizard](https://webapp-wdac-wizard.azurewebsites.net/). We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash.
+Deny rules and policies can be created using the PowerShell cmdlets or the [App Control Wizard](https://webapp-wdac-wizard.azurewebsites.net/). We recommend creating signer rules (PCACertificate, Publisher, and FilePublisher) wherever possible. In the cases of unsigned binaries, rules must be created on attributes of the file, such as the original filename, or the hash.
 
 ### Software Publisher-based deny rule
 
@@ -99,4 +99,4 @@ Set-CiPolicyIdInfo -FilePath $DenyPolicy -PolicyName "My Deny Policy" -ResetPoli
 
 ### Deploy the Deny Policy
 
-You should now have a deny policy prepared to deploy. See the [WDAC Deployment Guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide) to deploy your policy to your managed endpoints.
+You should now have a deny policy prepared to deploy. See the [App Control Deployment Guide](../deployment/appcontrol-deployment-guide.md) to deploy your policy to your managed endpoints.
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md
new file mode 100644
index 0000000000..1563a69a95
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md
@@ -0,0 +1,155 @@
+---
+title: Create an App Control policy for fully managed devices
+description: App Control for Business restricts which applications users are allowed to run and the code that runs in system core.
+ms.topic: conceptual
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+---
+
+# Create an App Control policy for fully managed devices
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This section outlines the process to create an App Control for Business policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Intune. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access.
+
+> [!NOTE]
+> Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
+
+As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices.
+
+**Alice Pena** is the IT team lead tasked with the rollout of App Control.
+
+Alice previously created a policy for the organization's lightly managed devices. Some devices, however, are more tightly managed and can benefit from a more constrained policy. In particular, certain job functions such as administrative staff and firstline workers aren't granted administrator level access to their devices. Similarly, shared kiosks are configured only with a managed set of apps and all users of the device except IT run as standard user. On these devices, all apps are deployed and installed by IT.
+
+## Define the "circle-of-trust" for fully managed devices
+
+Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed devices:
+
+- All clients are running Windows 10 version 1903 or above or Windows 11;
+- All clients are managed by Configuration Manager or with Intune;
+- Most, but not all, apps are deployed using Configuration Manager;
+- Sometimes, IT staff install apps directly to these devices without using Configuration Manager;
+- All users except IT are standard users on these devices.
+
+Alice's team develops a simple console application, called *LamnaITInstaller.exe*, which will become the authorized way for IT staff to install apps directly to devices. *LamnaITInstaller.exe* allows the IT pro to launch another process, such as an app installer. Alice will configure *LamnaITInstaller.exe* as an extra managed installer for App Control and allows her to remove the need for filepath rules.
+
+Based on the above, Alice defines the pseudo-rules for the policy:
+
+1. **"Windows works"** rules that authorize:
+   - Windows
+   - WHQL (third-party kernel drivers)
+   - Windows Store signed apps
+
+2. **"ConfigMgr works"** rules that include signer and hash rules for Configuration Manager components to properly function.
+3. **Allow Managed Installer** (Configuration Manager and *LamnaITInstaller.exe* configured as a managed installer)
+
+The critical differences between this set of pseudo-rules and those pseudo-rules defined for Lamna's [lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md#define-the-circle-of-trust-for-lightly-managed-devices) are:
+
+- Removal of the Intelligent Security Graph (ISG) option; and
+- Removal of filepath rules.
+
+## Create a custom base policy using an example App Control base policy
+
+Having defined the "circle-of-trust", Alice is ready to generate the initial policy for Lamna's fully managed devices and decides to use Configuration Manager to create the initial base policy and then customize it to meet Lamna's needs.
+
+Alice follows these steps to complete this task:
+
+> [!NOTE]
+> If you do not use Configuration Manager or prefer to use a different [example App Control for Business base policy](example-appcontrol-base-policies.md) for your own policy, skip to step 2 and substitute the Configuration Manager policy path with your preferred example base policy.
+
+1. [Use Configuration Manager to create and deploy an audit policy](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) to a client device running Windows 10 version 1903 or above, or Windows 11.
+
+2. On the client device, run the following commands in an elevated Windows PowerShell session to initialize variables:
+
+   ```powershell
+   $PolicyPath=$env:userprofile+"\Desktop\"
+   $PolicyName= "Lamna_FullyManagedClients_Audit"
+   $LamnaPolicy=$PolicyPath+$PolicyName+".xml"
+   $ConfigMgrPolicy=$env:windir+"\CCM\DeviceGuard\MergedPolicy_Audit_ISG.xml"
+   ```
+
+3. Copy the policy created by Configuration Manager to the desktop:
+
+   ```powershell
+   cp $ConfigMgrPolicy $LamnaPolicy
+   ```
+
+4. Give the new policy a unique ID, descriptive name, and initial version number:
+
+   ```powershell
+   Set-CIPolicyIdInfo -FilePath $LamnaPolicy -PolicyName $PolicyName -ResetPolicyID
+   Set-CIPolicyVersion -FilePath $LamnaPolicy -Version "1.0.0.0"
+   ```
+
+5. Modify the copied policy to set policy rules:
+
+   ```powershell
+   Set-RuleOption -FilePath $LamnaPolicy -Option 3 # Audit Mode
+   Set-RuleOption -FilePath $LamnaPolicy -Option 6 # Unsigned Policy
+   Set-RuleOption -FilePath $LamnaPolicy -Option 9 # Advanced Boot Menu
+   Set-RuleOption -FilePath $LamnaPolicy -Option 12 # Enforce Store Apps
+   Set-RuleOption -FilePath $LamnaPolicy -Option 13 # Managed Installer
+   Set-RuleOption -FilePath $LamnaPolicy -Option 16 # No Reboot
+   Set-RuleOption -FilePath $LamnaPolicy -Option 17 # Allow Supplemental
+   Set-RuleOption -FilePath $LamnaPolicy -Option 19 # Dynamic Code Security
+   ```
+
+6. If appropriate, add more signer or file rules to further customize the policy for your organization.
+
+7. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the App Control for Business policy to a binary format:
+
+   ```powershell
+   [xml]$PolicyXML = Get-Content $LamnaPolicy
+   $LamnaPolicyBin = Join-Path $PolicyPath "$($PolicyXML.SiPolicy.PolicyID).cip"
+   ConvertFrom-CIPolicy $LamnaPolicy $LamnaPolicyBin
+   ```
+
+8. Upload your base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
+
+At this point, Alice now has an initial policy that is ready to deploy in audit mode to the managed clients within Lamna.
+
+## Security considerations of this fully managed policy
+
+Alice has defined a policy for Lamna's fully managed devices that makes some trade-offs between security and manageability for apps. Some of the trade-offs include:
+
+- **Users with administrative access**
+
+  Although applying to fewer users, Lamna still allows some IT staff to sign in to its fully managed devices as administrator. This privilege allows these users (or malware running with the user's privileges) to modify or remove altogether the App Control policy applied on the device. Additionally, administrators can configure any app they wish to operate as a managed installer that would allow them to gain persistent app authorization for whatever apps or binaries they wish.
+
+  Possible mitigations:
+  - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies.
+  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
+  - Use device attestation to detect the configuration state of App Control at boot time and use that information to condition access to sensitive corporate resources.
+
+- **Unsigned policies**
+
+  Unsigned policies can be replaced or removed without consequence by any process running as administrator. Unsigned base policies that also enable supplemental policies can have their "circle-of-trust" altered by any unsigned supplemental policy.
+
+  Existing mitigations applied:
+  - Limit who can elevate to administrator on the device.
+
+  Possible mitigations:
+  - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies.
+
+- **Managed installer**
+
+  See [security considerations with managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md#security-considerations-with-managed-installer)
+
+  Existing mitigations applied:
+  - Limit who can elevate to administrator on the device.
+
+  Possible mitigations:
+  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
+
+- **Supplemental policies**<br>
+
+  Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction.
+
+  Possible mitigations:
+  - Use signed App Control policies that allow authorized signed supplemental policies only.
+  - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection.
+
+## Up next
+
+- [Create an App Control for Business policy for fixed-workload devices using a reference computer](create-appcontrol-policy-using-reference-computer.md)
+- [Prepare to deploy App Control for Business policies](../deployment/appcontrol-deployment-guide.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md
similarity index 68%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md
rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md
index d4b6d3f256..b7c6837954 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md
@@ -1,24 +1,23 @@
 ---
-title: Create a WDAC policy for lightly managed devices
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+title: Create an App Control policy for lightly managed devices
+description: App Control for Business restricts which applications users are allowed to run and the code that runs in the system core.
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 11/07/2022
+ms.date: 09/11/2024
 ---
 
-# Create a WDAC policy for lightly managed devices
+# Create an App Control policy for lightly managed devices
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **lightly managed devices** within an organization. Typically, organizations that are new to application control will be most successful if they start with a permissive policy like the one described in this article. Organizations can choose to harden the policy over time to achieve a stronger overall security posture on their WDAC-managed devices as described in later articles.
+This section outlines the process to create an App Control for Business policy for **lightly managed devices** within an organization. Typically, organizations that are new to App Control will be most successful if they start with a permissive policy like the one described in this article. Organizations can choose to harden the policy over time to achieve a stronger overall security posture on their App Control-managed devices as described in later articles.
 
 > [!NOTE]
-> Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
+> Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
 
-As in [Windows Defender Application Control deployment in different scenarios: types of devices](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices.
+As in [App Control for Business deployment in different scenarios: types of devices](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices.
 
-**Alice Pena** is the IT team lead tasked with the rollout of WDAC. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to application control and use different policies for different workloads.
+**Alice Pena** is the IT team lead tasked with the rollout of App Control. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to App Control and use different policies for different workloads.
 
 For most users and devices, Alice wants to create an initial policy that is as relaxed as possible in order to minimize user productivity impact, while still providing security value.
 
@@ -52,7 +51,7 @@ Based on the above, Alice defines the pseudo-rules for the policy:
    - C:\Program Files (x86)\*
    - %windir%\*
 
-## Create a custom base policy using an example WDAC base policy
+## Create a custom base policy using an example App Control base policy
 
 Having defined the "circle-of-trust", Alice is ready to generate the initial policy for Lamna's lightly managed devices. Alice decides to use the example `SmartAppControl.xml` to create the initial base policy and then customize it to meet Lamna's needs.
 
@@ -61,7 +60,7 @@ Alice follows these steps to complete this task:
 1. On a client device, run the following commands in an elevated Windows PowerShell session to initialize variables:
 
     > [!NOTE]
-    > If you prefer to use a different [example Windows Defender Application Control base policy](example-wdac-base-policies.md), substitute the example policy path with your preferred base policy in this step.
+    > If you prefer to use a different [example App Control for Business base policy](example-appcontrol-base-policies.md), substitute the example policy path with your preferred base policy in this step.
 
     ```powershell
     $PolicyPath = $env:userprofile+"\Desktop\"
@@ -79,7 +78,7 @@ Alice follows these steps to complete this task:
 1. Modify the policy to remove unsupported rule:
 
     > [!NOTE]
-    > `SmartAppControl.xml` is available on Windows 11 version 22H2 and later. This policy includes "Enabled:Conditional Windows Lockdown Policy" rule that is unsupported for enterprise WDAC policies and must be removed. For more information, see [WDAC and Smart App Control](../wdac.md#wdac-and-smart-app-control). If you are using an example policy other than `SmartAppControl.xml`, skip this step.
+    > `SmartAppControl.xml` is available on Windows 11 version 22H2 and later. This policy includes "Enabled:Conditional Windows Lockdown Policy" rule that is unsupported for enterprise App Control policies and must be removed. For more information, see [App Control and Smart App Control](../appcontrol.md#app-control-and-smart-app-control). If you are using an example policy other than `SmartAppControl.xml`, skip this step.
 
     ```powershell
     [xml]$xml = Get-Content $LamnaPolicy
@@ -127,7 +126,7 @@ Alice follows these steps to complete this task:
 
 1. If appropriate, add more signer or file rules to further customize the policy for your organization.
 
-1. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the Windows Defender Application Control policy to a binary format:
+1. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the App Control for Business policy to a binary format:
 
     ```powershell
     [xml]$PolicyXML = Get-Content $LamnaPolicy
@@ -145,13 +144,13 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
 - **Users with administrative access**
 
-  This trade-off is the most impactful security trade-off. It allows the device user, or malware running with the user's privileges, to modify or remove the WDAC policy on the device. Additionally, administrators can configure any app to act as a managed installer, which would allow them to gain persistent app authorization for whatever apps or binaries they wish.
+  This trade-off is the most impactful security trade-off. It allows the device user, or malware running with the user's privileges, to modify or remove the App Control policy on the device. Additionally, administrators can configure any app to act as a managed installer, which would allow them to gain persistent app authorization for whatever apps or binaries they wish.
 
   Possible mitigations:
 
-  - Use signed WDAC policies and UEFI BIOS access protection to prevent tampering of WDAC policies.
+  - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies.
   - To remove the requirement for managed installer, create and deploy signed catalog files as part of the app deployment process.
-  - Use device attestation to detect the configuration state of WDAC at boot time and use that information to condition access to sensitive corporate resources.
+  - Use device attestation to detect the configuration state of App Control at boot time and use that information to condition access to sensitive corporate resources.
 
 - **Unsigned policies**
 
@@ -159,7 +158,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
   Possible mitigations:
 
-  - Use signed WDAC policies and UEFI BIOS access protection to prevent tampering of WDAC policies.
+  - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies.
   - Limit who can elevate to administrator on the device.
 
 - **Managed installer**
@@ -173,7 +172,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
 - **Intelligent Security Graph (ISG)**
 
-  See [security considerations with the Intelligent Security Graph](use-wdac-with-intelligent-security-graph.md#security-considerations-with-the-isg-option)
+  See [security considerations with the Intelligent Security Graph](use-appcontrol-with-intelligent-security-graph.md#security-considerations-with-the-isg-option)
 
   Possible mitigations:
 
@@ -186,7 +185,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
   Possible mitigations:
 
-  - Use signed WDAC policies that allow authorized signed supplemental policies only.
+  - Use signed App Control policies that allow authorized signed supplemental policies only.
   - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection.
 
 - **FilePath rules**
@@ -208,5 +207,5 @@ In order to minimize user productivity impact, Alice has defined a policy that m
 
 ## Up next
 
-- [Create a Windows Defender Application Control policy for fully managed devices](create-wdac-policy-for-fully-managed-devices.md)
-- [Prepare to deploy Windows Defender Application Control policies](../deployment/wdac-deployment-guide.md)
+- [Create an App Control for Business policy for fully managed devices](create-appcontrol-policy-for-fully-managed-devices.md)
+- [Prepare to deploy App Control for Business policies](../deployment/appcontrol-deployment-guide.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md
new file mode 100644
index 0000000000..0b066ce364
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md
@@ -0,0 +1,124 @@
+---
+title: Create an App Control policy using a reference computer
+description: To create an App Control for Business policy that allows all code installed on a reference computer within your organization, follow this guide.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# Create an App Control policy using a reference computer
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This section outlines the process to create an App Control for Business policy **using a reference computer** that is already configured with the software you want to allow. You can use this approach for fixed-workload devices that are dedicated to a specific functional purpose and share common configuration attributes with other devices servicing the same functional role. Examples of fixed-workload devices may include Active Directory Domain Controllers, Secure Admin Workstations, pharmaceutical drug-mixing equipment, manufacturing devices, cash registers, ATMs, etc. This approach can also be used to turn on App Control on systems "in the wild" and you want to minimize the potential impact on users' productivity.
+
+> [!NOTE]
+> Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
+
+As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices.
+
+**Alice Pena** is the IT team lead tasked with the rollout of App Control.
+
+## Create a custom base policy using a reference device
+
+Alice previously created a policy for the organization's fully managed end-user devices. She now wants to use App Control to protect Lamna's critical infrastructure servers. Lamna's imaging practice for infrastructure systems is to establish a "golden" image as a reference for what an ideal system should look like, and then use that image to clone more company assets. Alice decides to use these same "golden" image systems to create the App Control policies, which will result in separate custom base policies for each type of infrastructure server. As with imaging, she'll have to create policies from multiple golden computers based on model, department, application set, and so on.
+
+> [!NOTE]
+> Make sure the reference computer is virus and malware-free, and install any software you want to be scanned before creating the App Control policy. <br><br> Each installed software application should be validated as trustworthy before you create a policy. <br><br> We recommend that you review the reference computer for software that can load arbitrary DLLs and run code or scripts that could render the PC more vulnerable. Examples include software aimed at development or scripting such as msbuild.exe (part of Visual Studio and the .NET Framework) which can be removed if you don't want to run scripts. You can remove or disable such software on the reference computer.
+
+Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's critical infrastructure servers:
+
+- All devices are running Windows Server 2019 or above;
+- All apps are centrally managed and deployed;
+- No interactive users.
+
+Based on the above, Alice defines the pseudo-rules for the policy:
+
+1. **"Windows works"** rules that authorize:
+   - Windows
+   - WHQL (third-party kernel drivers)
+   - Windows Store signed apps
+
+2. Rules for **scanned files** that authorize all pre-existing app binaries found on the device
+
+To create the App Control policy, Alice runs each of the following commands in an elevated Windows PowerShell session, in order:
+
+1. Initialize variables.
+
+   ```powershell
+   $PolicyPath=$env:userprofile+"\Desktop\"
+   $PolicyName="FixedWorkloadPolicy_Audit"
+   $LamnaServerPolicy=$PolicyPath+$PolicyName+".xml"
+   $DefaultWindowsPolicy=$env:windir+"\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Audit.xml"
+   ```
+
+2. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to create a new App Control policy by scanning the system for installed applications:
+
+   ```powershell
+   New-CIPolicy -FilePath $LamnaServerPolicy -Level SignedVersion -Fallback FilePublisher,FileName,Hash -ScanPath c:\ -UserPEs -MultiplePolicyFormat -OmitPaths c:\Windows,'C:\Program Files\WindowsApps\',c:\windows.old\,c:\users\ 3> CIPolicyLog.txt
+   ```
+
+   > [!Note]
+   >
+   > - You can add the **-Fallback** parameter to catch any applications not discovered using the primary file rule level specified by the **-Level** parameter. For more information about file rule level options, see [App Control for Business file rule levels](select-types-of-rules-to-create.md).
+   > - To specify that the App Control policy scan only a specific drive, include the **-ScanPath** parameter followed by a path. Without this parameter, the tool will scan the C-drive by default.
+   > - When you specify the **-UserPEs** parameter (to include user mode executables in the scan), rule option **0 Enabled:UMCI** is automatically added to the App Control policy. If you do not specify **-UserPEs**, the policy will be empty of user mode executables and will only have rules for kernel mode binaries like drivers. In other words, the allow list will not include applications. If you create such a policy and later add rule option **0 Enabled:UMCI**, all attempts to start applications will cause a response from App Control for Business. In audit mode, the response is logging an event, and in enforced mode, the response is blocking the application.
+   > - To create a policy for Windows 10 1903 and above, including support for supplemental policies, use **-MultiplePolicyFormat**.
+   > - To specify a list of paths to exclude from the scan, use the **-OmitPaths** option and supply a comma-delimited list of paths.
+   > - The preceding example includes `3> CIPolicylog.txt`, which redirects warning messages to a text file, **CIPolicylog.txt**.
+
+3. Merge the new policy with the WindowsDefault_Audit policy to ensure all Windows binaries and kernel drivers will load.
+
+      ```powershell
+      Merge-CIPolicy -OutputFilePath $LamnaServerPolicy -PolicyPaths $LamnaServerPolicy,$DefaultWindowsPolicy
+      ```
+
+4. Give the new policy a descriptive name, and initial version number:
+
+      ```powershell
+      Set-CIPolicyIdInfo -FilePath $LamnaServerPolicy -PolicyName $PolicyName
+      Set-CIPolicyVersion -FilePath $LamnaServerPolicy -Version "1.0.0.0"
+      ```
+
+5. Modify the merged policy to set policy rules:
+
+      ```powershell
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 3 # Audit Mode
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 6 # Unsigned Policy
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 9 # Advanced Boot Menu
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 12 # Enforce Store Apps
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 16 # No Reboot
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 17 # Allow Supplemental
+      Set-RuleOption -FilePath $LamnaServerPolicy -Option 19 # Dynamic Code Security
+      ```
+
+6. If appropriate, add more signer or file rules to further customize the policy for your organization.
+
+7. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the App Control policy to a binary format:
+
+   ```powershell
+   [xml]$LamnaServerPolicyXML = Get-Content $LamnaServerPolicy
+   $PolicyId = $LamnaServerPolicyXML.SiPolicy.PolicyId
+   $LamnaServerPolicyBin = $PolicyPath+$PolicyId+".cip"
+   ConvertFrom-CIPolicy $LamnaServerPolicy $LamnaServerPolicyBin
+   ```
+
+8. Upload the base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
+
+Alice now has an initial policy for Lamna's critical infrastructure servers that is ready to deploy in audit mode.
+
+## Create a custom base policy to minimize user impact on in-use client devices
+
+Alice previously created a policy for the organization's fully managed devices. Alice has included the fully managed device policy as part of Lamna's device build process so all new devices now begin with App Control enabled. She's preparing to deploy the policy to systems that are already in use, but is worried about causing disruption to users' productivity. To minimize that risk, Alice decides to take a different approach for those systems. She'll continue to deploy the fully managed device policy in audit mode to those devices, but for enforcement mode she'll merge the fully managed device policy rules with a policy created by scanning the device for all previously installed software. In this way, each device is treated as its own "golden" system.
+
+Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed in-use devices:
+
+- Everything described for Lamna's [Fully Managed Devices](create-appcontrol-policy-for-fully-managed-devices.md);
+- Users have installed apps that they need to continue to run.
+
+Based on the above, Alice defines the pseudo-rules for the policy:
+
+1. Everything included in the Fully Managed Devices policy
+2. Rules for **scanned files** that authorize all pre-existing app binaries found on the device
+
+For Lamna's existing, in-use devices, Alice deploys a script along with the Fully Managed Devices policy XML (not the converted App Control policy binary). The script then generates a custom policy locally on the client as described in the previous section, but instead of merging with the DefaultWindows policy, the script merges with Lamna's Fully Managed Devices policy. Alice also modifies the steps above to match the requirements of this different use case.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md
similarity index 76%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md
index 621718eb69..add9351935 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md
@@ -1,17 +1,16 @@
 ---
-title: Use multiple Windows Defender Application Control Policies
-description: Windows Defender Application Control supports multiple code integrity policies for one device.
+title: Use multiple App Control for Business Policies
+description: App Control for Business supports multiple code integrity policies for one device.
 ms.localizationpriority: medium
-ms.date: 04/15/2024
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Use multiple Windows Defender Application Control Policies
+# Use multiple App Control for Business Policies
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-Beginning with Windows 10 version 1903 and Windows Server 2022, you can deploy multiple Windows Defender Application Control (WDAC) policies side-by-side on a device. To allow more than 32 active policies, install the Windows security update released on, or after, April 9, 2024 and then restart the device. With these updates, there's no limit for the number of policies you can deploy at once to a given device. Until you install the Windows security update released on or after April 9, 2024, your device is limited to 32 active policies and you must not exceed that number.
+Beginning with Windows 10 version 1903 and Windows Server 2022, you can deploy multiple App Control for Business policies side-by-side on a device. To allow more than 32 active policies, install the Windows security update released on, or after, April 9, 2024 and then restart the device. With these updates, there's no limit for the number of policies you can deploy at once to a given device. Until you install the Windows security update released on or after April 9, 2024, your device is limited to 32 active policies and you must not exceed that number.
 
 >[!NOTE]
 >The policy limit was not removed on Windows 11 21H2 and will remain limited to 32 policies.
@@ -29,7 +28,7 @@ Here are some common scenarios where multiple side-by-side policies are useful:
     - For supplemental policies, applications allowed by either the base policy or its supplemental policy/policies run
 
 > [!NOTE]
-> Pre-1903 systems do not support the use of Multiple Policy Format WDAC policies.
+> Pre-1903 systems do not support the use of Multiple Policy Format App Control policies.
 
 ## Base and supplemental policy interaction
 
@@ -38,7 +37,7 @@ Here are some common scenarios where multiple side-by-side policies are useful:
 - Base + supplemental policy: union
   - Files allowed by either the base policy or the supplemental policy run
 
-## Creating WDAC policies in Multiple Policy Format
+## Creating App Control policies in Multiple Policy Format
 
 In order to allow multiple policies to exist and take effect on a single system, policies must be created using the new Multiple Policy Format. The "MultiplePolicyFormat" switch in [New-CIPolicy](/powershell/module/configci/new-cipolicy?preserve-view=true&view=win10-ps) results in 1) unique values generated for the policy ID and 2) the policy type set as a Base policy. The below example describes the process of creating a new policy in the multiple policy format.
 
@@ -75,7 +74,7 @@ When you're merging policies, the policy type and ID of the leftmost/first polic
 
 ## Deploying multiple policies
 
-In order to deploy multiple Windows Defender Application Control policies, you must either deploy them locally by copying the `*.cip` policy files into the proper folder or by using the ApplicationControl CSP.
+In order to deploy multiple App Control for Business policies, you must either deploy them locally by copying the `*.cip` policy files into the proper folder or by using the ApplicationControl CSP.
 
 ### Deploying multiple policies locally
 
@@ -89,11 +88,11 @@ To deploy policies locally using the new multiple policy format, follow these st
 
 ### Deploying multiple policies via ApplicationControl CSP
 
-Multiple Windows Defender Application Control policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment.<br>
+Multiple App Control for Business policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment.<br>
 
 However, when policies are unenrolled from an MDM server, the CSP attempts to remove every policy not actively deployed, not just the policies added by the CSP. This behavior happens because the system doesn't know what deployment methods were used to apply individual policies.
 
 For more information on deploying multiple policies, optionally using Microsoft Intune's custom OMA-URI capability, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp).
 
 > [!NOTE]
-> WMI and GP do not currently support multiple policies. Instead, customers who cannot directly access the MDM stack should use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage Multiple Policy Format Windows Defender Application Control policies.
+> WMI and GP do not currently support multiple policies. Instead, customers who cannot directly access the MDM stack should use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage Multiple Policy Format App Control for Business policies.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md
similarity index 53%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md
index e186ea2bb6..fcc507dc75 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md
@@ -1,32 +1,31 @@
 ---
-title: Example Windows Defender Application Control base policies
-description: When creating a Windows Defender Application Control (WDAC) policy for an organization, start from one of the many available example base policies.
+title: Example App Control for Business base policies
+description: When creating an App Control for Business policy for an organization, start from one of the many available example base policies.
 ms.topic: reference
 ms.localizationpriority: medium
-ms.date: 03/31/2023
+ms.date: 09/11/2024
 ---
 
-# Windows Defender Application Control example base policies
+# App Control for Business example base policies
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-When you create policies for use with Windows Defender Application Control (WDAC), start from an existing base policy and then add or remove rules to build your own custom policy. Windows includes several example policies that you can use. These example policies are provided "as-is". You should thoroughly test the policies you deploy using safe deployment methods.
+When you create policies for use with App Control for Business, start from an existing base policy and then add or remove rules to build your own custom policy. Windows includes several example policies that you can use. These example policies are provided "as-is". You should thoroughly test the policies you deploy using safe deployment methods.
 
-| **Example Base Policy** | **Description** | **Where it can be found** |
+| Example Base Policy | Description | Where it can be found |
 |-------------------------|---------------------------------------------------------------|--------|
-| **DefaultWindows_\*.xml** | This example policy is available in both audit and enforced mode. It includes rules to allow Windows, third-party hardware and software kernel drivers, and Windows Store apps. Used as the basis for the [Microsoft Intune product family](https://www.microsoft.com/security/business/endpoint-management/microsoft-intune) policies. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_\*.xml <br> %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\DefaultWindows_Audit.xml |
-| **AllowMicrosoft.xml** | This example policy includes the rules from DefaultWindows and adds rules to trust apps signed by the Microsoft product root certificate. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowMicrosoft.xml <br> %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\AllowMicrosoft.xml |
+| **DefaultWindows_\*.xml** | This example policy is available in both audit and enforced mode. It includes rules to allow Windows, third-party hardware and software kernel drivers, and Windows Store apps. Used as the basis for the [Microsoft Intune product family](https://www.microsoft.com/security/business/endpoint-management/microsoft-intune) policies. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_\*.xml <br> %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\DefaultWindows_Audit.xml |
+| **AllowMicrosoft.xml** | This example policy includes the rules from DefaultWindows and adds rules to trust apps signed by the Microsoft product root certificate. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowMicrosoft.xml <br> %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\AllowMicrosoft.xml |
 | **AllowAll.xml** | This example policy is useful when creating a blocklist. All block policies should include rules allowing all other code to run and then add the DENY rules for your organization's needs. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml |
-| **AllowAll_EnableHVCI.xml** | This example policy can be used to enable [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity) using WDAC. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll_EnableHVCI.xml |
+| **AllowAll_EnableHVCI.xml** | This example policy can be used to enable [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity) using App Control. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll_EnableHVCI.xml |
 | **DenyAllAudit.xml** | ***Warning: Will cause boot issues on Windows Server 2019 and earlier. Do not use on those operating systems.*** Only deploy this example policy in audit mode to track all binaries running on critical systems or to meet regulatory requirements. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DenyAllAudit.xml |
-| **Microsoft Configuration Manager** | Customers who use Configuration Manager can deploy a policy with Configuration Manager's built-in WDAC integration, and then use the generated policy XML as an example base policy. | %OSDrive%\Windows\CCM\DeviceGuard on a managed endpoint |
-| **SmartAppControl.xml** | This example policy includes rules based on [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) that are well-suited for lightly managed systems. This policy includes a rule that is unsupported for enterprise WDAC policies and must be removed. For more information about using this example policy, see [Create a custom base policy using an example base policy](create-wdac-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\SmartAppControl.xml <br>%ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\SignedReputable.xml |
+| **Microsoft Configuration Manager** | Customers who use Configuration Manager can deploy a policy with Configuration Manager's built-in App Control integration, and then use the generated policy XML as an example base policy. | %OSDrive%\Windows\CCM\DeviceGuard on a managed endpoint |
+| **SmartAppControl.xml** | This example policy includes rules based on [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) that are well-suited for lightly managed systems. This policy includes a rule that is unsupported for enterprise App Control policies and must be removed. For more information about using this example policy, see [Create a custom base policy using an example base policy](create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-app-control-base-policy). | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\SmartAppControl.xml <br>%ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\SignedReputable.xml |
 | **Example supplemental policy** | This example policy shows how to use supplemental policy to expand the DefaultWindows_Audit.xml allow a single Microsoft-signed file. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Supplemental.xml |
-| **Microsoft Recommended Block List** | This policy includes a list of Windows and Microsoft-signed code that Microsoft recommends blocking when using WDAC, if possible. | [Microsoft recommended block rules](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules) <br> %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\Recommended_UserMode_Blocklist.xml |
-| **Microsoft recommended driver blocklist** | This policy includes rules to block known vulnerable or malicious kernel drivers. | [Microsoft recommended driver block rules](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules) <br> %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\RecommendedDriverBlock_Enforced.xml <br> %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\Recommended_Driver_Blocklist.xml |
-| **Windows S mode** | This policy includes the rules used to enforce [Windows S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85). | %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\WinSiPolicy.xml.xml |
-| **Windows 11 SE** | This policy includes the rules used to enforce [Windows 11 SE](/education/windows/windows-11-se-overview), a version of Windows built for use in schools. | %ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\WinSEPolicy.xml.xml |
+| **Microsoft Recommended Block List** | This policy includes a list of Windows and Microsoft-signed code that Microsoft recommends blocking when using App Control, if possible. | [Microsoft recommended block rules](applications-that-can-bypass-appcontrol.md) <br> %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\Recommended_UserMode_Blocklist.xml |
+| **Microsoft recommended driver blocklist** | This policy includes rules to block known vulnerable or malicious kernel drivers. | [Microsoft recommended driver block rules](microsoft-recommended-driver-block-rules.md) <br> %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\RecommendedDriverBlock_Enforced.xml <br> %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\Recommended_Driver_Blocklist.xml |
+| **Windows S mode** | This policy includes the rules used to enforce [Windows S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85). | %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\WinSiPolicy.xml.xml |
+| **Windows 11 SE** | This policy includes the rules used to enforce [Windows 11 SE](/education/windows/windows-11-se-overview), a version of Windows built for use in schools. | %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\WinSEPolicy.xml.xml |
 
 > [!NOTE]
 > Not all policies shown available at %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies can be found on all versions of Windows.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md
similarity index 56%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md
rename to windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md
index d136e3824b..ce393a2e65 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md
@@ -1,28 +1,27 @@
 ---
-title: Manage packaged apps with WDAC
-description: Packaged apps, also known as Universal Windows apps, allow you to control the entire app by using a single Windows Defender Application Control (WDAC) rule.
+title: Manage packaged apps with App Control
+description: Packaged apps, also known as Universal Windows apps, allow you to control the entire app by using a single App Control for Business rule.
 ms.localizationpriority: medium
-ms.date: 03/01/2023
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
-# Manage Packaged Apps with Windows Defender Application Control
+# Manage Packaged Apps with App Control for Business
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This article for IT professionals describes concepts and lists procedures to help you manage packaged apps with Windows Defender Application Control (WDAC) as part of your overall application control strategy.
+This article for IT professionals describes concepts and lists procedures to help you manage packaged apps with App Control for Business as part of your overall App Control strategy.
 
 ## Comparing classic Windows Apps and Packaged Apps
 
-The biggest challenge in adopting application control is the lack of a strong app identity for classic Windows apps, also known as win32 apps. A typical win32 app consists of multiple components, including the installer that is used to install the app, and one or more exes, dlls, or scripts. An app can consist of hundreds or even thousands of individual binaries that work together to deliver the functionality that your users understand as the app. Some of that code may be signed by the software publisher, some may be signed by other companies, and some of it may not be signed at all. Much of the code may be written to disk by a common set of installers, but some may already be installed and some downloaded on demand. Some of the binaries have common resource header metadata, such as product name and product version, but other files won't share that information. So while you want to be able to express rules like "allow app Foo", that isn't something Windows inherently understands for classic Windows apps. Instead, you may have to create many WDAC rules to allow all the files that comprise the app.
+The biggest challenge in adopting App Control is the lack of a strong app identity for classic Windows apps, also known as win32 apps. A typical win32 app consists of multiple components, including the installer that is used to install the app, and one or more exes, dlls, or scripts. An app can consist of hundreds or even thousands of individual binaries that work together to deliver the functionality that your users understand as the app. Some of that code may be signed by the software publisher, some may be signed by other companies, and some of it may not be signed at all. Much of the code may be written to disk by a common set of installers, but some may already be installed and some downloaded on demand. Some of the binaries have common resource header metadata, such as product name and product version, but other files won't share that information. So while you want to be able to express rules like "allow app Foo", that isn't something Windows inherently understands for classic Windows apps. Instead, you may have to create many App Control rules to allow all the files that comprise the app.
 
-Packaged apps on the other hand, also known as [MSIX](/windows/msix/overview), ensure that all the files that make up an app share the same identity and have a common signature. Therefore, with packaged apps, it's possible to control the entire app with a single WDAC rule.
+Packaged apps on the other hand, also known as [MSIX](/windows/msix/overview), ensure that all the files that make up an app share the same identity and have a common signature. Therefore, with packaged apps, it's possible to control the entire app with a single App Control rule.
 
-## Using WDAC to Manage Packaged Apps
+## Using App Control to Manage Packaged Apps
 
 > [!IMPORTANT]
-> When controlling packaged apps, you must choose between signer rules or Package Family Name (PFN) rules. If **any** Package Family Name (PFN) rule is used in your WDAC base policy or one of its supplemental policies, then **all** packaged apps must be controlled exclusively using PFN rules. You can't mix-and-match PFN rules with signature-based rules within a given base policy's scope. This will affect many inbox system apps like the Start menu. You can use wildcards in PFN rules on Windows 11 to simplify the rule creation.
+> When controlling packaged apps, you must choose between signer rules or Package Family Name (PFN) rules. If **any** Package Family Name (PFN) rule is used in your App Control base policy or one of its supplemental policies, then **all** packaged apps must be controlled exclusively using PFN rules. You can't mix-and-match PFN rules with signature-based rules within a given base policy's scope. This will affect many inbox system apps like the Start menu. You can use wildcards in PFN rules on Windows 11 to simplify the rule creation.
 
 ### Creating signature-based rules for Packaged Apps
 
@@ -35,16 +34,16 @@ $FilePath = $env:USERPROFILE+'\Downloads\WDACWizard_2.1.0.1_x64_8wekyb3d8bbwe.MS
 $Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher
 ```
 
-Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule into your existing WDAC policy XML.
+Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule into your existing App Control policy XML.
 
 #### Create signer rule from AppxSignature.p7x
 
 ```powershell
-$FilePath = $env:ProgramFiles+'\WindowsApps\Microsoft.WDAC.WDACWizard_2.1.0.1_x64__8wekyb3d8bbwe\AppxSignature.p7x'
+$FilePath = $env:ProgramFiles+'\WindowsApps\Microsoft.App Control.WDACWizard_2.1.0.1_x64__8wekyb3d8bbwe\AppxSignature.p7x'
 $Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher
 ```
 
-Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule into your existing WDAC policy XML.
+Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule into your existing App Control policy XML.
 
 ### Creating PackageFamilyName rules for Packaged Apps
 
@@ -61,15 +60,15 @@ foreach ($Package in $Packages)
 }
 ```
 
-Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule(s) into your existing WDAC policy XML.
+Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerShell cmdlet to merge your new rule(s) into your existing App Control policy XML.
 
-#### Create PFN rules using the WDAC Wizard
+#### Create PFN rules using the App Control Wizard
 
 ##### Create PFN rule from an installed MSIX app
 
-Use the following steps to create a WDAC PFN rule for an app that is installed on the system:
+Use the following steps to create an App Control PFN rule for an app that is installed on the system:
 
-1. From the **Policy Signing Rules** page of the [WDAC Wizard](https://aka.ms/wdacwizard), select **Add Custom Rule**.
+1. From the **Policy Signing Rules** page of the [App Control Wizard](https://aka.ms/wdacwizard), select **Add Custom Rule**.
 2. Check **Usermode Rule** as the Rule Scope, if not checked.
 3. Select either **Allow** or **Deny** for your Rule Action.
 4. Select **Packaged App** for your Rule Type.
@@ -78,7 +77,7 @@ Use the following steps to create a WDAC PFN rule for an app that is installed o
 7. Select **Create Rule**.
 8. Create any other rules desired, then complete the Wizard.
 
-![Create PFN rule from WDAC Wizard](../images/wdac-wizard-custom-pfn-rule.png)
+![Create PFN rule from App Control Wizard](../images/appcontrol-wizard-custom-pfn-rule.png)
 
 ##### Create a PFN rule using a custom string
 
@@ -91,4 +90,4 @@ Use the following steps to create a PFN rule with a custom string value:
 5. Select **Create Rule**.
 6. Create any other rules desired, then complete the Wizard.
 
-![Create PFN rule with custom string from WDAC Wizard](../images/wdac-wizard-custom-manual-pfn-rule.png)
+![Create PFN rule with custom string from App Control Wizard](../images/appcontrol-wizard-custom-manual-pfn-rule.png)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
rename to windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md
index 040d3f9949..3ce08b2022 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md
@@ -5,14 +5,13 @@ ms.localizationpriority: medium
 ms.collection:
 - tier3
 - must-keep
-ms.date: 01/24/2024
+ms.date: 09/11/2024
 ms.topic: how-to
 ---
 
 # Microsoft recommended driver block rules
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 Microsoft has strict requirements for code running in kernel. So, malicious actors are turning to exploit vulnerabilities in legitimate and signed kernel drivers to run malware in kernel. One of the many strengths of the Windows platform is our strong collaboration with independent hardware vendors (IHVs) and OEMs. Microsoft works closely with our IHVs and security community to ensure the highest level of driver security for our customers. When vulnerabilities in drivers are found, we work with our partners to ensure they're quickly patched and rolled out to the ecosystem. The vulnerable driver blocklist is designed to help harden systems against non-Microsoft-developed drivers across the Windows ecosystem with any of the following attributes:
 
@@ -39,24 +38,24 @@ With Windows 11 2022 update, the vulnerable driver blocklist  is enabled by defa
 
 The blocklist is updated with each new major release of Windows, typically 1-2 times per year, including most recently with the Windows 11 2022 update released in September 2022. The most current blocklist is now also available for Windows 10 20H2 and Windows 11 21H2 users as an optional update from Windows Update. Microsoft will occasionally publish future updates through regular Windows servicing.
 
-Customers who always want the most up-to-date driver blocklist can also use Windows Defender Application Control (WDAC) to apply the latest recommended driver blocklist contained in this article. For your convenience, we provide a download of the most up-to-date vulnerable driver blocklist along with instructions to apply it on your computer at the end of this article. Otherwise, use the following XML to create your own custom WDAC policies.
+Customers who always want the most up-to-date driver blocklist can also use App Control for Business to apply the latest recommended driver blocklist contained in this article. For your convenience, we provide a download of the most up-to-date vulnerable driver blocklist along with instructions to apply it on your computer at the end of this article. Otherwise, use the following XML to create your own custom App Control policies.
 
-## Blocking vulnerable drivers using WDAC
+## Blocking vulnerable drivers using App Control
 
-Microsoft recommends enabling [HVCI](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) or S mode to protect your devices against security threats. If this setting isn't possible, Microsoft recommends blocking [this list of drivers](#vulnerable-driver-blocklist-xml) within your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can cause devices or software to malfunction, and in rare cases, blue screen. It's recommended to first validate this policy in [audit mode](/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies) and review the audit block events.
+Microsoft recommends enabling [HVCI](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) or S mode to protect your devices against security threats. If this setting isn't possible, Microsoft recommends blocking [this list of drivers](#vulnerable-driver-blocklist-xml) within your existing App Control for Business policy. Blocking kernel drivers without sufficient testing can cause devices or software to malfunction, and in rare cases, blue screen. It's recommended to first validate this policy in [audit mode](../deployment/audit-appcontrol-policies.md) and review the audit block events.
 
 > [!IMPORTANT]
-> Microsoft also recommends enabling Attack Surface Reduction (ASR) rule [**Block abuse of exploited vulnerable signed drivers**](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference#block-abuse-of-exploited-vulnerable-signed-drivers) to prevent an application from writing a vulnerable signed driver to disk. The ASR rule doesn't block a driver already existing on the system from loading, however enabling **Microsoft vulnerable driver blocklist** or applying this WDAC policy will prevent the existing driver from loading.
+> Microsoft also recommends enabling Attack Surface Reduction (ASR) rule [**Block abuse of exploited vulnerable signed drivers**](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference#block-abuse-of-exploited-vulnerable-signed-drivers) to prevent an application from writing a vulnerable signed driver to disk. The ASR rule doesn't block a driver already existing on the system from loading, however enabling **Microsoft vulnerable driver blocklist** or applying this App Control policy will prevent the existing driver from loading.
 
 ## Steps to download and apply the vulnerable driver blocklist binary
 
 If you prefer to apply the [vulnerable driver blocklist](#vulnerable-driver-blocklist-xml) exactly as shown, follow these steps:
 
-1. Download the [WDAC policy refresh tool](https://aka.ms/refreshpolicy)
+1. Download the [App Control policy refresh tool](https://aka.ms/refreshpolicy)
 2. Download and extract the [vulnerable driver blocklist binaries](https://aka.ms/VulnerableDriverBlockList)
 3. Select either the audit only version or the enforced version and rename the file to SiPolicy.p7b
 4. Copy SiPolicy.p7b to %windir%\system32\CodeIntegrity
-5. Run the WDAC policy refresh tool you downloaded in Step 1 above to activate and refresh all WDAC policies on your computer
+5. Run the App Control policy refresh tool you downloaded in Step 1 above to activate and refresh all App Control policies on your computer
 
 To check that the policy was successfully applied on your computer:
 
@@ -64,15 +63,15 @@ To check that the policy was successfully applied on your computer:
 2. Browse to **Applications and Services Logs - Microsoft - Windows - CodeIntegrity - Operational**
 3. Select **Filter Current Log...**
 4. Replace "&lt;All Event IDs&gt;" with "3099" and select OK.
-5. Look for a 3099 event where the PolicyNameBuffer and PolicyIdBuffer match the Name and Id PolicyInfo settings found at the bottom of the blocklist WDAC Policy XML in this article. NOTE: Your computer may have more than one 3099 event if other WDAC policies are also present.
+5. Look for a 3099 event where the PolicyNameBuffer and PolicyIdBuffer match the Name and Id PolicyInfo settings found at the bottom of the blocklist App Control Policy XML in this article. NOTE: Your computer may have more than one 3099 event if other App Control policies are also present.
 
 > [!NOTE]
-> If any vulnerable drivers are already running that would be blocked by the policy, you must reboot your computer for those drivers to be blocked. Running processes aren't shutdown when activating a new WDAC policy without reboot.
+> If any vulnerable drivers are already running that would be blocked by the policy, you must reboot your computer for those drivers to be blocked. Running processes aren't shutdown when activating a new App Control policy without reboot.
 
 ## Vulnerable driver blocklist XML
 
 > [!IMPORTANT]
-> The following policy contains **Allow All** rules. If your version of Windows supports WDAC multiple policies, we recommend deploying this policy alongside any existing WDAC policies. If you do plan to merge this policy with another policy, you may need to remove the **Allow All** rules before merging it if the other policy applies an explicit allow list. For more information, see [Create a WDAC Deny Policy](/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy#single-policy-considerations).
+> The following policy contains **Allow All** rules. If your version of Windows supports App Control multiple policies, we recommend deploying this policy alongside any existing App Control policies. If you do plan to merge this policy with another policy, you may need to remove the **Allow All** rules before merging it if the other policy applies an explicit allow list. For more information, see [Create an App Control Deny Policy](create-appcontrol-deny-policy.md#guidance-on-creating-app-control-deny-policies).
 
 > [!NOTE]
 > To use this policy with Windows Server 2016, you must convert the policy XML on a device running a newer operating system.
@@ -4756,4 +4755,4 @@ The following recommended blocklist xml policy file can also be downloaded from
 
 ## More information
 
-- [Merge Windows Defender Application Control policies](/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies)
+- [Merge App Control for Business policies](../deployment/merge-appcontrol-policies.md)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md
new file mode 100644
index 0000000000..ff41a98da8
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md
@@ -0,0 +1,88 @@
+---
+title: Plan for App Control policy management
+description: Learn about the decisions you need to make to establish the processes for managing and maintaining App Control for Business policies.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# Plan for App Control for Business lifecycle policy management
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This article describes the decisions you need to make to establish the processes for managing and maintaining App Control for Business policies.
+
+## Policy XML lifecycle management
+
+The first step in implementing App Control is to consider how your policies will be managed and maintained over time. Developing a process for managing App Control for Business policies helps ensure that App Control continues to effectively control how applications are allowed to run in your organization.
+
+Most App Control for Business policies will evolve over time and proceed through a set of identifiable phases during their lifetime. Typically, these phases include:
+
+1. [Define (or refine) the "circle-of-trust"](understand-appcontrol-policy-design-decisions.md) for the policy and build an audit mode version of the policy XML. In audit mode, block events are generated but files aren't prevented from executing.
+2. [Deploy the audit mode policy](../deployment/audit-appcontrol-policies.md) to intended devices.
+3. [Monitor audit block events](../operations/event-id-explanations.md) from the intended devices and add/edit/delete rules as needed to address unexpected/unwanted blocks.
+4. Repeat steps 2-3 until the remaining block events meet expectations.
+5. [Generate the enforced mode version](../deployment/enforce-appcontrol-policies.md) of the policy. In enforced mode, files that the policy doesn't allow are prevented from running and corresponding block events are generated.
+6. [Deploy the enforced mode policy](../deployment/appcontrol-deployment-guide.md) to intended devices. We recommend using staged rollouts for enforced policies to detect and respond to issues before deploying the policy broadly.
+7. Repeat steps 1-6 anytime the desired "circle-of-trust" changes.
+
+![Recommended App Control policy deployment process.](../images/policyflow.png)
+
+### Keep App Control policies in a source control or document management solution
+
+To effectively manage App Control for Business policies, you should store and maintain your policy XML documents in a central repository that is accessible to everyone responsible for App Control policy management. We recommend a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration), which provide version control and allow you to specify metadata about the XML documents.
+
+### Set PolicyName, PolicyID, and Version metadata for each policy
+
+Use the [Set-CIPolicyIDInfo](/powershell/module/configci/set-cipolicyidinfo) cmdlet to give each policy a descriptive name and set a unique policy ID. These unique attributes help you differentiate each policy when reviewing App Control for Business events or when viewing the policy XML document. Although you can specify a string value for PolicyId, for policies using the multiple policy format we recommend using the -ResetPolicyId switch to let the system autogenerate a unique ID for the policy.
+
+> [!NOTE]
+> PolicyID only applies to policies using the [multiple policy format](deploy-multiple-appcontrol-policies.md) on computers running Windows 10, version 1903 and above, or Windows 11. Running -ResetPolicyId on a policy created for pre-1903 computers will convert it to multiple policy format and prevent it from running on those earlier versions of Windows 10.
+> PolicyID should be set only once per policy and use different PolicyID's for the audit and enforced mode versions of each policy.
+
+In addition, we recommend using the [Set-CIPolicyVersion](/powershell/module/configci/set-cipolicyversion) cmdlet to increment the policy's internal version number when you make changes to the policy. The version must be defined as a standard four-part version string (for example, "1.0.0.0").
+
+### Policy rule updates
+
+You might need to revise your policy when new apps are deployed or existing apps are updated by the software publisher to ensure that apps run correctly. Whether policy rule updates are required will depend significantly on the types of rules your policy includes. Rules based on codesigning certificates provide the most resiliency against app changes while rules based on file attributes or hash are most likely to require updates when apps change. Alternatively, if you use App Control [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) functionality and consistently deploy all apps and their updates through your managed installer, then you're less likely to need policy updates.
+
+## App Control event management
+
+Each time that App Control blocks a process, events are written to either the CodeIntegrity\Operational or the AppLocker\MSI and Script Windows event logs. The event describes the file that tried to run, the attributes of that file and its signatures, and the process that attempted to run the blocked file.
+
+Collecting these events in a central location can help you maintain your App Control for Business policy and troubleshoot rule configuration problems. You can [use the Azure Monitor Agent](/azure/azure-monitor/agents/data-collection-rule-azure-monitor-agent) to automatically collect your App Control events for analysis.
+
+Additionally, [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint) collects App Control events which can be queried using the [advanced hunting](../operations/querying-application-control-events-centrally-using-advanced-hunting.md) feature.
+
+## Application and user support policy
+
+Considerations include:
+
+- What type of end-user support is provided for blocked applications?
+- How are new rules added to the policy?
+- How are existing rules updated?
+- Are events forwarded for review?
+
+### Help desk support
+
+If your organization has an established help desk support department in place, consider the following points when deploying App Control for Business policies:
+
+- What documentation does your support department require for new policy deployments?
+- What are the critical processes in each business group both in work flow and timing that will be affected by App Control policies and how could they affect your support department's workload?
+- Who are the contacts in the support department?
+- How will the support department resolve App Control issues between the end user and those resources who maintain the App Control for Business rules?
+
+### End-user support
+
+Because App Control for Business is preventing unapproved apps from running, it's important that your organization carefully plans how to provide end-user support. Considerations include:
+
+- Do you want to use an intranet site as a frontline of support for users who try to run a blocked app?
+- How do you want to support exceptions to the policy? Will you allow users to run a script to temporarily allow access to a blocked app?
+
+## Document your plan
+
+After deciding how your organization will manage your App Control for Business policy, record your findings.
+
+- **End-user support policy.** Document the process that you'll use for handling calls from users who have attempted to run a blocked app, and ensure that support personnel have clear escalation steps so that the administrator can update the App Control for Business policy, if necessary.
+- **Event processing.** Document whether events will be collected in a central location called a store, how that store will be archived, and whether the events will be processed for analysis.
+- **Policy management.** Detail what policies are planned, how they'll be managed, and how rules will be maintained over time.
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md
new file mode 100644
index 0000000000..16b4739600
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md
@@ -0,0 +1,62 @@
+---
+title: Understand App Control script enforcement
+description: App Control script enforcement
+ms.manager: jsuther
+ms.date: 09/11/2024
+ms.topic: conceptual
+ms.localizationpriority: medium
+---
+
+# Script enforcement with App Control for Business
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+> [!IMPORTANT]
+> Option **11 Disabled:Script Enforcement** is not supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and should not be used on those platforms. Doing so will result in unexpected script enforcement behaviors.
+
+## Script enforcement overview
+
+By default, script enforcement is enabled for all App Control policies unless the option **11 Disabled:Script Enforcement** is set in the policy. App Control script enforcement involves a handshake between an enlightened script host, such as PowerShell, and App Control. However, the script host handles the actual enforcement behavior. Some script hosts, like the Microsoft HTML Application Host (mshta.exe), block all code execution if any App Control UMCI policy is active. Most script hosts first ask App Control whether a script should be allowed to run based on the App Control policies currently active. The script host then either blocks, allows, or changes *how* the script is run to best protect the user and the device.
+
+Validation for signed scripts is done using the [WinVerifyTrust API](/windows/win32/api/wintrust/nf-wintrust-winverifytrust). To pass validation, the signature root must be present in the trusted root store on the device and your App Control policy must allow it. This behavior is different from App Control validation for executable files, which doesn't require installation of the root certificate.
+
+App Control shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks App Control if a script should be allowed, an event is logged with the answer App Control returned to the script host. For more information on App Control script enforcement events, see [Understanding App Control events](../operations/event-id-explanations.md#app-control-block-events-for-packaged-apps-msi-installers-scripts-and-com-objects).
+
+> [!NOTE]
+> When a script runs that is not allowed by policy, App Control raises an event indicating that the script was "blocked." However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
+>
+> Also be aware that some script hosts may change how they behave even if an App Control policy is in audit mode only. You should review the script host specific information in this article and test thoroughly within your environment to ensure the scripts you need to run are working properly.
+
+## Enlightened script hosts that are part of Windows
+
+### PowerShell
+
+Your App Control policies must allow all PowerShell scripts (.ps1), modules (.psm1), and manifests (.psd1) for them to run with Full Language rights.
+
+Your App Control policies must also allow any **dependent modules** that are loaded by an allowed module, and module functions must be exported explicitly by name when App Control is enforced. Modules that don't specify any exported functions (no export name list) still load but no module functions are accessible. Modules that use wildcards (\*) in their name will fail to load.
+
+Any PowerShell script that isn't allowed by App Control policy still runs, but only in Constrained Language Mode.
+
+PowerShell **dot-sourcing** isn't recommended. Instead, scripts should use PowerShell modules to provide common functionality. If an allowed script file does try to run dot-sourced script files, those script files must also pass the policy.
+
+App Control puts **interactive PowerShell** into Constrained Language Mode if any App Control UMCI policy is enforced and *any* active App Control policy enables script enforcement, even if that policy is in audit mode. To run interactive PowerShell with Full Language rights, you must disable script enforcement for *all* policies.
+
+For more information, see [About Language Modes](/powershell/module/microsoft.powershell.core/about/about_language_modes) and [Constrained Language Mode](https://devblogs.microsoft.com/powershell/powershell-constrained-language-mode/).
+
+### VBscript, cscript, and jscript
+
+Your App Control policies must allow all scripts run using the Windows Based Script Host (wscript.exe) or the Microsoft Console Based Script Host (cscript.exe). If not, the script is blocked.
+
+### Microsoft HTML Application Host (MSHTA) and MSXML
+
+All code execution using MSHTA or MSXML is blocked if any App Control policy with script enforcement is active, even if that policy is in audit mode.
+
+### COM objects
+
+App Control additionally enforces a restricted allowlist for COM objects that your App Control policy can expand or further restrict. COM object enforcement **isn't** affected by option **11 Disabled:Script Enforcement**. For more information on how to allow or deny COM objects, see [Allow COM object registration](allow-com-object-registration-in-appcontrol-policy.md).
+
+## Scripts that aren't directly controlled by App Control
+
+App Control doesn't directly control code run via the Windows Command Processor (cmd.exe), including .bat/.cmd script files. However, anything that such a batch script tries to run is subject to App Control control. If you don't need to run cmd.exe, it's recommended to block it outright or allow it only by exception based on the calling process. See [Use an App Control for Business policy to control specific plug-ins, add-ins, and modules](use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md).
+
+App Control doesn't control scripts run through an unenlightened script host, such as many 3rd-party Java or Python engines. If your App Control policy allows an unenlightened script host to run, then you implicitly allow all scripts run through that host. For non-Microsoft script hosts, you should check with the software vendor whether their script hosts are enlightened to App Control policy.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md
similarity index 60%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md
rename to windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md
index ce2f7e2e2f..8cdfe418ba 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md
@@ -1,66 +1,65 @@
 ---
-title: Understand Windows Defender Application Control (WDAC) policy rules and file rules
-description: Learn how WDAC policy rules and file rules can control your Windows 10 and Windows 11 computers.
+title: Understand App Control for Business policy rules and file rules
+description: Learn how App Control policy rules and file rules can control your Windows 10 and Windows 11 computers.
 ms.localizationpriority: medium
-ms.date: 11/22/2023
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
-# Understand Windows Defender Application Control (WDAC) policy rules and file rules
+# Understand App Control for Business policy rules and file rules
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+App Control for Business can control what runs on your Windows devices by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how to identify applications your organization trusts.
+
+## App Control for Business policy rules
+
+To modify the policy rule options of an existing App Control policy XML, use the [App Control Policy Wizard](appcontrol-wizard.md) or the [Set-RuleOption](/powershell/module/configci/set-ruleoption) PowerShell cmdlet.
+
+You can set several rule options within an App Control policy. Table 1 describes each rule option, and whether supplemental policies can set them. Some rule options are reserved for future work or not supported.
 
 > [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
-
-Windows Defender Application Control (WDAC) can control what runs on your Windows devices by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how to identify applications your organization trusts.
-
-## Windows Defender Application Control policy rules
-
-To modify the policy rule options of an existing WDAC policy XML, use the [WDAC Policy Wizard](/windows/security/threat-protection/windows-defender-application-control/wdac-wizard) or the [Set-RuleOption](/powershell/module/configci/set-ruleoption) PowerShell cmdlet.
-
-You can set several rule options within a WDAC policy. Table 1 describes each rule option, and whether supplemental policies can set them. Some rule options are reserved for future work or not supported.
-
-> [!NOTE]
-> We recommend that you use **Enabled:Audit Mode** initially because it allows you to test new WDAC policies before you enforce them. With audit mode, applications run normally but WDAC logs events whenever a file runs that isn't allowed by the policy. To allow these files, you can capture the policy information from the event log, and then merge that information into the existing policy. When the **Enabled:Audit Mode** is deleted, the policy runs in enforced mode.
+> We recommend that you use **Enabled:Audit Mode** initially because it allows you to test new App Control policies before you enforce them. With audit mode, applications run normally but App Control logs events whenever a file runs that isn't allowed by the policy. To allow these files, you can capture the policy information from the event log, and then merge that information into the existing policy. When the **Enabled:Audit Mode** is deleted, the policy runs in enforced mode.
 >
-> Some apps may behave differently even when your policy is in audit mode. When an option may change behaviors in audit mode, that is noted in Table 1. You should always test your apps thoroughly when deploying significant updates to your WDAC policies.
+> Some apps may behave differently even when your policy is in audit mode. When an option may change behaviors in audit mode, that is noted in Table 1. You should always test your apps thoroughly when deploying significant updates to your App Control policies.
 
-### Table 1. Windows Defender Application Control policy - policy rule options
+### Table 1. App Control for Business policy - policy rule options
 
 | Rule option | Description | Valid supplemental option |
 |------------ | ----------- | ----------- |
-| **0 Enabled:UMCI** | WDAC policies restrict both kernel-mode and user-mode binaries. By default, only kernel-mode binaries are restricted. Enabling this rule option validates user mode executables and scripts. | No |
+| **0 Enabled:UMCI** | App Control policies restrict both kernel-mode and user-mode binaries. By default, only kernel-mode binaries are restricted. Enabling this rule option validates user mode executables and scripts. | No |
 | **1 Enabled:Boot Menu Protection** | This option isn't currently supported. | No |
 | **2 Required:WHQL** | By default, kernel drivers that aren't Windows Hardware Quality Labs (WHQL) signed are allowed to run. Enabling this rule requires that every driver is WHQL signed and removes legacy driver support. Kernel drivers built for Windows 10 should be WHQL certified. | No |
-| **3 Enabled:Audit Mode (Default)** | Instructs WDAC to log information about applications, binaries, and scripts that would have been blocked, if the policy was enforced. You can use this option to identify the potential impact of your WDAC policy, and use the audit events to refine the policy before enforcement. To enforce a WDAC policy, delete this option. | No |
+| **3 Enabled:Audit Mode (Default)** | Instructs App Control to log information about applications, binaries, and scripts that would have been blocked, if the policy was enforced. You can use this option to identify the potential impact of your App Control policy, and use the audit events to refine the policy before enforcement. To enforce an App Control policy, delete this option. | No |
 | **4 Disabled:Flight Signing** | If enabled, binaries from Windows Insider builds aren't trusted. This option is useful for organizations that only want to run released binaries, not prerelease Windows builds. | No |
 | **5 Enabled:Inherit Default Policy** | This option is reserved for future use and currently has no effect. | Yes |
 | **6 Enabled:Unsigned System Integrity Policy (Default)** | Allows the policy to remain unsigned. When this option is removed, the policy must be signed and any supplemental policies must also be signed. The certificates that are trusted for future policy updates must be identified in the UpdatePolicySigners section. Certificates that are trusted for supplemental policies must be identified in the SupplementalPolicySigners section. | Yes |
 | **7 Allowed:Debug Policy Augmented** | This option isn't currently supported. | Yes |
 | **8 Required:EV Signers** | This option isn't currently supported. | No |
-| **9 Enabled:Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all WDAC policies. Setting this rule option allows the F8 menu to appear to physically present users. | No |
-| **10 Enabled:Boot Audit on Failure** | Used when the WDAC policy is in enforcement mode. When a boot-critical driver fails during startup, the WDAC policy is placed in audit mode so that Windows loads. Administrators can validate the reason for the failure in the CodeIntegrity event log. | No |
-| **11 Disabled:Script Enforcement** | This option disables script enforcement options, covering PowerShell, Windows Based Script Host (wscript.exe), Windows Console Based Script Host (cscript.exe), HTA files run in Microsoft HTML Application Host (mshta.exe), and MSXML. Some script hosts may behave differently even when your policy is in audit mode. For more information on script enforcement, see [Script enforcement with WDAC](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement). <br/> NOTE: This option isn't supported on Windows Server 2016 or Windows 10 1607 LTSB and shouldn't be used on those operating systems. | No |
-| **12 Required:Enforce Store Applications** | If this rule option is enabled, WDAC policies also apply to Universal Windows applications. | No |
-| **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a managed installer. For more information, see [Authorize apps deployed with a WDAC managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) | Yes |
+| **9 Enabled:Advanced Boot Options Menu** | The F8 preboot menu is disabled by default for all App Control policies. Setting this rule option allows the F8 menu to appear to physically present users. | No |
+| **10 Enabled:Boot Audit on Failure** | Used when the App Control policy is in enforcement mode. When a boot-critical driver fails during startup, the App Control policy is placed in audit mode so that Windows loads. Administrators can validate the reason for the failure in the CodeIntegrity event log. | No |
+| **11 Disabled:Script Enforcement** | This option disables script enforcement options, covering PowerShell, Windows Based Script Host (wscript.exe), Windows Console Based Script Host (cscript.exe), HTA files run in Microsoft HTML Application Host (mshta.exe), and MSXML. Some script hosts may behave differently even when your policy is in audit mode. For more information on script enforcement, see [Script enforcement with App Control](script-enforcement.md). <br/> NOTE: This option isn't supported on Windows Server 2016 or Windows 10 1607 LTSB and shouldn't be used on those operating systems. | No |
+| **12 Required:Enforce Store Applications** | If this rule option is enabled, App Control policies also apply to Universal Windows applications. | No |
+| **13 Enabled:Managed Installer** | Use this option to automatically allow applications installed by a managed installer. For more information, see [Authorize apps deployed with an App Control managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) | Yes |
 | **14 Enabled:Intelligent Security Graph Authorization** | Use this option to automatically allow applications with "known good" reputation as defined by Microsoft's Intelligent Security Graph (ISG). | Yes |
-| **15 Enabled:Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option causes WDAC to periodically revalidate the reputation for files previously authorized by the ISG.| No |
-| **16 Enabled:Update Policy No Reboot** | Use this option to allow future WDAC policy updates to apply without requiring a system reboot.<br/> NOTE: This option is only supported on Windows 10, version 1709 and later, or Windows Server 2019 and later.| No |
+| **15 Enabled:Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, App Control sets an extended file attribute that indicates that the file was authorized to run. This option causes App Control to periodically revalidate the reputation for files previously authorized by the ISG.| No |
+| **16 Enabled:Update Policy No Reboot** | Use this option to allow future App Control policy updates to apply without requiring a system reboot.<br/> NOTE: This option is only supported on Windows 10, version 1709 and later, or Windows Server 2019 and later.| No |
 | **17 Enabled:Allow Supplemental Policies** | Use this option on a base policy to allow supplemental policies to expand it.<br/> NOTE: This option is only supported on Windows 10, version 1903 and later, or Windows Server 2022 and later. | No |
 | **18 Disabled:Runtime FilePath Rule Protection** | This option disables the default runtime check that only allows FilePath rules for paths that are only writable by an administrator.<br/> NOTE: This option is only supported on Windows 10, version 1903 and later, or Windows Server 2022 and later. | Yes |
-| **19 Enabled:Dynamic Code Security** | Enables policy enforcement for .NET applications and dynamically loaded libraries.<br/> NOTE: This option is only supported on Windows 10, version 1803 and later, or Windows Server 2019 and later.<br/> NOTE: This option is always enforced if *any* WDAC UMCI policy enables it. There's no audit mode for .NET dynamic code security hardening. | No |
+| **19 Enabled:Dynamic Code Security** | Enables policy enforcement for .NET applications and dynamically loaded libraries.<br/> NOTE: This option is only supported on Windows 10, version 1803 and later, or Windows Server 2019 and later.<br/> NOTE: This option is always enforced if *any* App Control UMCI policy enables it. There's no audit mode for .NET dynamic code security hardening. | No |
 | **20 Enabled:Revoked Expired As Unsigned** | Use this option to treat binaries signed with revoked certificates, or expired certificates with the Lifetime Signing EKU on the signature, as "Unsigned binaries" for user-mode process/components, under enterprise signing scenarios. | No |
 | **Enabled:Developer Mode Dynamic Code Trust** | Use this option to trust UWP apps that are [debugged in Visual Studio](/visualstudio/debugger/run-windows-store-apps-on-a-remote-machine) or deployed through device portal when Developer Mode is enabled on the system. | No |
 
-## Windows Defender Application Control file rule levels
+## App Control for Business file rule levels
 
-File rule levels allow administrators to specify the level at which they want to trust their applications. This level of trust could be as granular as the hash of each binary, or as general as a CA certificate. You specify file rule levels when using the WDAC Wizard or WDAC PowerShell cmdlets to create and modify policies.
+File rule levels allow administrators to specify the level at which they want to trust their applications. This level of trust could be as granular as the hash of each binary, or as general as a CA certificate. You specify file rule levels when using the App Control Wizard or App Control PowerShell cmdlets to create and modify policies.
 
-Each file rule level has advantages and disadvantages. Use Table 2 to select the appropriate protection level for your available administrative resources and WDAC deployment scenario.
+Each file rule level has advantages and disadvantages. Use Table 2 to select the appropriate protection level for your available administrative resources and App Control deployment scenario.
 
 > [!NOTE]
-> WDAC signer-based rules only work with RSA cryptography with a maximum key length of 4096 bits. ECC algorithms, such as ECDSA, aren't supported. If you try to allow files by signature based on ECC signatures, you'll see VerificationError = 23 on the corresponding 3089 signature information events. Files can be allowed instead by hash or file attribute rules, or using other signer rules if the file is also signed with signatures using RSA.
+> App Control signer-based rules only work with RSA cryptography with a maximum key length of 4096 bits. ECC algorithms, such as ECDSA, aren't supported. If you try to allow files by signature based on ECC signatures, you'll see VerificationError = 23 on the corresponding 3089 signature information events. Files can be allowed instead by hash or file attribute rules, or using other signer rules if the file is also signed with signatures using RSA.
 
-### Table 2. Windows Defender Application Control policy - file rule levels
+### Table 2. App Control for Business policy - file rule levels
 
 | Rule level | Description |
 |----------- | ----------- |
@@ -70,7 +69,7 @@ Each file rule level has advantages and disadvantages. Use Table 2 to select the
 | **SignedVersion** | This level combines the publisher rule with a version number. It allows anything to run from the specified publisher with a version at or above the specified version number. |
 | **Publisher** | This level combines the PcaCertificate level (typically one certificate below the root) and the common name (CN) of the leaf certificate. You can use this rule level to trust a certificate issued by a particular CA and issued to a specific company you trust (such as Intel, for device drivers). |
 | **FilePublisher** | This level combines the "FileName" attribute of the signed file, plus "Publisher" (PCA certificate with CN of leaf), plus a minimum version number. This option trusts specific files from the specified publisher, with a version at or above the specified version number. By default, this level uses the OriginalFileName attribute of the file's resource header. Use [-SpecificFileNameLevel](#use--specificfilenamelevel-with-filename-filepublisher-or-whqlfilepublisher-level-rules) to choose an alternative attribute, such as ProductName. |
-| **LeafCertificate** | Adds trusted signers at the individual signing certificate level. The benefit of using this level versus the individual hash level is that new versions of the product have different hash values but typically the same signing certificate. When this level is used, no policy update would be needed to run the new version of the application. However, leaf certificates typically have shorter validity periods than other certificate levels, so the WDAC policy must be updated whenever these certificates change. |
+| **LeafCertificate** | Adds trusted signers at the individual signing certificate level. The benefit of using this level versus the individual hash level is that new versions of the product have different hash values but typically the same signing certificate. When this level is used, no policy update would be needed to run the new version of the application. However, leaf certificates typically have shorter validity periods than other certificate levels, so the App Control policy must be updated whenever these certificates change. |
 | **PcaCertificate** | Adds the highest available certificate in the provided certificate chain to signers. This level is typically one certificate below the root because the scan doesn't resolve the complete certificate chain via the local root stores or with an online check. |
 | **RootCertificate** | Not supported. |
 | **WHQL** | Only trusts binaries that were submitted to Microsoft and signed by the Windows Hardware Qualification Lab (WHQL). This level is primarily for kernel binaries. |
@@ -78,7 +77,7 @@ Each file rule level has advantages and disadvantages. Use Table 2 to select the
 | **WHQLFilePublisher** | This level combines the "FileName" attribute of the signed file, plus "WHQLPublisher", plus a minimum version number. This level is primarily for kernel binaries. By default, this level uses the OriginalFileName attribute of the file's resource header. Use [-SpecificFileNameLevel](#use--specificfilenamelevel-with-filename-filepublisher-or-whqlfilepublisher-level-rules) to choose an alternative attribute, such as ProductName. |
 
 > [!NOTE]
-> When you create WDAC policies with [New-CIPolicy](/powershell/module/configci/new-cipolicy), you can specify a primary file rule level, by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate, but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate.
+> When you create App Control policies with [New-CIPolicy](/powershell/module/configci/new-cipolicy), you can specify a primary file rule level, by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate, but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate.
 
 > [!NOTE]
 > When applicable, minimum and maximum version numbers in a file rule are referenced as MinimumFileVersion and MaximumFileVersion respectively in the policy XML.
@@ -91,16 +90,16 @@ Each file rule level has advantages and disadvantages. Use Table 2 to select the
 
 For example, consider an IT professional in a department that runs many servers. They only want to run software signed by the companies that provide their hardware, operating system, antivirus, and other important software. They know that their servers also run an internally written application that is unsigned but is rarely updated. They want to allow this application to run.
 
-To create the WDAC policy, they build a reference server on their standard hardware, and install all of the software that their servers are known to run. Then they run [New-CIPolicy](/powershell/module/configci/new-cipolicy) with **-Level Publisher** (to allow software from their software providers, the "Publishers") and **-Fallback Hash** (to allow the internal, unsigned application). They deploy the policy in auditing mode to determine the potential impact from enforcing the policy. With the help of the audit data, they update their WDAC policies to include any other software they want to run. Then they enable the WDAC policy in enforced mode for their servers.
+To create the App Control policy, they build a reference server on their standard hardware, and install all of the software that their servers are known to run. Then they run [New-CIPolicy](/powershell/module/configci/new-cipolicy) with **-Level Publisher** (to allow software from their software providers, the "Publishers") and **-Fallback Hash** (to allow the internal, unsigned application). They deploy the policy in auditing mode to determine the potential impact from enforcing the policy. With the help of the audit data, they update their App Control policies to include any other software they want to run. Then they enable the App Control policy in enforced mode for their servers.
 
-As part of normal operations, they'll eventually install software updates, or perhaps add software from the same software providers. Because the "Publisher" remains the same on those updates and software, they don't need to update their WDAC policy. If the unsigned, internal application is updated, they must also update the WDAC policy to allow the new version.
+As part of normal operations, they'll eventually install software updates, or perhaps add software from the same software providers. Because the "Publisher" remains the same on those updates and software, they don't need to update their App Control policy. If the unsigned, internal application is updated, they must also update the App Control policy to allow the new version.
 
 ## File rule precedence order
 
-WDAC has a built-in file rule conflict logic that translates to precedence order. It first processes all explicit deny rules it finds. Then, it processes any explicit allow rules. If no deny or allow rule exists, WDAC checks for a [Managed Installer claim](../deployment/deploy-wdac-policies-with-memcm.md) if allowed by the policy. Lastly, WDAC falls back to the [ISG](use-wdac-with-intelligent-security-graph.md) if allowed by the policy.
+App Control has a built-in file rule conflict logic that translates to precedence order. It first processes all explicit deny rules it finds. Then, it processes any explicit allow rules. If no deny or allow rule exists, App Control checks for a [Managed Installer claim](../deployment/deploy-appcontrol-policies-with-memcm.md) if allowed by the policy. Lastly, App Control falls back to the [ISG](use-appcontrol-with-intelligent-security-graph.md) if allowed by the policy.
 
 > [!NOTE]
-> To make it easier to reason over your WDAC policies, we recommend maintaining separate ALLOW and DENY policies on Windows versions that support [multiple WDAC policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies).
+> To make it easier to reason over your App Control policies, we recommend maintaining separate ALLOW and DENY policies on Windows versions that support [multiple App Control policies](deploy-multiple-appcontrol-policies.md).
 
 ## Use -SpecificFileNameLevel with FileName, FilePublisher, or WHQLFilePublisher level rules
 
@@ -125,19 +124,19 @@ Filepath rules don't provide the same security guarantees that explicit signer r
 
 ### User-writable filepaths
 
-By default, WDAC performs a user-writeability check at runtime that ensures that the current permissions on the specified filepath only allow write access for admin users.
+By default, App Control performs a user-writeability check at runtime that ensures that the current permissions on the specified filepath only allow write access for admin users.
 
-There's a defined list of SIDs that WDAC recognizes as admins. If a filepath allows write permissions for any SID not in this list, the filepath is considered to be user-writeable, even if the SID is associated to a custom admin user. To handle these special cases, you can override WDAC's runtime admin-writeable check with the **Disabled:Runtime FilePath Rule Protection** option described earlier.
+There's a defined list of SIDs that App Control recognizes as admins. If a filepath allows write permissions for any SID not in this list, the filepath is considered to be user-writeable, even if the SID is associated to a custom admin user. To handle these special cases, you can override App Control's runtime admin-writeable check with the **Disabled:Runtime FilePath Rule Protection** option described earlier.
 
-WDAC's list of well-known admin SIDs are:
+App Control's list of well-known admin SIDs are:
 
 S-1-3-0; S-1-5-18; S-1-5-19; S-1-5-20; S-1-5-32-544; S-1-5-32-549; S-1-5-32-550; S-1-5-32-551; S-1-5-32-577; S-1-5-32-559; S-1-5-32-568; S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394; S-1-15-2-95739096-486727260-2033287795-3853587803-1685597119-444378811-2746676523.
 
 When filepath rules are generated using [New-CIPolicy](/powershell/module/configci/new-cipolicy), a unique, fully qualified path rule is generated for every file discovered in the scanned path(s). To create rules that instead allow all files under a specified folder path, use [New-CIPolicyRule](/powershell/module/configci/new-cipolicyrule) to define rules containing wildcards, using the [-FilePathRules](/powershell/module/configci/new-cipolicyrule#parameters) switch.
 
-### Using wildcards in WDAC filepath rules
+### Using wildcards in App Control filepath rules
 
-The following wildcards can be used in WDAC filepath rules:
+The following wildcards can be used in App Control filepath rules:
 
 | Wildcard character | Meaning | Supported operating systems |
 |------------ | ----------- | ----------- |
@@ -157,30 +156,30 @@ You can also use the following macros when the exact volume may vary: `%OSDRIVE%
 |------------ | ----------- | ----------- |
 | **C:\\Windows\\\*** <br> **D:\\EnterpriseApps\\MyApp\\\*** <br> **%OSDRIVE%\\Windows\\\*** | Wildcards placed at the end of a path authorize all files in the immediate path and its subdirectories recursively. | Windows 11, Windows 10, and Windows Server 2022 |
 | **\*\\bar.exe** | Wildcards placed at the beginning of a path allow the exact specified filename in any location. | Windows 11, Windows 10, and Windows Server 2022 |
-| **C:\\\*\\CCMCACHE\\\*\\7z????-x64.exe** <br> **%OSDRIVE%\\\*\\CCMCACHE\\\*\\7z????-x64.exe** | Wildcards used in the middle of a path allow all files that match that pattern. Consider carefully all the possible matches, particularly if your policy disables the admin-writeable check with the **Disabled:Runtime FilePath Rule Protection** option. In this example, both of these hypothetical paths would match: <br> *`C:\WINDOWS\CCMCACHE\12345\7zabcd-x64.exe`* <br> *`C:\USERS\WDACUSER\Downloads\Malware\CCMCACHE\Pwned\7zhaha-x64.exe`* | Windows 11 only |
+| **C:\\\*\\CCMCACHE\\\*\\7z????-x64.exe** <br> **%OSDRIVE%\\\*\\CCMCACHE\\\*\\7z????-x64.exe** | Wildcards used in the middle of a path allow all files that match that pattern. Consider carefully all the possible matches, particularly if your policy disables the admin-writeable check with the **Disabled:Runtime FilePath Rule Protection** option. In this example, both of these hypothetical paths would match: <br> *`C:\WINDOWS\CCMCACHE\12345\7zabcd-x64.exe`* <br> *`C:\USERS\AppControlUSER\Downloads\Malware\CCMCACHE\Pwned\7zhaha-x64.exe`* | Windows 11 only |
 
 Without a wildcard, the filepath rule allows only a specific file (ex. `C:\foo\bar.exe`).
 
 > [!NOTE]
-> When authoring WDAC policies with Configuration Manager, there is an option to create rules for specified files and folders. These rules **aren't** WDAC filepath rules. Rather, Configuration Manager performs a one-time scan of the specified files and folders and builds rules for any binaries found in those locations at the time of that scan. File changes to those specified files and folders after that scan won't be allowed unless the Configuration Manager policy is reapplied.
+> When authoring App Control policies with Configuration Manager, there is an option to create rules for specified files and folders. These rules **aren't** App Control filepath rules. Rather, Configuration Manager performs a one-time scan of the specified files and folders and builds rules for any binaries found in those locations at the time of that scan. File changes to those specified files and folders after that scan won't be allowed unless the Configuration Manager policy is reapplied.
 
 ## More information about hashes
 
-WDAC uses the [Authenticode/PE image hash algorithm](https://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Authenticode_PE.docx) when calculating the hash of a file. Unlike the more commonly known [flat file hash](/powershell/module/microsoft.powershell.utility/get-filehash), the Authenticode hash calculation omits the file's checksum, the Certificate Table, and the Attribute Certificate Table. Therefore, the Authenticode hash of a file doesn't change when the file's signatures and timestamps are altered, or when a digital signature is removed from the file. With the help of the Authenticode hash, WDAC provides added security and less management overhead so customers don't need to revise the policy hash rules when the digital signature on the file is updated.
+App Control uses the [Authenticode/PE image hash algorithm](https://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Authenticode_PE.docx) when calculating the hash of a file. Unlike the more commonly known [flat file hash](/powershell/module/microsoft.powershell.utility/get-filehash), the Authenticode hash calculation omits the file's checksum, the Certificate Table, and the Attribute Certificate Table. Therefore, the Authenticode hash of a file doesn't change when the file's signatures and timestamps are altered, or when a digital signature is removed from the file. With the help of the Authenticode hash, App Control provides added security and less management overhead so customers don't need to revise the policy hash rules when the digital signature on the file is updated.
 
 The Authenticode/PE image hash can be calculated for digitally signed and unsigned files.
 
 ### Why does scan create four hash rules per XML file?
 
 The PowerShell cmdlet produces an Authenticode Sha1 Hash, Sha256 Hash, Sha1 Page Hash, Sha256 Page Hash.
-During validation, WDAC selects which hashes are calculated based on how the file is signed and the scenario in which the file is used.  For example, if the file is page-hash signed, WDAC validates each page of the file and avoids loading the entire file in memory to calculate the full sha256 authenticode hash.
+During validation, App Control selects which hashes are calculated based on how the file is signed and the scenario in which the file is used.  For example, if the file is page-hash signed, App Control validates each page of the file and avoids loading the entire file in memory to calculate the full sha256 authenticode hash.
 
-In the cmdlets, rather than try to predict which hash will be used, we precalculate and use the four hashes (sha1/sha2 authenticode, and sha1/sha2 of first page).  This method is also resilient to changes in how the file is signed since your WDAC policy has more than one hash available for the file already.
+In the cmdlets, rather than try to predict which hash will be used, we precalculate and use the four hashes (sha1/sha2 authenticode, and sha1/sha2 of first page).  This method is also resilient to changes in how the file is signed since your App Control policy has more than one hash available for the file already.
 
 ### Why does scan create eight hash rules for certain files?
 
 Separate rules are created for UMCI and KMCI. If the cmdlets can't determine that a file only runs in user-mode or in the kernel, then rules are created for both signing scenarios out of an abundance of caution. If you know that a particular file only loads in either user-mode or kernel, then you can safely remove the extra rules.
 
-### When does WDAC use the flat file hash value?
+### When does App Control use the flat file hash value?
 
-There are some rare cases where a file's format doesn't conform to the Authenticode spec and so WDAC falls back to use the flat file hash. This behavior can occur for many reasons, such as if changes are made to the in-memory version of the file at runtime. In such cases, you'll see that the hash shown in the correlated 3089 signature information event matches the flat file hash from the 3076/3077 block event. To create rules for files with an invalid format, you can add hash rules to the policy for the flat file hash using the WDAC Wizard or by editing the policy XML directly.
+There are some rare cases where a file's format doesn't conform to the Authenticode spec and so App Control falls back to use the flat file hash. This behavior can occur for many reasons, such as if changes are made to the in-memory version of the file at runtime. In such cases, you'll see that the hash shown in the correlated 3089 signature information event matches the flat file hash from the 3076/3077 block event. To create rules for files with an invalid format, you can add hash rules to the policy for the flat file hash using the App Control Wizard or by editing the policy XML directly.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md
similarity index 53%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md
rename to windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md
index abaeda5f34..f808763724 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md
@@ -1,21 +1,20 @@
 ---
-title: Understand Windows Defender Application Control policy design decisions
-description: Understand Windows Defender Application Control policy design decisions.
+title: Understand App Control for Business policy design decisions
+description: Understand App Control for Business policy design decisions.
 ms.localizationpriority: medium
-ms.date: 02/08/2018
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
-# Understand Windows Defender Application Control policy design decisions
+# Understand App Control for Business policy design decisions
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This article is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning application control policies deployment using Windows Defender Application Control (WDAC), within a Windows operating system environment.
+This article is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning App Control policies deployment using App Control for Business, within a Windows operating system environment.
 
-When you begin the design and planning process, you should consider the ramifications of your design choices. The resulting decisions will affect your policy deployment scheme and subsequent application control policy maintenance.
+When you begin the design and planning process, you should consider the ramifications of your design choices. The resulting decisions will affect your policy deployment scheme and subsequent App Control policy maintenance.
 
-You should consider using Windows Defender Application Control as part of your organization's application control policies if the following are true:
+You should consider using App Control for Business as part of your organization's App Control policies if the following are true:
 
 -   You have deployed or plan to deploy the supported versions of Windows in your organization.
 -   You need improved control over the access to your organization's applications and the data your users access.
@@ -26,28 +25,28 @@ You should consider using Windows Defender Application Control as part of your o
 
 ## Decide what policies to create
 
-Beginning with Windows 10, version 1903, Windows Defender Application Control allows [multiple simultaneous policies](deploy-multiple-wdac-policies.md) to be applied to each device. This concurrent application opens up many new use cases for organizations, but your policy management can easily become unwieldy without a well-thought-out plan for the number and types of policies to create.
+Beginning with Windows 10, version 1903, App Control for Business allows [multiple simultaneous policies](deploy-multiple-appcontrol-policies.md) to be applied to each device. This concurrent application opens up many new use cases for organizations, but your policy management can easily become unwieldy without a well-thought-out plan for the number and types of policies to create.
 
-The first step is to define the desired "circle-of-trust" for your WDAC policies. By "circle-of-trust," we mean a description of the business intent of the policy expressed in natural language. This "circle-of-trust" definition will guide you as you create the actual policy rules for your policy XML.
+The first step is to define the desired "circle-of-trust" for your App Control policies. By "circle-of-trust," we mean a description of the business intent of the policy expressed in natural language. This "circle-of-trust" definition will guide you as you create the actual policy rules for your policy XML.
 
 For example, the DefaultWindows policy, which can be found under %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies, establishes a "circle-of-trust" that allows Windows, 3rd-party hardware and software kernel drivers, and applications from the Microsoft Store.
 
-Configuration Manager uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator, which adds rules for any apps found in the specified paths on the managed endpoint. This process establishes the "circle-of-trust" for Configuration Manager's native WDAC integration.
+Configuration Manager uses the DefaultWindows policy as the basis for its policy but then modifies the policy rules to allow Configuration Manager and its dependencies, sets the managed installer policy rule, and additionally configures Configuration Manager as a managed installer. It also can optionally authorize apps with positive reputation and perform a one-time scan of folder paths specified by the Configuration Manager administrator, which adds rules for any apps found in the specified paths on the managed endpoint. This process establishes the "circle-of-trust" for Configuration Manager's native App Control integration.
 
-The following questions can help you plan your Windows Defender Application Control deployment and determine the right "circle-of-trust" for your policies. They aren't in priority or sequential order, and aren't meant to be an exhaustive set of design considerations.
+The following questions can help you plan your App Control for Business deployment and determine the right "circle-of-trust" for your policies. They aren't in priority or sequential order, and aren't meant to be an exhaustive set of design considerations.
 
-## WDAC design considerations
+## App Control design considerations
 
 ### How are apps managed and deployed in your organization?
 
-Organizations with well-defined, centrally managed app management and deployment processes can create more restrictive, more secure policies. Other organizations may be able to deploy Windows Defender Application Control with more relaxed rules, or may choose to deploy WDAC in audit mode to gain better visibility to the apps being used in their organization.
+Organizations with well-defined, centrally managed app management and deployment processes can create more restrictive, more secure policies. Other organizations may be able to deploy App Control for Business with more relaxed rules, or may choose to deploy App Control in audit mode to gain better visibility to the apps being used in their organization.
 
 | Possible answers | Design considerations|
 | - | - |
-| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. Windows Defender Application Control options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. |
-| Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-wdac-policies.md) can be used to allow team-specific exceptions to your core organization-wide Windows Defender Application Control policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. |
-| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | Windows Defender Application Control can integrate with Microsoft's [Intelligent Security Graph](use-wdac-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. |
-| Users and teams are free to download and install apps without restriction. | Windows Defender Application Control policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.|
+| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for App Control. App Control for Business options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. |
+| Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-appcontrol-policies.md) can be used to allow team-specific exceptions to your core organization-wide App Control for Business policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. |
+| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | App Control for Business can integrate with Microsoft's [Intelligent Security Graph](use-appcontrol-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. |
+| Users and teams are free to download and install apps without restriction. | App Control for Business policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.|
 
 ### Are internally developed line-of-business (LOB) apps and apps developed by third-party companies digitally signed?
 
@@ -55,17 +54,17 @@ Traditional Win32 apps on Windows can run without being digitally signed. This p
 
 | Possible answers | Design considerations |
 | - | - |
-| All apps used in your organization must be signed. | Organizations that enforce [codesigning](../deployment/use-code-signing-for-better-control-and-protection.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. Windows Defender Application Control rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). |
-| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can  [use built-in Windows tools](../deployment/deploy-catalog-files-to-support-wdac.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. |
+| All apps used in your organization must be signed. | Organizations that enforce [codesigning](../deployment/use-code-signing-for-better-control-and-protection.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. App Control for Business rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). |
+| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can  [use built-in Windows tools](../deployment/deploy-catalog-files-to-support-appcontrol.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. |
 
-### Are there specific groups in your organization that need customized application control policies?
+### Are there specific groups in your organization that need customized App Control policies?
 
-Most business teams or departments have specific security requirements that pertain to data access and the applications used to access that data. Consider the scope of the project for each group and the group's priorities before you deploy application control policies for the entire organization. There's overhead in managing policies that might lead you to choose between broad, organization-wide policies and multiple team-specific policies.
+Most business teams or departments have specific security requirements that pertain to data access and the applications used to access that data. Consider the scope of the project for each group and the group's priorities before you deploy App Control policies for the entire organization. There's overhead in managing policies that might lead you to choose between broad, organization-wide policies and multiple team-specific policies.
 
 | Possible answers | Design considerations |
 | - | - |
-| Yes | WDAC policies can be created unique per team, or team-specific supplemental policies can be used to expand what is allowed by a common, centrally defined base policy.|
-| No | WDAC policies can be applied globally to applications that are installed on PCs running Windows 10 and Windows 11. Depending on the number of apps you need to control, managing all the rules and exceptions might be challenging.|
+| Yes | App Control policies can be created unique per team, or team-specific supplemental policies can be used to expand what is allowed by a common, centrally defined base policy.|
+| No | App Control policies can be applied globally to applications that are installed on PCs running Windows 10 and Windows 11. Depending on the number of apps you need to control, managing all the rules and exceptions might be challenging.|
 
 ### Does your IT department have resources to analyze application usage, and to design and manage the policies?
 
@@ -73,7 +72,7 @@ The time and resources that are available to you to perform the research and ana
 
 | Possible answers | Design considerations |
 | - | - |
-| Yes | Invest the time to analyze your organization's application control requirements, and plan a complete deployment that uses rules that are constructed as possible.|
+| Yes | Invest the time to analyze your organization's App Control requirements, and plan a complete deployment that uses rules that are constructed as possible.|
 | No | Consider a focused and phased deployment for specific groups by using few rules. As you apply controls to applications in a specific group, learn from that deployment to plan your next deployment. Alternatively, you can create a policy with a broad trust profile to authorize as many apps as possible. |
 
 ### Does your organization have Help Desk support?
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md b/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md
new file mode 100644
index 0000000000..995deda446
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md
@@ -0,0 +1,72 @@
+---
+title: Understanding App Control for Business secure settings
+description: Learn about secure settings in App Control for Business.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: conceptual
+---
+
+# Understanding App Control Policy Settings
+
+App Control for Business policies expose a Settings section where policy authors can define arbitrary secure settings. Secure Settings provide local admin tamper-free settings for secure boot enabled systems, with policy signing enabled. Settings consist of a Provider, Key, ValueName, and a setting value. Setting values can be of type boolean, ulong, binary, and string. Applications can query for policy settings using WldpQuerySecurityPolicy.
+
+An example settings section of an App Control for Business policy:
+
+```xml
+<Settings>
+  <Setting Provider="Contoso" Key="FooApplication" ValueName="DisableMacroExecution">
+    <Value>
+      <Boolean>true</Boolean>
+    </Value>
+  </Setting>
+</Settings>
+```
+
+## Example Scenario
+
+An application that may want to restrict its capabilities, when used on a system with an active App Control for Business policy. Application authors can define an App Control policy, setting their application queries, in order to disable certain features. For example, if Contoso's Foo Application wants to disable a risky feature, such as macro execution, they can define an App Control policy setting, and query for it at runtime. Contoso can then instruct IT administrators to configure the setting in their App Control policy, if they don't want Foo Application to execute macros on a system with an App Control policy.
+
+## WldpQuerySecurityPolicy
+
+API that queries the secure settings of an App Control for Business policy.
+
+### Syntax
+
+``` C++
+HRESULT WINAPI WldpQuerySecurityPolicy(
+    _In_ const UNICODE_STRING * Provider,
+    _In_ const UNICODE_STRING * Key,
+    _In_ const UNICODE_STRING * ValueName,
+    _Out_ PWLDP_SECURE_SETTING_VALUE_TYPE ValueType,
+    _Out_writes_bytes_opt_(*ValueSize) PVOID Value,
+    _Inout_ PULONG ValueSize)
+```
+
+### Parameters
+
+Provider [in]
+Setting Provider name.
+
+#### Key [in]
+
+Key name of the Key-Value pair under Setting Provider "Provider".
+
+#### ValueName [in]
+
+The value name of the "Key-Value" pair.
+
+#### ValueType [in, out]
+
+Pointer to receive the value type.
+
+#### Value [in, out]
+
+Pointer to a buffer to receive the value. The buffer should be of size "ValueSize". If this value is NULL, this function returns the required buffer size for Value.
+
+#### ValueSize [in, out]
+
+On input, it indicates the buffer size of "Value". On successful return, it indicates the size of data written to Value buffer.
+
+#### Return Value
+
+This method returns S_OK if successful or a failure code otherwise.
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md
new file mode 100644
index 0000000000..d6fdc8e670
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md
@@ -0,0 +1,32 @@
+---
+title: Use an App Control for Business policy to control specific plug-ins, add-ins, and modules
+description: App Control policies can be used not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# Use an App Control for Business policy to control specific plug-ins, add-ins, and modules
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+You can use App Control for Business policies to control applications and also to control whether specific plug-ins, add-ins, and modules can run from specific apps (such as a line-of-business application or a browser):
+
+| Approach | Guideline |
+|---|---|
+| You can work from a list of plug-ins, add-ins, or modules that you want only a specific application to be able to run. Other applications would be blocked from running them. | Use `New-CIPolicyRule` with the `-AppID` option. |
+| In addition, you can work  from a list of plug-ins, add-ins, or modules that you want to block in a specific application. Other applications would be allowed to run them. | Use `New-CIPolicyRule` with the `-AppID` and `-Deny` options. |
+
+For example, to add rules to an App Control policy called "Lamna_FullyManagedClients_Audit.xml" that allow **addin1.dll** and **addin2.dll** to be run by **ERP1.exe**, Lamna's enterprise resource planning (ERP) application, run the following commands. In the second command, **+=** is used to add a second rule to the **$rule** variable:
+
+```powershell
+$rule = New-CIPolicyRule -DriverFilePath '.\temp\addin1.dll' -Level FileName -AppID '.\ERP1.exe'
+$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin2.dll' -Level FileName -AppID '.\ERP1.exe'
+```
+
+As another example, to create an App Control for Business policy that blocks **addin3.dll** from running in Microsoft Word, run the following command. You must include the `-Deny` option to block the specified add-ins in the specified application. Once you have all the rules you want, you can merge them into an existing App Control policy using the Merge-CIPolicy cmdlet as shown here:
+
+```powershell
+$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin3.dll' -Level FileName -Deny -AppID '.\winword.exe'
+Merge-CIPolicy -OutputFilePath .\Lamna_FullyManagedClients_Audit.xml -PolicyPaths .\Lamna_FullyManagedClients_Audit.xml -Rules $rule
+```
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md
new file mode 100644
index 0000000000..14ebfd9259
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md
@@ -0,0 +1,96 @@
+---
+title: Authorize reputable apps with the Intelligent Security Graph (ISG)
+description: Automatically authorize applications that Microsoft's ISG recognizes as having known good reputation.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# Authorize reputable apps with the Intelligent Security Graph (ISG)
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+App Control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective App Control policy.
+
+To reduce end-user friction and helpdesk calls, you can set App Control for Business to automatically allow applications that Microsoft's Intelligent Security Graph (ISG) recognizes as having known good reputation. The ISG option helps organizations begin to implement App Control even when the organization has limited control over their app ecosystem. To learn more about the ISG, see the Security section in [Major services and features in Microsoft Graph](/graph/overview-major-services).
+
+> [!WARNING]
+> Binaries that are critical to boot the system must be allowed using explicit rules in your App Control policy. Do not rely on the ISG to authorize these files.
+>
+> The ISG option is not the recommended way to allow apps that are business critical. You should always authorize business critical apps using explicit allow rules or by installing them with a [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md).
+
+## How does App Control work with the ISG?
+
+The ISG isn't a "list" of apps. Rather, it uses the same vast security intelligence and machine learning analytics that power Microsoft Defender SmartScreen and Microsoft Defender Antivirus to help classify applications as having "known good", "known bad", or "unknown" reputation. This cloud-based AI is based on trillions of signals collected from Windows endpoints and other data sources, and processed every 24 hours. As a result, the decision from the cloud can change.
+
+App Control only checks the ISG for binaries that aren't explicitly allowed or denied by your policy, and that weren't installed by a managed installer. When such a binary runs on a system with App Control enabled with the ISG option, App Control will check the file's reputation by sending its hash and signing information to the cloud. If the ISG reports that the file has a "known good" reputation, then the file will be allowed to run. Otherwise, it will be blocked by App Control.
+
+If the file with good reputation is an application installer, the installer's reputation will pass along to any files that it writes to disk. This way, all the files needed to install and run an app inherit the positive reputation data from the installer. Files authorized based on the installer's reputation will have the $KERNEL.SMARTLOCKER.ORIGINCLAIM kernel Extended Attribute (EA) written to the file.
+
+App Control periodically requeries the reputation data on a file. Additionally, enterprises can specify that any cached reputation results are flushed on reboot by using the **Enabled:Invalidate EAs on Reboot** option.
+
+## Configuring ISG authorization for your App Control policy
+
+Setting up the ISG is easy using any management solution you wish. Configuring the ISG option involves these basic steps:
+
+- [Ensure that the **Enabled:Intelligent Security Graph authorization** option is set in the App Control policy XML](#ensure-that-the-isg-option-is-set-in-the-app-control-policy-xml)
+- [Enable the necessary services to allow App Control to use the ISG correctly on the client](#enable-the-necessary-services-to-allow-app-control-to-use-the-isg-correctly-on-the-client)
+
+### Ensure that the ISG option is set in the App Control policy XML
+
+To allow apps and binaries based on the Microsoft Intelligent Security Graph, the **Enabled:Intelligent Security Graph authorization** option must be specified in the App Control policy. This step can be done with the Set-RuleOption cmdlet. You should also set the **Enabled:Invalidate EAs on Reboot** option so that ISG results are verified again after each reboot. The ISG option isn't recommended for devices that don't have regular access to the internet. The following example shows both options set.
+
+```xml
+<Rules>
+    <Rule>
+      <Option>Enabled:Unsigned System Integrity Policy</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Advanced Boot Options Menu</Option>
+    </Rule>
+    <Rule>
+      <Option>Required:Enforce Store Applications</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:UMCI</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Managed Installer</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Intelligent Security Graph Authorization</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Invalidate EAs on Reboot</Option>
+    </Rule>
+</Rules>
+```
+
+### Enable the necessary services to allow App Control to use the ISG correctly on the client
+
+In order for the heuristics used by the ISG to function properly, other components in Windows must be enabled. You can configure these components by running the appidtel executable in `c:\windows\system32`.
+
+```console
+appidtel start
+```
+
+This step isn't required for App Control policies deployed over MDM, as the CSP will enable the necessary components. This step is also not required when the ISG is configured using Configuration Manager's App Control integration.
+
+## Security considerations with the ISG option
+
+Since the ISG is a heuristic-based mechanism, it doesn't provide the same security guarantees as explicit allow or deny rules. It's best suited where users operate with standard user rights and where a security monitoring solution like Microsoft Defender for Endpoint is used.
+
+Processes running with kernel privileges can circumvent App Control by setting the ISG extended file attribute to make a binary appear to have known good reputation.
+
+Also, since the ISG option passes along reputation from app installers to the binaries they write to disk, it can over-authorize files in some cases. For example, if the installer launches the app upon completion, any files the app writes during that first run will also be allowed.
+
+## Known limitations with using the ISG
+
+Since the ISG only allows binaries that are "known good", there are cases where the ISG may be unable to predict whether legitimate software is safe to run. If that happens, the software will be blocked by App Control. In this case, you need to allow the software with a rule in your App Control policy, deploy a catalog signed by a certificate trusted in the App Control policy, or install the software from an App Control managed installer. Installers or applications that dynamically create binaries at runtime, and self-updating applications, may exhibit this symptom.
+
+Packaged apps aren't supported with the ISG and will need to be separately authorized in your App Control policy. Since packaged apps have a strong app identity and must be signed, it's straightforward to [authorize packaged apps](manage-packaged-apps-with-appcontrol.md) with your App Control policy.
+
+The ISG doesn't authorize kernel mode drivers. The App Control policy must have rules that allow the necessary drivers to run.
+
+> [!NOTE]
+> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in App Control support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using App Control will need to deploy a custom App Control policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-app-control-policies-with-custom-oma-uri).
diff --git a/windows/security/application-security/application-control/app-control-for-business/feature-availability.md b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md
new file mode 100644
index 0000000000..378c52a9d2
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md
@@ -0,0 +1,30 @@
+---
+title: App Control for Business feature availability
+description: Compare App Control for Business and AppLocker feature availability.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: overview
+---
+
+# App Control for Business and AppLocker feature availability
+
+> [!NOTE]
+> Some capabilities of App Control for Business are only available on specific Windows versions. Review the following table to learn more.
+
+| Capability  | App Control for Business | AppLocker   |
+|-------------|------|-------------|
+| Platform support    | Available on Windows 10, Windows 11, and Windows Server 2016 or later.  | Available on Windows 8 or later.   |
+| Edition availability     | Available on Windows 10, Windows 11, and Windows Server 2016 or later. <br> App Control PowerShell cmdlets aren't available on Home edition, but policies are effective on all editions. | Policies are supported on all editions Windows 10 version 2004 and newer with [KB 5024351](https://support.microsoft.com/help/5024351).<br><br>Windows versions older than version 2004, including Windows Server 2019:<br><ul><li>Policies deployed through GP are only supported on Enterprise and Server editions.</li><li>Policies deployed through MDM are supported on all editions.</li></ul>|
+| Management solutions   | <ul><li>[Intune](deployment/deploy-appcontrol-policies-using-intune.md)</li><li>[Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)</li><li>[Group policy](deployment/deploy-appcontrol-policies-using-group-policy.md) </li><li>[Script](deployment/deploy-appcontrol-policies-with-script.md)</li></ul>  | <ul><li>[Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)</li><li>Configuration Manager (custom policy deployment via software distribution only)</li><li>[Group Policy](applocker/determine-group-policy-structure-and-rule-enforcement.md)</li><li>PowerShell</li><ul> |
+| Per-user and Per-user group rules | Not available (policies are device-wide).  | Available on Windows 8+.  |
+| Kernel mode policies  | Available on Windows 10, Windows 11, and Windows Server 2016 or later. | Not available. |
+| [Rule option 11 - Disabled:Script Enforcement](design/script-enforcement.md)  | Available on all versions of Windows 10 except 1607 LTSB, Windows 11, and Windows Server 2019 and above. **Disabled:Script Enforcement** isn't supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and shouldn't be used on those platforms. Doing so results in unexpected script enforcement behaviors. | MSI and Script rule collection is separately configurable. |
+| [Per-app rules](design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md)  | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Not available. |
+| [Managed Installer (MI)](design/configure-authorized-apps-deployed-with-a-managed-installer.md)  | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
+| [Reputation-Based intelligence](design/use-appcontrol-with-intelligent-security-graph.md)     | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Not available. |
+| [Multiple policy support](design/deploy-multiple-appcontrol-policies.md) | Available on Windows 10, version 1903 and above, Windows 11, and Windows Server 2022.  | Not available.  |
+| [Path-based rules](design/select-types-of-rules-to-create.md) | Available on Windows 10, version 1903 and above, Windows 11, and Windows Server 2022 or later. Exclusions aren't supported. Runtime user-writeability checks enforced by default.  | Available on Windows 8+. Exclusions are supported. No runtime user-writeability check. |
+| [COM object allowlisting](design/allow-com-object-registration-in-appcontrol-policy.md) | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
+| [Packaged app rules](design/manage-packaged-apps-with-appcontrol.md) | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Available on Windows 8+. |
+| Enforceable file types | <ul><li>Driver files: .sys</li><li>Executable files: .exe and .com</li><li>DLLs: .dll, .rll and .ocx</li><li>Windows Installer files: .msi, .mst, and .msp</li><li>Scripts: .ps1, .vbs, and .js</li><li>Packaged apps and packaged app installers: .appx</li></ul>| <ul><li>Executable files: .exe and .com</li><li>[Optional] DLLs: .dll, .rll and .ocx</li><li>Windows Installer files: .msi, .mst, and .msp</li><li>Scripts: .ps1, .bat, .cmd, .vbs, and .js</li><li>Packaged apps and packaged app installers: .appx</li></ul>|
+| [Application ID (AppId) Tagging](AppIdTagging/appcontrol-appid-tagging-guide.md) | Available on Windows 10, version 20H1 and later, and Windows 11. | Not available. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-edit-gp.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-edit-gp.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-edit-gp.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-edit-gp.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-intune-custom-oma-uri.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-intune-custom-oma-uri.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-confirm-base-policy-modification.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-confirm-base-policy-modification.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-confirm-base-policy-modification.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-confirm-base-policy-modification.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-file-attribute-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-file-attribute-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-file-attribute-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-file-attribute-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-manual-pfn-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-manual-pfn-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-manual-pfn-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-manual-pfn-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-pfn-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-pfn-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-pfn-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-pfn-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-publisher-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-publisher-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-publisher-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-publisher-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-policy-rules.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-policy-rules.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-policy-rules.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-policy-rules.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-remove-file-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-remove-file-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-remove-file-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-remove-file-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files-expanded.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files-expanded.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files-expanded.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export-expanded.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export-expanded.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export-expanded.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing-expanded.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system-expanded.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system-expanded.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system-expanded.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation-expanded.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation-expanded.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation-expanded.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-merge.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-merge.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-merge.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-merge.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI-advanced-collapsed.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI-advanced-collapsed.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-expandable.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-expandable.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-expandable.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-expandable.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-not-base.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-not-base.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-not-base.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-not-base.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-policy-rule-options-UI.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-policy-rule-options-UI.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-policy-rule-options-UI.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-policy-rule-options-UI.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-template-selection.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-template-selection.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-template-selection.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-template-selection.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-1.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-1.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-1.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-1.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-2.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-2.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-2.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-2.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-task-mgr.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-task-mgr.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-task-mgr.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-task-mgr.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg-token.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg-token.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg-token.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg-token.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg.png
rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/bit-toggling-keyboard-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/bit-toggling-keyboard-icon.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/bit-toggling-keyboard-icon.png
rename to windows/security/application-security/application-control/app-control-for-business/images/bit-toggling-keyboard-icon.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/calculator-menu-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/calculator-menu-icon.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/calculator-menu-icon.png
rename to windows/security/application-security/application-control/app-control-for-business/images/calculator-menu-icon.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/calculator-with-hex-in-binary.png b/windows/security/application-security/application-control/app-control-for-business/images/calculator-with-hex-in-binary.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/calculator-with-hex-in-binary.png
rename to windows/security/application-security/application-control/app-control-for-business/images/calculator-with-hex-in-binary.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig12-verifysigning.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig12-verifysigning.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig12-verifysigning.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig12-verifysigning.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig13-createnewgpo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig13-createnewgpo.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig13-createnewgpo.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig13-createnewgpo.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig14-createnewfile.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig14-createnewfile.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig14-createnewfile.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig14-createnewfile.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig15-setnewfileprops.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig15-setnewfileprops.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig15-setnewfileprops.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig15-setnewfileprops.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig16-specifyinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig16-specifyinfo.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig16-specifyinfo.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig16-specifyinfo.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig17-specifyinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig17-specifyinfo.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig17-specifyinfo.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig17-specifyinfo.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig18-specifyux.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig18-specifyux.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig18-specifyux.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig18-specifyux.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig19-customsettings.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig19-customsettings.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig19-customsettings.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig19-customsettings.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig20-setsoftwareinv.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig20-setsoftwareinv.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig20-setsoftwareinv.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig20-setsoftwareinv.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig21-pathproperties.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig21-pathproperties.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig21-pathproperties.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig21-pathproperties.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig23-exceptionstocode.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig23-exceptionstocode.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig23-exceptionstocode.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig23-exceptionstocode.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig24-creategpo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig24-creategpo.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig24-creategpo.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig24-creategpo.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig26-enablecode.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig26-enablecode.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig26-enablecode.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig26-enablecode.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig27-managecerttemp.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig27-managecerttemp.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig27-managecerttemp.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig27-managecerttemp.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig29-enableconstraints.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig29-enableconstraints.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig29-enableconstraints.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig29-enableconstraints.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig30-selectnewcert.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig30-selectnewcert.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig30-selectnewcert.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig30-selectnewcert.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig31-getmoreinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig31-getmoreinfo.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig31-getmoreinfo.png
rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig31-getmoreinfo.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3077.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3077.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3077.png
rename to windows/security/application-security/application-control/app-control-for-business/images/event-3077.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3089.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3089.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3089.png
rename to windows/security/application-security/application-control/app-control-for-business/images/event-3089.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3099-options.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3099-options.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3099-options.png
rename to windows/security/application-security/application-control/app-control-for-business/images/event-3099-options.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/hex-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/hex-icon.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/hex-icon.png
rename to windows/security/application-security/application-control/app-control-for-business/images/hex-icon.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule-xml.png b/windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule-xml.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule-xml.png
rename to windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule-xml.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule.png
rename to windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule.png
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-confirm-wdac-rule.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-confirm-appcontrol-rule.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-confirm-wdac-rule.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-confirm-appcontrol-rule.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy-2.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy-2.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy-2.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-2.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-2.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-2.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-3.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-3.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-3.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-3.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-2.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-2.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-2.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-3.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-3.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-3.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-3.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-4.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-4.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-4.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-4.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol.jpg
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac.jpg
rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol.jpg
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/policyflow.png b/windows/security/application-security/application-control/app-control-for-business/images/policyflow.png
similarity index 100%
rename from windows/security/application-security/application-control/windows-defender-application-control/images/policyflow.png
rename to windows/security/application-security/application-control/app-control-for-business/images/policyflow.png
diff --git a/windows/security/application-security/application-control/app-control-for-business/includes/feature-availability-note.md b/windows/security/application-security/application-control/app-control-for-business/includes/feature-availability-note.md
new file mode 100644
index 0000000000..52d0be397b
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/includes/feature-availability-note.md
@@ -0,0 +1,9 @@
+---
+author: vinaypamnani-msft
+ms.author: vinpa
+ms.topic: include
+ms.date: 09/11/2024
+---
+
+> [!NOTE]
+> Some capabilities of App Control for Business are only available on specific Windows versions. Learn more about [App Control feature availability](../feature-availability.md).
\ No newline at end of file
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml
similarity index 51%
rename from windows/security/application-security/application-control/windows-defender-application-control/index.yml
rename to windows/security/application-security/application-control/app-control-for-business/index.yml
index 04252abe74..576efefff8 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/index.yml
+++ b/windows/security/application-security/application-control/app-control-for-business/index.yml
@@ -3,12 +3,12 @@
 title: Application Control for Windows
 metadata:
   title: Application Control for Windows
-  description: Landing page for Windows Defender Application Control
+  description: Landing page for App Control for Business
   ms.topic: landing-page
   author: vinaypamnani-msft
   ms.author: vinpa
   manager: aaroncz
-  ms.date: 08/14/2024
+  ms.date: 09/11/2024
 # linkListType: overview | how-to-guide | tutorial | video
 landingContent:
 # Cards and links should be based on top customer tasks or top subjects
@@ -19,45 +19,43 @@ landingContent:
       - linkListType: overview
         links:
           - text: What is Application Control?
-            url: wdac.md
-          - text: What is Windows Defender Application Control (WDAC)?
-            url: wdac-and-applocker-overview.md
+            url: appcontrol.md
           - text: What is AppLocker?
             url: applocker\applocker-overview.md
-          - text: WDAC and AppLocker feature availability
-            url: feature-availability.md
+          - text: App Control and AppLocker overview
+            url: appcontrol-and-applocker-overview.md
   # Card
   - title: Learn about Policy Design
     linkLists:
       - linkListType: overview
         links:
-          - text: Using code signing to simplify application control
+          - text: Using code signing to simplify app control
             url: deployment/use-code-signing-for-better-control-and-protection.md
-          - text: Applications that can bypass WDAC and how to block them
-            url: design/applications-that-can-bypass-wdac.md
+          - text: Applications that can bypass App Control and how to block them
+            url: design/applications-that-can-bypass-appcontrol.md
           - text: Microsoft's Recommended Driver Blocklist
             url: design/microsoft-recommended-driver-block-rules.md
-          - text: Example WDAC policies
-            url: design/example-wdac-base-policies.md
+          - text: Example App Control policies
+            url: design/example-appcontrol-base-policies.md
           - text: Managing multiple policies
-            url: design/deploy-multiple-wdac-policies.md
+            url: design/deploy-multiple-appcontrol-policies.md
       - linkListType: how-to-guide
         links:
-          - text: Create a WDAC policy for a lightly managed device
-            url: design/create-wdac-policy-for-lightly-managed-devices.md
-          - text: Create a WDAC policy for a fully managed device
-            url: design/create-wdac-policy-for-fully-managed-devices.md
-          - text: Create a WDAC policy for a fixed-workload
-            url: design/create-wdac-policy-using-reference-computer.md
-          - text: Create a WDAC blocklist policy
-            url: design/create-wdac-deny-policy.md
-          - text: Deploying catalog files for WDAC management
-            url: deployment/deploy-catalog-files-to-support-wdac.md
-          - text: Using the WDAC Wizard
-            url: design/wdac-wizard.md
+          - text: Create an App Control policy for a lightly managed device
+            url: design/create-appcontrol-policy-for-lightly-managed-devices.md
+          - text: Create an App Control policy for a fully managed device
+            url: design/create-appcontrol-policy-for-fully-managed-devices.md
+          - text: Create an App Control policy for a fixed-workload
+            url: design/create-appcontrol-policy-using-reference-computer.md
+          - text: Create an App Control blocklist policy
+            url: design/create-appcontrol-deny-policy.md
+          - text: Deploying catalog files for App Control management
+            url: deployment/deploy-catalog-files-to-support-appcontrol.md
+          - text: Using the App Control Wizard
+            url: design/appcontrol-wizard.md
       #- linkListType: Tutorial (videos)
       #  links:
-      #    - text: Using the WDAC Wizard
+      #    - text: Using the App Control Wizard
       #      url:  video md
       #    - text: Specifying custom values
       #      url:  video md
@@ -68,50 +66,50 @@ landingContent:
         links:
           - text: Understanding policy and file rules
             url: design/select-types-of-rules-to-create.md
-          - text: Understanding WDAC secure settings
-            url: design/understanding-wdac-policy-settings.md
+          - text: Understanding App Control secure settings
+            url: design/understanding-appcontrol-policy-settings.md
       - linkListType: how-to-guide
         links:
           - text: Allow managed installer and configure managed installer rules
             url: design/configure-authorized-apps-deployed-with-a-managed-installer.md
           - text: Allow reputable apps with ISG
-            url: design/use-wdac-with-intelligent-security-graph.md
+            url: design/use-appcontrol-with-intelligent-security-graph.md
           - text: Managed MSIX and Appx Packaged Apps
-            url: design/manage-packaged-apps-with-wdac.md
+            url: design/manage-packaged-apps-with-appcontrol.md
           - text: Allow com object registration
-            url: design/allow-com-object-registration-in-wdac-policy.md
+            url: design/allow-com-object-registration-in-appcontrol-policy.md
           - text: Manage plug-ins, add-ins, and modules
-            url: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+            url: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md
   # Card
-  - title: Learn how to deploy WDAC Policies
+  - title: Learn how to deploy App Control Policies
     linkLists:
       - linkListType: overview
         links:
           - text: Using signed policies to protect against tampering
-            url: deployment/use-signed-policies-to-protect-wdac-against-tampering.md
+            url: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md
           - text: Audit mode policies
-            url: deployment/audit-wdac-policies.md
+            url: deployment/audit-appcontrol-policies.md
           - text: Enforcement mode policies
-            url: deployment/enforce-wdac-policies.md
-          - text: Disabling WDAC policies
-            url: deployment/disable-wdac-policies.md
+            url: deployment/enforce-appcontrol-policies.md
+          - text: Disabling App Control policies
+            url: deployment/disable-appcontrol-policies.md
       - linkListType: tutorial
         links:
           - text: Deployment with MDM
-            url: deployment/deploy-wdac-policies-using-intune.md
+            url: deployment/deploy-appcontrol-policies-using-intune.md
           - text: Deployment with Configuration Manager
-            url: deployment/deploy-wdac-policies-with-memcm.md
+            url: deployment/deploy-appcontrol-policies-with-memcm.md
           - text: Deployment with script and refresh policy
-            url: deployment/deploy-wdac-policies-with-script.md
+            url: deployment/deploy-appcontrol-policies-with-script.md
           - text: Deployment with group policy
-            url: deployment/deploy-wdac-policies-using-group-policy.md
+            url: deployment/deploy-appcontrol-policies-using-group-policy.md
   # Card
-  - title: Learn how to troubleshoot and debug WDAC events
+  - title: Learn how to troubleshoot and debug App Control events
     linkLists:
       - linkListType: overview
         links:
           - text: Debugging and troubleshooting
-            url: operations/wdac-debugging-and-troubleshooting.md
+            url: operations/appcontrol-debugging-and-troubleshooting.md
           - text: Understanding event IDs
             url: operations/event-id-explanations.md
           - text: Understanding event Tags
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md
similarity index 60%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md
index dc6c98cb9b..d83c66d961 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md
@@ -1,24 +1,23 @@
 ---
-title: WDAC debugging and troubleshooting guide
-description: Learn how to debug and troubleshoot app and script failures when using WDAC
+title: App Control debugging and troubleshooting guide
+description: Learn how to debug and troubleshoot app and script failures when using App Control
 ms.topic: how-to
-ms.date: 04/06/2023
+ms.date: 09/11/2024
 ---
 
-# WDAC debugging and troubleshooting
+# App Control debugging and troubleshooting
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This article describes how to debug and troubleshoot app and script failures when using Windows Defender Application Control (WDAC).
+This article describes how to debug and troubleshoot app and script failures when using App Control for Business.
 
-## 1 - Gather WDAC diagnostic data
+## 1 - Gather App Control diagnostic data
 
-Before debugging and troubleshooting WDAC issues, you must collect information from a device exhibiting the problem behavior.
+Before debugging and troubleshooting App Control issues, you must collect information from a device exhibiting the problem behavior.
 
 Run the following commands from an elevated PowerShell window to collect the diagnostic information you may need:
 
-1. Gather general WDAC diagnostic data and copy it to %userprofile%\AppData\Local\Temp\DiagOutputDir\CiDiag:
+1. Gather general App Control diagnostic data and copy it to %userprofile%\AppData\Local\Temp\DiagOutputDir\CiDiag:
 
     ```powershell
     cidiag.exe /stop
@@ -26,9 +25,9 @@ Run the following commands from an elevated PowerShell window to collect the dia
 
     If CiDiag.exe isn't present in your version of Windows, gather this information manually:
 
-    - WDAC policy binaries from the [Windows and EFI system partitions](known-issues.md#wdac-policy-file-locations)
-    - [WDAC event logs](#core-wdac-event-logs)
-    - [AppLocker event logs](#core-wdac-event-logs)
+    - App Control policy binaries from the [Windows and EFI system partitions](known-issues.md#app-control-policy-file-locations)
+    - [App Control event logs](#core-app-control-event-logs)
+    - [AppLocker event logs](#core-app-control-event-logs)
     - [Other event logs that may contain useful information](#other-windows-event-logs-that-may-be-useful) from other Windows apps and services
 
 2. Save the device's System Information to the CiDiag folder:
@@ -37,7 +36,7 @@ Run the following commands from an elevated PowerShell window to collect the dia
     msinfo32.exe /report $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\SystemInformation.txt
     ```
 
-3. Use [CiTool.exe](citool-commands.md) to inventory the list of WDAC policies on the device. Skip this step if CiTool.exe isn't present in your version of Windows.
+3. Use [CiTool.exe](citool-commands.md) to inventory the list of App Control policies on the device. Skip this step if CiTool.exe isn't present in your version of Windows.
 
     ```powershell
     citool.exe -lp -json > $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\CiToolOutput.json
@@ -76,9 +75,9 @@ Run the following commands from an elevated PowerShell window to collect the dia
     sc.exe query appid > $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLockerServices.txt; sc.exe query appidsvc >> $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLockerServices.txt; sc.exe query applockerfltr >> $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLockerServices.txt
     ```
 
-### Core WDAC event logs
+### Core App Control event logs
 
-WDAC events are generated under two locations:
+App Control events are generated under two locations:
 
 - Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational
 - Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script
@@ -87,7 +86,7 @@ Within the CiDiag output directory, these event logs are called CIOperational.ev
 
 ### Other Windows event logs that may be useful
 
-Sometimes, you may be able to supplement the information contained in the core WDAC event logs with information found in these other event logs. CIDiag.exe doesn't collect the ones shown in *italics*.
+Sometimes, you may be able to supplement the information contained in the core App Control event logs with information found in these other event logs. CIDiag.exe doesn't collect the ones shown in *italics*.
 
 - Applications and Services logs - Microsoft - Windows - CodeIntegrity - Verbose
 - Applications and Services logs - Microsoft - Windows - AppLocker - EXE and DLL
@@ -104,61 +103,61 @@ Sometimes, you may be able to supplement the information contained in the core W
 
 Having gathered the necessary diagnostic information from a device, you're ready to begin your analysis of the diagnostic data collected in the previous section.
 
-1. Verify the set of WDAC policies that are active and enforced. Confirm that only those policies you expect to be active are currently active. Be aware of the [Windows inbox policies](inbox-wdac-policies.md) that may also be active. You can use either of these methods:
+1. Verify the set of App Control policies that are active and enforced. Confirm that only those policies you expect to be active are currently active. Be aware of the [Windows inbox policies](inbox-appcontrol-policies.md) that may also be active. You can use either of these methods:
 
     - Review the output from *CiTool.exe -lp*, if applicable, which was saved to the CIDiag output directory as CiToolOutput.json. See [use Microsoft Edge to view the formatted json file](/microsoft-edge/devtools-guide-chromium/json-viewer/json-viewer).
-    - Review all [policy activation events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#wdac-policy-activation-events) from the core WDAC event log found at  **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational**. Within the CIDiag output directory, this event log is called CIOperational.evtx.
+    - Review all [policy activation events](event-id-explanations.md#app-control-policy-activation-events) from the core App Control event log found at  **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational**. Within the CIDiag output directory, this event log is called CIOperational.evtx.
 
-2. Review any [block events for executables, dlls, and drivers](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#wdac-block-events-for-executables-dlls-and-drivers) from the core WDAC event log found at  **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational**. Within the CIDiag output directory, this event log is called CIOperational.evtx. Use information from the block events and their correlated 3089 signature details event(s) to investigate any blocks that are unexplained or unexpected. See the blocked executable example described later in this article for reference.
-3. Review any [block events for packaged apps, MSI installers, scripts, and COM objects](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#wdac-block-events-for-packaged-apps-msi-installers-scripts-and-com-objects) from the core script enforcement event log found at  **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script**. Within the CIDiag output directory, this event log is called ALMsiAndScript.evtx. Use information from the block events and their correlated 8038 signature details event(s) to investigate any blocks that are unexplained or unexpected.
+2. Review any [block events for executables, dlls, and drivers](event-id-explanations.md#app-control-block-events-for-executables-dlls-and-drivers) from the core App Control event log found at  **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational**. Within the CIDiag output directory, this event log is called CIOperational.evtx. Use information from the block events and their correlated 3089 signature details event(s) to investigate any blocks that are unexplained or unexpected. See the blocked executable example described later in this article for reference.
+3. Review any [block events for packaged apps, MSI installers, scripts, and COM objects](event-id-explanations.md#app-control-block-events-for-packaged-apps-msi-installers-scripts-and-com-objects) from the core script enforcement event log found at  **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script**. Within the CIDiag output directory, this event log is called ALMsiAndScript.evtx. Use information from the block events and their correlated 8038 signature details event(s) to investigate any blocks that are unexplained or unexpected.
 
-Most WDAC-related issues, including app and script failures, can be diagnosed using the preceding steps.
+Most App Control-related issues, including app and script failures, can be diagnosed using the preceding steps.
 
 ### Event analysis for an example blocked executable
 
-Here's an example of detailed EventData from a typical WDAC enforcement mode block event 3077, and one of its correlated 3089 signature information events. The tables that follow each event screenshot describe some of the elements contained in the events. Following the event descriptions is a step-by-step walkthrough explaining how to use the events to understand why the block occurred.
+Here's an example of detailed EventData from a typical App Control enforcement mode block event 3077, and one of its correlated 3089 signature information events. The tables that follow each event screenshot describe some of the elements contained in the events. Following the event descriptions is a step-by-step walkthrough explaining how to use the events to understand why the block occurred.
 
-#### Event 3077 - WDAC enforcement block event
+#### Event 3077 - App Control enforcement block event
 
 ![Example 3077 block event for PowerShell.exe.](../images/event-3077.png)
 
 | Element name | Description |
 | ----- | ----- |
-| System - Correlation - \[ActivityID\] | **Not shown in screenshot** <br> Use the correlation ActivityID to match a WDAC block event with one or more 3089 signature events. |
-| File Name | The file's path and name on disk that was blocked from running. Since the name on disk is mutable, this value **isn't** the one used when creating WDAC file rules with `-Level FileName`. Instead, see the OriginalFileName element later in this table. |
+| System - Correlation - \[ActivityID\] | **Not shown in screenshot** <br> Use the correlation ActivityID to match an App Control block event with one or more 3089 signature events. |
+| File Name | The file's path and name on disk that was blocked from running. Since the name on disk is mutable, this value **isn't** the one used when creating App Control file rules with `-Level FileName`. Instead, see the OriginalFileName element later in this table. |
 | Process Name | The path and name of the file that attempted to run the blocked file. Also called the parent process. |
-| Requested Signing Level | The Windows signing authorization level the code needed to pass in order to run. See [Requested and validated signing level](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations#requested-and-validated-signing-level). |
-| Validated Signing Level | The Windows signing authorization level the code was given. See [Requested and validated signing level](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations#requested-and-validated-signing-level). |
+| Requested Signing Level | The Windows signing authorization level the code needed to pass in order to run. See [Requested and validated signing level](event-tag-explanations.md#requested-and-validated-signing-level). |
+| Validated Signing Level | The Windows signing authorization level the code was given. See [Requested and validated signing level](event-tag-explanations.md#requested-and-validated-signing-level). |
 | Status | Windows NT status code. You can use `certutil.exe -error <status>` to look up the meaning of the status code. |
 | SHA1 Hash | The SHA1 Authenticode hash for the blocked file. |
 | SHA256 Hash | The SHA256 Authenticode hash for the blocked file. |
 | SHA1 Flat Hash | The SHA1 flat file hash for the blocked file. |
 | SHA256 Flat Hash | The SHA256 flat file hash for the blocked file. |
-| PolicyName | The friendly name of the WDAC policy that caused the block event. A separate 3077 block event (or 3076 audit block event) is shown for each policy that blocks the file from running. |
-| PolicyId | The friendly ID value of the WDAC policy that caused the block event. |
-| PolicyHash | The SHA256 Authenticode hash of the WDAC policy binary that caused the block event. |
-| OriginalFileName | The immutable file name set by the developer in the blocked file's resource header. This value is the one used when creating WDAC file rules with `-Level FileName`. |
+| PolicyName | The friendly name of the App Control policy that caused the block event. A separate 3077 block event (or 3076 audit block event) is shown for each policy that blocks the file from running. |
+| PolicyId | The friendly ID value of the App Control policy that caused the block event. |
+| PolicyHash | The SHA256 Authenticode hash of the App Control policy binary that caused the block event. |
+| OriginalFileName | The immutable file name set by the developer in the blocked file's resource header. This value is the one used when creating App Control file rules with `-Level FileName`. |
 | InternalName | Another immutable value set by the developer in the blocked file's resource header. You can substitute this value for the OriginalFileName in file rules with `-Level FileName -SpecificFileNameLevel InternalName`. |
 | FileDescription | Another immutable value set by the developer in the blocked file's resource header. You can substitute this value for the OriginalFileName in file rules with `-Level FileName -SpecificFileNameLevel FileDescription`. |
 | ProductName | Another immutable value set by the developer in the blocked file's resource header. You can substitute this value for the OriginalFileName in file rules with `-Level FileName -SpecificFileNameLevel ProductName`. |
 | FileVersion | The policy's VersionEx value used to enforce version control over signed policies. |
-| PolicyGUID | The PolicyId of the WDAC policy that caused the block event. |
+| PolicyGUID | The PolicyId of the App Control policy that caused the block event. |
 | UserWriteable | A boolean value indicating if the file was in a user-writeable location. This information is useful for diagnosing issues when allowing by FilePath rules. |
 | PackageFamilyName | The Package Family Name for the packaged app (MSIX) that includes the blocked file. |
 
-#### Event 3089 - WDAC signature information event
+#### Event 3089 - App Control signature information event
 
 ![Example 3089 signature information event for PowerShell.exe.](../images/event-3089.png)
 
 | Element name | Description |
 | ----- | ----- |
-| System - Correlation - \[ActivityID\] | Use the correlation ActivityID to match a WDAC signature event with its block event. |
+| System - Correlation - \[ActivityID\] | Use the correlation ActivityID to match an App Control signature event with its block event. |
 | TotalSignatureCount | The total number of signatures detected for the blocked file. |
 | Signature | The index count, starting at 0, of the current signature shown in this 3089 event. If the file had multiple signatures, you'll find other 3089 events for the other signatures. |
-| Hash | The hash value that WDAC used to match the file. This value should match one of the four hashes shown on the 3077 or 3076 block event. If no signatures were found for the file (TotalSignatureCount = 0), then only the hash value is shown. |
-| SignatureType | The [type of signature](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations#signaturetype). |
-| ValidatedSigningLevel | The Windows signing authorization level the signature met. See [Requested and validated signing level](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations#requested-and-validated-signing-level). |
-| VerificationError | The reason this particular signature failed to pass the WDAC policy. See [VerificationError](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations#verificationerror). |
+| Hash | The hash value that App Control used to match the file. This value should match one of the four hashes shown on the 3077 or 3076 block event. If no signatures were found for the file (TotalSignatureCount = 0), then only the hash value is shown. |
+| SignatureType | The [type of signature](event-tag-explanations.md#signaturetype). |
+| ValidatedSigningLevel | The Windows signing authorization level the signature met. See [Requested and validated signing level](event-tag-explanations.md#requested-and-validated-signing-level). |
+| VerificationError | The reason this particular signature failed to pass the App Control policy. See [VerificationError](event-tag-explanations.md#verificationerror). |
 | PublisherName | The common name (CN) value from the leaf certificate. |
 | IssuerName | The CN value from the highest available certificate in the certificate chain. This level is typically one certificate below the root. |
 | PublisherTBSHash | The TBS hash of the leaf certificate. |
@@ -166,7 +165,7 @@ Here's an example of detailed EventData from a typical WDAC enforcement mode blo
 
 #### Step-by-step walkthrough of the example 3077 and 3089 events
 
-Now let's walk through how to use the event data in the example 3077 and 3089 events to understand why the WDAC policy blocked this file.
+Now let's walk through how to use the event data in the example 3077 and 3089 events to understand why the App Control policy blocked this file.
 
 ##### Understand what file is being blocked and the block context
 
@@ -174,11 +173,11 @@ Referring to the 3077 event, locate the information that identifies the policy,
 
 In the example, the file being blocked is PowerShell.exe, which is part of Windows and would normally be expected to run. However, in this case, the policy was based off of the Windows in S mode policy template, which doesn't allow script hosts to run as a way to limit the attack surface. For S mode, this block event is a success. But let's assume the policy author was unaware of that constraint when they chose the template, and treat this block as unexpected.
 
-##### Determine why WDAC rejected the file
+##### Determine why App Control rejected the file
 
-Again referring to the 3077 event, we see the Requested Signing Level of 2 means the code must pass the WDAC policy. But the Validated Signing Level of 1 means the code was treated as though unsigned. "Unsigned" could mean the file was truly unsigned, signed but with an invalid certificate, or signed but without any certificates allowed by the WDAC policy.
+Again referring to the 3077 event, we see the Requested Signing Level of 2 means the code must pass the App Control policy. But the Validated Signing Level of 1 means the code was treated as though unsigned. "Unsigned" could mean the file was truly unsigned, signed but with an invalid certificate, or signed but without any certificates allowed by the App Control policy.
 
-Now, let's inspect the correlated 3089 event(s) for the blocked file. In the example, we're looking at only the first signature (Signature index 0) found on a file that had multiple signatures. For this signature, the ValidatedSigningLevel is 12, meaning it has a Microsoft Windows product signature. The VerificationError of 21 means that the signature didn't pass the WDAC policy.
+Now, let's inspect the correlated 3089 event(s) for the blocked file. In the example, we're looking at only the first signature (Signature index 0) found on a file that had multiple signatures. For this signature, the ValidatedSigningLevel is 12, meaning it has a Microsoft Windows product signature. The VerificationError of 21 means that the signature didn't pass the App Control policy.
 
 It's important to review the information for each correlated 3089 event as each signature may have a different ValidatedSigningLevel and VerificationError.
 
@@ -191,11 +190,11 @@ It's important to review the information for each correlated 3089 event as each
 
 ## 3 - Resolve common problems
 
-Having analyzed the WDAC diagnostic data, you can take steps to resolve the issue or do more debugging steps. Following are some common problems and steps you can try to resolve or further isolate the root issue:
+Having analyzed the App Control diagnostic data, you can take steps to resolve the issue or do more debugging steps. Following are some common problems and steps you can try to resolve or further isolate the root issue:
 
 ### Issue: A file was blocked that you want to allow
 
-- Use data from the core WDAC event logs to add rules to allow the blocked file.
+- Use data from the core App Control event logs to add rules to allow the blocked file.
 - Redeploy the file or app using a managed installer if your policy trusts managed installers.
 
 ### Issue: A policy is active that is unexpected
@@ -208,51 +207,51 @@ This condition may exist if:
 - A policy was incorrectly deployed to the device.
 - An attacker with administrator access has applied a policy to cause denial of service for some critical processes.
 
-To resolve such an issue, follow the instructions to [Remove WDAC policies](/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies) for the identified policy.
+To resolve such an issue, follow the instructions to [Remove App Control policies](../deployment/disable-appcontrol-policies.md) for the identified policy.
 
-### Issue: An unhandled app failure is occurring and no WDAC events are observed
+### Issue: An unhandled app failure is occurring and no App Control events are observed
 
-Some apps alter their behavior when a user mode WDAC policy is active, which can result in unexpected failures. It can also be a side-effect of script enforcement for apps that don't properly handle the enforcement behaviors implemented by the script hosts.
+Some apps alter their behavior when a user mode App Control policy is active, which can result in unexpected failures. It can also be a side-effect of script enforcement for apps that don't properly handle the enforcement behaviors implemented by the script hosts.
 
 Try to isolate the root cause by doing the following actions:
 
 - Check the other event logs listed in section 1 of this article for events corresponding with the unexpected app failures.
-- Temporarily replace the WDAC policy with another policy that [disables script enforcement](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement) and retest.
-- Temporarily replace the WDAC policy with another policy that [allows all COM objects](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy) and retest.
-- Temporarily replace the WDAC policy with another policy that relaxes other [policy rules](/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create#windows-defender-application-control-policy-rules) and retest.
+- Temporarily replace the App Control policy with another policy that [disables script enforcement](../design/script-enforcement.md) and retest.
+- Temporarily replace the App Control policy with another policy that [allows all COM objects](../design/allow-com-object-registration-in-appcontrol-policy.md) and retest.
+- Temporarily replace the App Control policy with another policy that relaxes other [policy rules](../design/select-types-of-rules-to-create.md#app-control-for-business-policy-rules) and retest.
 
 ### Issue: An app deployed by a managed installer isn't working
 
 To debug issues using managed installer, try these steps:
 
-- Check that the WDAC policy that is blocking the app includes the option to enable managed installer.
-- Check that the effective AppLocker policy $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLocker.xml is correct as described in [Automatically allow apps deployed by a managed installer](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).
+- Check that the App Control policy that is blocking the app includes the option to enable managed installer.
+- Check that the effective AppLocker policy $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLocker.xml is correct as described in [Automatically allow apps deployed by a managed installer](../design/configure-authorized-apps-deployed-with-a-managed-installer.md#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).
 - Check that the AppLocker services are running. This information is found in $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLockerServices.txt created in section 1 of this article.
 - Check that an AppLocker file exists called MANAGEDINSTALLER.APPLOCKER exists in the CiDiag folder created earlier. If not, repeat the steps to deploy and enable the managed installer AppLocker configuration.
 - Restart the managed installer process and check that an 8002 event is observed in the **AppLocker - EXE and DLL** event log for the managed installer process with PolicyName = MANAGEDINSTALLER. If instead you see an event with 8003 or 8004 with PolicyName = MANAGEDINSTALLER, then check the ManagedInstaller rules in the AppLocker policy XML and ensure a rule matches the managed installer process.
-- [Use fsutil.exe](/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer#using-fsutil-to-query-extended-attributes-for-managed-installer-mi) to verify files written by the managed installer process have the managed installer origin extended attribute. If not, redeploy the files with the managed installer and check again.
+- [Use fsutil.exe](configure-appcontrol-managed-installer.md#using-fsutil-to-query-extended-attributes-for-managed-installer-mi) to verify files written by the managed installer process have the managed installer origin extended attribute. If not, redeploy the files with the managed installer and check again.
 - Test installation of a different app using the managed installer.
 - Add another managed installer to your AppLocker policy and test installation using the other managed installer.
-- Check if the app is encountering a [known limitation with managed installer](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer#known-limitations-with-managed-installer). If so, you must authorize the app using other means.
+- Check if the app is encountering a [known limitation with managed installer](../design/configure-authorized-apps-deployed-with-a-managed-installer.md#known-limitations-with-managed-installer). If so, you must authorize the app using other means.
 
 ### Issue: An app you expected the Intelligent Security Graph (ISG) to allow isn't working
 
 To debug issues using ISG, try these steps:
 
-- Check that the WDAC policy that is blocking the app includes the option to enable the intelligent security graph.
+- Check that the App Control policy that is blocking the app includes the option to enable the intelligent security graph.
 - Check that the AppLocker services are running. This information is found in $env:USERPROFILE\AppData\Local\Temp\DiagOutputDir\CiDiag\AppLockerServices.txt created in section 1 of this article.
-- [Use fsutil.exe](/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer#using-fsutil-to-query-extended-attributes-for-intelligent-security-graph-isg) to verify files have the ISG origin extended attribute. If not, redeploy the files with the managed installer and check again.
-- Check if the app is encountering a [known limitation with ISG](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph#known-limitations-with-using-the-isg).
+- [Use fsutil.exe](configure-appcontrol-managed-installer.md#using-fsutil-to-query-extended-attributes-for-intelligent-security-graph-isg) to verify files have the ISG origin extended attribute. If not, redeploy the files with the managed installer and check again.
+- Check if the app is encountering a [known limitation with ISG](../design/use-appcontrol-with-intelligent-security-graph.md#known-limitations-with-using-the-isg).
 
 ## 4 - Report issues to Microsoft, if appropriate
 
 If after following the guidance covered by this article you believe you've identified a product issue, report the issue to Microsoft.
 
 - Customers with Microsoft Premier Support should log a service request through normal channels.
-- All other customers can report issues directly to the WDAC product team via the Windows [Feedback Hub](feedback-hub:?contextid=790&tabid=2&newFeedback=true). Select the category **Security & Privacy - Application Control** to ensure the issue is properly routed to the WDAC product team.
+- All other customers can report issues directly to the App Control product team via the Windows [Feedback Hub](feedback-hub:?contextid=790&tabid=2&newFeedback=true). Select the category **Security & Privacy - Application Control** to ensure the issue is properly routed to the App Control product team.
 
 When reporting issues, be sure to provide the following information:
 
-- All [WDAC diagnostic data](#1---gather-wdac-diagnostic-data) described earlier.
+- All [App Control diagnostic data](#1---gather-app-control-diagnostic-data) described earlier.
 - If possible, the blocked file(s).
 - Clear instructions to reproduce the problem.
diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md
new file mode 100644
index 0000000000..755488b5a3
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md
@@ -0,0 +1,26 @@
+---
+title: Managing and troubleshooting App Control for Business policies
+description: Gather information about how your deployed App Control for Business policies are behaving.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: how-to
+---
+
+# App Control for Business operational guide
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+You now understand how to design and deploy your App Control for Business policies. This guide explains how to understand the effects your policies have and how to troubleshoot when they aren't behaving as expected. It contains information on where to find events and what they mean, and also querying these events with Microsoft Defender for Endpoint Advanced Hunting feature.
+
+## In this section
+
+| Article | Description |
+| - | - |
+| [Debugging and troubleshooting](appcontrol-debugging-and-troubleshooting.md) | This article explains how to debug app and script failures with App Control. |
+| [Understanding App Control event IDs](event-id-explanations.md) | This article explains the meaning of different App Control event IDs. |
+| [Understanding App Control event tags](event-tag-explanations.md) | This article explains the meaning of different App Control event tags. |
+| [Query App Control events with Advanced hunting](querying-application-control-events-centrally-using-advanced-hunting.md) | This article covers how to view App Control events centrally from all systems that are connected to Microsoft Defender for Endpoint. |
+| [Admin Tips & Known Issues](known-issues.md) | This article describes some App Control Admin Tips & Known Issues. |
+| [Managed installer and ISG technical reference and troubleshooting guide](configure-appcontrol-managed-installer.md) | This article provides technical details and debugging steps for managed installer and ISG. |
+| [CITool.exe technical reference](citool-commands.md) | This article explains how to use CITool.exe. |
+| [Inbox App Control policies](inbox-appcontrol-policies.md) | This article describes the App Control policies that ship with Windows and when they're active. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md
similarity index 82%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md
index 729ecd07ee..c8bb39fb47 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md
@@ -2,14 +2,14 @@
 title: Managing CI policies and tokens with CiTool
 description: Learn how to use policy commands, token commands, and miscellaneous commands in CiTool
 ms.topic: reference
-ms.date: 10/02/2023
+ms.date: 09/11/2024
 appliesto:
 - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
 ---
 
 # CiTool technical reference
 
-CiTool makes Windows Defender Application Control (WDAC) policy management easier for IT admins. You can use this tool to manage Windows Defender Application Control policies and CI tokens. This article describes how to use CiTool to update and manage policies. It's currently included as part of the Windows image in Windows 11, version 22H2.
+CiTool makes App Control for Business policy management easier for IT admins. You can use this tool to manage App Control for Business policies and CI tokens. This article describes how to use CiTool to update and manage policies. It's currently included as part of the Windows image in Windows 11, version 22H2.
 
 ## Policy commands
 
@@ -35,24 +35,24 @@ CiTool makes Windows Defender Application Control (WDAC) policy management easie
 | Command | Description | Alias |
 |--------|---------|---------|
 | `--device-id` | Dump the code integrity device ID. | `-id` |
-| `--refresh` | Attempt to refresh WDAC policies. | `-r` |
+| `--refresh` | Attempt to refresh App Control policies. | `-r` |
 | `--help` | Display the tool's help menu. | `-h` |
 
 ## Output attributes and descriptions
 
 ### List policies (`--list-policies`)
 
-```output
-    Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816
-    Base Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816
-    Friendly Name: Microsoft Windows Driver Policy
-    Version: 2814751463178240
-    Platform Policy: true
-    Policy is Signed: true
-    Has File on Disk: false
-    Is Currently Enforced: true
-    Is Authorized: true
-    Status: 0
+```console
+Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816
+Base Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816
+Friendly Name: Microsoft Windows Driver Policy
+Version: 2814751463178240
+Platform Policy: true
+Policy is Signed: true
+Has File on Disk: false
+Is Currently Enforced: true
+Is Authorized: true
+Status: 0
 ```
 
 | Attribute | Description | Example value |
@@ -69,25 +69,25 @@ CiTool makes Windows Defender Application Control (WDAC) policy management easie
 
 ## Examples
 
-### Deploy a WDAC policy
+### Deploy an App Control policy
 
 ```powershell
 CiTool --update-policy "\Windows\Temp\{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}.cip"
 ```
 
-### Refresh the WDAC policies on the system
+### Refresh the App Control policies on the system
 
 ```powershell
 CiTool --refresh
 ```
 
-### Remove a specific WDAC policy by its policy ID
+### Remove a specific App Control policy by its policy ID
 
 ```powershell
 CiTool --remove-policy "{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}"
 ```
 
-### List the actively enforced WDAC policies on the system
+### List the actively enforced App Control policies on the system
 
 ```powershell
 # Check each policy's IsEnforced state and return only the enforced policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md
similarity index 79%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md
index 98e2c42da8..d75a2df983 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md
@@ -2,22 +2,21 @@
 title: Managed installer and ISG technical reference and troubleshooting guide
 description: A technical reference and troubleshooting guide for managed installer and Intelligent Security Graph (ISG).
 ms.localizationpriority: medium
-ms.date: 11/11/2022
+ms.date: 09/11/2024
 ms.topic: troubleshooting
 ---
 
 # Managed installer and ISG technical reference and troubleshooting guide
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
 ## Enabling managed installer and Intelligent Security Graph (ISG) logging events
 
-Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
+Refer to [Understanding App Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
 
 ## Using fsutil to query extended attributes for Managed Installer (MI)
 
-Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) enabled can use fsutil.exe to determine whether a file was created by a managed installer process. This verification is done by querying the Extended Attributes (EAs) on a file using fsutil.exe and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. Then, you can use the data from the first row of output to identify if the file was created by a managed installer. For example, let's look at the fsutil.exe output for a file called application.exe:
+Customers using App Control for Business with Managed Installer (MI) enabled can use fsutil.exe to determine whether a file was created by a managed installer process. This verification is done by querying the Extended Attributes (EAs) on a file using fsutil.exe and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. Then, you can use the data from the first row of output to identify if the file was created by a managed installer. For example, let's look at the fsutil.exe output for a file called application.exe:
 
 **Example:**
 
@@ -47,7 +46,7 @@ If there is "00" in the fifth position of the output (the start of the second UL
 
 0000: 01 00 00 00 **`00` 00 00 00** 00 00 00 00 01 00 00 00
 
-Finally, the two-character set in the ninth position of the output (the start of the third ULONG) indicates whether the file was created by a process running as managed installer. A value of "00" means the file was directly written by a managed installer process and will run if your WDAC policy trusts managed installers.
+Finally, the two-character set in the ninth position of the output (the start of the third ULONG) indicates whether the file was created by a process running as managed installer. A value of "00" means the file was directly written by a managed installer process and will run if your App Control policy trusts managed installers.
 
 0000: 01 00 00 00 00 00 00 00 **`00` 00 00 00** 01 00 00 00
 
@@ -98,4 +97,4 @@ Both managed installer and the ISG depend on AppLocker to provide some functiona
    Get-AppLockerPolicy -Effective -XML > $env:USERPROFILE\Desktop\AppLocker.xml
    ```
 
-   Then open the XML file created and confirm it contains the rules you expect. In particular, the policy should include at least one rule for each of the EXE, DLL, and MANAGEDINSTALLER RuleCollections. The RuleCollections can either be set to AuditOnly or Enabled. Additionally, the EXE and DLL RuleCollections must include the RuleCollectionExtensions configuration as shown in [Automatically allow apps deployed by a managed installer with Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).
+   Then open the XML file created and confirm it contains the rules you expect. In particular, the policy should include at least one rule for each of the EXE, DLL, and MANAGEDINSTALLER RuleCollections. The RuleCollections can either be set to AuditOnly or Enabled. Additionally, the EXE and DLL RuleCollections must include the RuleCollectionExtensions configuration as shown in [Automatically allow apps deployed by a managed installer with App Control for Business](../design/configure-authorized-apps-deployed-with-a-managed-installer.md#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).
diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md
new file mode 100644
index 0000000000..ceaac2953b
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md
@@ -0,0 +1,161 @@
+---
+title: Understanding App Control event IDs
+description: Learn what different App Control for Business event IDs signify.
+ms.localizationpriority: medium
+ms.date: 09/11/2024
+ms.topic: reference
+---
+
+# Understanding App Control events
+
+## App Control Events Overview
+
+App Control logs events when a policy is loaded, when a file is blocked, or when a file would be blocked if in audit mode. These block events include information that identifies the policy and gives more details about the block. App Control doesn't generate events when a binary is allowed. However, you can turn on allow audit events for files authorized by a managed installer or the Intelligent Security Graph (ISG) as described later in this article.
+
+### Core App Control event logs
+
+App Control events are generated under two locations in the Windows Event Viewer:
+
+- **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational** includes events about App Control policy activation and the control of executables, dlls, and drivers.
+- **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** includes events about the control of MSI installers, scripts, and COM objects.
+
+Most app and script failures that occur when App Control is active can be diagnosed using these two event logs. This article describes in greater detail the events that exist in these logs. To understand the meaning of different data elements, or tags, found in the details of these events, see [Understanding App Control event tags](event-tag-explanations.md).
+
+> [!NOTE]
+> **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** events are not included on Windows Server Core edition.
+
+## App Control block events for executables, dlls, and drivers
+
+These events are found in the **CodeIntegrity - Operational** event log.
+
+| Event ID | Explanation |
+|--------|-----------|
+| 3004 | This event isn't common and may occur with or without an App Control policy present. It typically indicates a kernel driver tried to load with an invalid signature. For example, the file may not be WHQL-signed on a system where WHQL is required. <br><br> This event is also seen for kernel- or user-mode code that the developer opted-in to [/INTEGRITYCHECK](/cpp/build/reference/integritycheck-require-signature-check) but isn't signed correctly. |
+| 3033 | This event may occur with or without an App Control policy present and should occur alongside a 3077 event if caused by App Control policy. It often means the file's signature is revoked or a signature with the Lifetime Signing EKU has expired. Presence of the Lifetime Signing EKU is the only case where App Control blocks files due to an expired signature. Try using option `20 Enabled:Revoked Expired As Unsigned` in your policy along with a rule (for example, hash) that doesn't rely on the revoked or expired cert. <br><br> This event also occurs if code compiled with [Code Integrity Guard (CIG)](/microsoft-365/security/defender-endpoint/exploit-protection-reference#code-integrity-guard) tries to load other code that doesn't meet the CIG requirements. |
+| 3034 | This event isn't common. It's the audit mode equivalent of event 3033. |
+| 3076 | This event is the main App Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. |
+| 3077 | This event is the main App Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. |
+| 3089 | This event contains signature information for files that were blocked or audit blocked by App Control. One of these events is created for each signature of a file. Each event shows the total number of signatures found and an index value to identify the current signature. Unsigned files generate a single one of these events with TotalSignatureCount of 0. These events are correlated with 3004, 3033, 3034, 3076 and 3077 events. You can match the events using the `Correlation ActivityID` found in the **System** portion of the event. |
+
+## App Control block events for packaged apps, MSI installers, scripts, and COM objects
+
+These events are found in the **AppLocker - MSI and Script** event log.
+
+| Event ID | Explanation |
+|--------|-----------|
+| 8028 | This event indicates that a script host, such as PowerShell, queried App Control about a file the script host was about to run. Since the policy was in audit mode, the script or MSI file should have run, but wouldn't have passed the App Control policy if it was enforced. Some script hosts may have additional information in their logs. Note: Most third-party script hosts don't integrate with App Control. Consider the risks from unverified scripts when choosing which script hosts you allow to run. |
+| 8029 | This event is the enforcement mode equivalent of event 8028. Note: While this event says that a script was blocked, the script hosts control the actual script enforcement behavior. The script host may allow the file to run with restrictions and not block the file outright. For example, PowerShell runs script not allowed by your App Control policy in [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). |
+| 8036| COM object was blocked. To learn more about COM object authorization, see [Allow COM object registration in an App Control for Business policy](../design/allow-com-object-registration-in-appcontrol-policy.md). |
+| 8037 | This event indicates that a script host checked whether to allow a script to run, and the file passed the App Control policy. |
+| 8038 | Signing information event correlated with either an 8028 or 8029 event. One 8038 event is generated for each signature of a script file. Contains the total number of signatures on a script file and an index as to which signature it is. Unsigned script files generate a single 8038 event with TotalSignatureCount 0. These events are correlated with 8028 and 8029 events and can be matched using the `Correlation ActivityID` found in the **System** portion of the event. |
+| 8039 | This event indicates that a packaged app (MSIX/AppX) was allowed to install or run because the App Control policy is in audit mode. But, it would have been blocked if the policy was enforced. |
+| 8040 | This event indicates that a packaged app was prevented from installing or running due to the App Control policy. |
+
+## App Control policy activation events
+
+These events are found in the **CodeIntegrity - Operational** event log.
+
+| Event ID | Explanation |
+|--------|-----------|
+| 3095 | The App Control policy can't be refreshed and must be rebooted instead. |
+| 3096 | The App Control policy wasn't refreshed since it's already up-to-date. This event's Details includes useful information about the policy, such as its policy options. |
+| 3097 | The App Control policy can't be refreshed. |
+| 3099 | Indicates that a policy has been loaded. This event's Details includes useful information about the App Control policy, such as its policy options. |
+| 3100 | The App Control policy was refreshed but was unsuccessfully activated. Retry. |
+| 3101 | App Control policy refresh started for *N* policies. |
+| 3102 | App Control policy refresh finished for *N* policies. |
+| 3103 | The system is ignoring the App Control policy refresh. For example, an inbox Windows policy that doesn't meet the conditions for activation. |
+| 3105 | The system is attempting to refresh the App Control policy with the specified ID. |
+
+## Diagnostic events for Intelligent Security Graph (ISG) and Managed Installer (MI)
+
+> [!NOTE]
+> When Managed Installer is enabled, customers using LogAnalytics should be aware that Managed Installer may fire many 3091 events.  Customers may need to filter out these events to avoid high LogAnalytics costs.
+
+The following events provide helpful diagnostic information when an App Control policy includes the ISG or MI option. These events can help you debug why something was allowed/denied based on managed installer or ISG. Events 3090, 3091, and 3092 don't necessarily indicate a problem but should be reviewed in context with other events like 3076 or 3077.
+
+Unless otherwise noted, these events are found in either the **CodeIntegrity - Operational** event log or the **CodeIntegrity - Verbose** event log depending on your version of Windows.
+
+| Event ID | Explanation |
+|--------|---------|
+| 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. |
+| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the App Control policy is in audit mode. |
+| 3092 | This event is the enforcement mode equivalent of 3091. |
+| 8002 | This event is found in the **AppLocker - EXE and DLL** event log. When a process launches that matches a managed installer rule, this event is raised with PolicyName = MANAGEDINSTALLER found in the event Details. Events with PolicyName = EXE or DLL aren't related to App Control. |
+
+Events 3090, 3091, and 3092 are reported per active policy on the system, so you may see multiple events for the same file.
+
+### ISG and MI diagnostic event details
+
+The following information is found in the details for 3090, 3091, and 3092 events.
+
+| Name | Explanation |
+|------|------|
+| ManagedInstallerEnabled | Indicates whether the specified policy enables managed installer trust |
+| PassesManagedInstaller | Indicates whether the file originated from a MI |
+| SmartlockerEnabled | Indicates whether the specified policy enables ISG trust |
+| PassesSmartlocker | Indicates whether the file had positive reputation according to the ISG |
+| AuditEnabled | True if the App Control policy is in audit mode, otherwise it is in enforce mode |
+| PolicyName | The name of the App Control policy to which the event applies |
+
+### Enabling ISG and MI diagnostic events
+
+To enable 3090 allow events, create a TestFlags regkey with a value of 0x300 as shown in the following PowerShell command. Then restart your computer.
+
+```powershell
+reg add hklm\system\currentcontrolset\control\ci -v TestFlags -t REG_DWORD -d 0x300
+```
+
+Events 3091 and 3092 are inactive on some versions of Windows and are turned on by the preceding command.
+
+## Appendix
+
+A list of other relevant event IDs and their corresponding description.
+
+| Event ID | Description |
+|-------|------|
+| 3001 | An unsigned driver was attempted to load on the system. |
+| 3002 | Code Integrity couldn't verify the boot image as the page hash couldn't be found. |
+| 3004 | Code Integrity couldn't verify the file as the page hash couldn't be found. |
+| 3010 | The catalog containing the signature for the file under validation is invalid. |
+| 3011 | Code Integrity finished loading the signature catalog. |
+| 3012 | Code Integrity started loading the signature catalog. |
+| 3023 | The driver file under validation didn't meet the requirements to pass the App Control policy. |
+| 3024 | Windows App Control was unable to refresh the boot catalog file. |
+| 3026 | Microsoft or the certificate issuing authority revoked the certificate that signed the catalog. |
+| 3032 | The file under validation is revoked or the file has a signature that is revoked.
+| 3033 | The file under validation didn't meet the requirements to pass the App Control policy. |
+| 3034 | The file under validation wouldn't meet the requirements to pass the App Control policy if it was enforced. The file was allowed since the policy is in audit mode. |
+| 3036 | Microsoft or the certificate issuing authority revoked the certificate that signed the file being validated. |
+| 3064 | If the App Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the App Control policy. The DLL was allowed since the policy is in audit mode. |
+| 3065 | If the App Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the App Control policy. |
+| 3074 | Page hash failure while hypervisor-protected code integrity was enabled. |
+| 3075 | This event measures the performance of the App Control policy check during file validation. |
+| 3076 | This event is the main App Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. |
+| 3077 | This event is the main App Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. |
+| 3079 | The file under validation didn't meet the requirements to pass the App Control policy. |
+| 3080 | If the App Control policy was in enforced mode, the file under validation wouldn't have met the requirements to pass the App Control policy. |
+| 3081 | The file under validation didn't meet the requirements to pass the App Control policy. |
+| 3082 | If the App Control policy was enforced, the policy would have blocked this non-WHQL driver. |
+| 3084 | Code Integrity is enforcing WHQL driver signing requirements on this boot session. |
+| 3085 | Code Integrity isn't enforcing WHQL driver signing requirements on this boot session. |
+| 3086 | The file under validation doesn't meet the signing requirements for an isolated user mode (IUM) process. |
+| 3089 | This event contains signature information for files that were blocked or audit blocked by App Control. One 3089 event is created for each signature of a file. |
+| 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. |
+| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the App Control policy is in audit mode. |
+| 3092 | This event is the enforcement mode equivalent of 3091. |
+| 3095 | The App Control policy can't be refreshed and must be rebooted instead. |
+| 3096 | The App Control policy wasn't refreshed since it's already up-to-date. |
+| 3097 | The App Control policy can't be refreshed. |
+| 3099 | Indicates that a policy has been loaded. This event also includes information about the options set by the App Control policy.  |
+| 3100 | The App Control policy was refreshed but was unsuccessfully activated. Retry. |
+| 3101 | The system started refreshing the App Control policy. |
+| 3102 | The system finished refreshing the App Control policy. |
+| 3103 | The system is ignoring the App Control policy refresh. |
+| 3104 | The file under validation doesn't meet the signing requirements for a PPL (protected process light) process. |
+| 3105 | The system is attempting to refresh the App Control policy. |
+| 3108 | Windows mode change event was successful. |
+| 3110 | Windows mode change event was unsuccessful. |
+| 3111 | The file under validation didn't meet the hypervisor-protected code integrity (HVCI) policy. |
+| 3112 | Windows has revoked the certificate that signed the file being validated. |
+| 3114 | Dynamic Code Security opted the .NET app or DLL into App Control policy validation. The file under validation didn't pass your policy and was blocked. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md
similarity index 83%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md
index 298b965229..0f5513efc4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md
@@ -1,14 +1,14 @@
 ---
-title: Understanding Application Control event tags
-description: Learn what different Windows Defender Application Control event tags signify.
+title: Understanding App Control event tags
+description: Learn what different App Control for Business event tags signify.
 ms.localizationpriority: medium
-ms.date: 05/09/2023
+ms.date: 09/11/2024
 ms.topic: conceptual
 ---
 
-# Understanding Application Control event tags
+# Understanding App Control event tags
 
-Windows Defender Application Control (WDAC) events include many fields, which provide helpful troubleshooting information to figure out exactly what an event means. This article describes the values and meanings for a few useful event tags.
+App Control for Business events include many fields, which provide helpful troubleshooting information to figure out exactly what an event means. This article describes the values and meanings for a few useful event tags.
 
 ## SignatureType
 
@@ -33,7 +33,7 @@ Represents the signature level at which the code was verified.
 |---|----------|
 | 0 | Signing level hasn't yet been checked |
 | 1 | File is unsigned or has no signature that passes the active policies |
-| 2 | Trusted by Windows Defender Application Control policy |
+| 2 | Trusted by App Control for Business policy |
 | 3 | Developer signed code |
 | 4 | Authenticode signed |
 | 5 | Microsoft Store signed app PPL (Protected Process Light) |
@@ -71,7 +71,7 @@ Represents why verification failed, or if it succeeded.
 | 18 | Custom signing level not met; returned if signature fails to match `CISigners` in UMCI. |
 | 19 | Binary is revoked based on its file hash. |
 | 20 | SHA1 cert hash's timestamp is missing or after valid cutoff as defined by Weak Crypto Policy. |
-| 21 | Failed to pass Windows Defender Application Control policy. |
+| 21 | Failed to pass App Control for Business policy. |
 | 22 | Not Isolated User Mode (IUM)) signed; indicates an attempt to load a standard Windows binary into a virtualization-based security (VBS) trustlet. |
 | 23 | Invalid image hash. This error can indicate file corruption or a problem with the file's signature. Signatures using elliptic curve cryptography (ECC), such as ECDSA, return this VerificationError. |
 | 24 | Flight root not allowed; indicates trying to run flight-signed code on production OS. |
@@ -82,7 +82,7 @@ Represents why verification failed, or if it succeeded.
 
 ## Policy activation event Options
 
-The Application Control policy rule option values can be derived from the "Options" field in the Details section for successful [policy activation events](event-id-explanations.md#wdac-policy-activation-events). To parse the values, first convert the hex value to binary. To derive and parse these values, follow the below workflow.
+The App Control policy rule option values can be derived from the "Options" field in the Details section for successful [policy activation events](event-id-explanations.md#app-control-policy-activation-events). To parse the values, first convert the hex value to binary. To derive and parse these values, follow the below workflow.
 
 - Access Event Viewer.
 - Access the Code integrity 3099 event.
@@ -105,7 +105,7 @@ For a simple solution for converting hex to binary, follow these steps:
 
 This view provides the hex code in binary form, with each bit address shown separately.  The bit addresses start at 0 in the bottom right.  Each bit address correlates to a specific event policy-rule option.  If the bit address holds a value of 1, the setting is in the policy.
 
-Next, use the bit addresses and their values from the following table to determine the state of each [policy rule-option](../design/select-types-of-rules-to-create.md#table-1-windows-defender-application-control-policy---policy-rule-options). For example, if the bit address of 16 holds a value of 1, then the **Enabled: Audit Mode (Default)** option is in the policy. This setting means that the policy is in audit mode.
+Next, use the bit addresses and their values from the following table to determine the state of each [policy rule-option](../design/select-types-of-rules-to-create.md#table-1-app-control-for-business-policy---policy-rule-options). For example, if the bit address of 16 holds a value of 1, then the **Enabled: Audit Mode (Default)** option is in the policy. This setting means that the policy is in audit mode.
 
 | Bit Address | Policy Rule Option |
 |-------|------|
@@ -157,7 +157,7 @@ The rule means trust anything signed by a certificate that chains to this root C
 | 18 | Microsoft ECC Product Root CA 2018 |
 | 19 | Microsoft ECC Devices Root CA 2017 |
 
-For well-known roots, the TBS hashes for the certificates are baked into the code for Windows Defender Application Control. For example, they don't need to be listed as TBS hashes in the policy file.
+For well-known roots, the TBS hashes for the certificates are baked into the code for App Control for Business. For example, they don't need to be listed as TBS hashes in the policy file.
 
 ## Status values
 
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md
similarity index 73%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md
index c8432d0129..f62b037cb4 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md
@@ -1,24 +1,23 @@
 ---
-title: Inbox WDAC policies
-description: This article describes the inbox WDAC policies that may be active on a device.
+title: Inbox App Control policies
+description: This article describes the inbox App Control policies that may be active on a device.
 ms.manager: jsuther
-ms.date: 03/10/2023
+ms.date: 09/11/2024
 ms.topic: conceptual
 ms.localizationpriority: medium
 ---
 
-# Inbox WDAC policies
+# Inbox App Control policies
 
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
 
-This article describes the Windows Defender Application Control (WDAC) policies that ship inbox with Windows and may be active on your devices. To see which policies are active on your device, use [citool.exe](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands) or check the *CodeIntegrity - Operational* event log for 3099 policy activation events.
+This article describes the App Control for Business policies that ship inbox with Windows and may be active on your devices. To see which policies are active on your device, use [citool.exe](citool-commands.md) or check the *CodeIntegrity - Operational* event log for 3099 policy activation events.
 
-## Inbox WDAC Policies
+## Inbox App Control Policies
 
-| **Policy Name** | **Policy ID** | **Policy Type** | **Description** |
+| Policy Name | Policy ID | Policy Type | Description |
 |-----------|-----------|-----------|-----------|
-| **Microsoft Windows Driver Policy** | {d2bda982-ccf6-4344-ac5b-0b44427b6816} | Kernel-only Base policy | This policy blocks known [vulnerable or malicious kernel drivers](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules). It's active by default on Windows 11 22H2, [Windows in S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85), [Windows 11 SE](/education/windows/windows-11-se-overview), and anywhere [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity (HVCI)) is on. Its policy binary file is found at `%windir%\System32\CodeIntegrity\driversipolicy.p7b` and in the EFI system partition at `<EFI System Partition>\Microsoft\Boot\driversipolicy.p7b`. |
+| **Microsoft Windows Driver Policy** | {d2bda982-ccf6-4344-ac5b-0b44427b6816} | Kernel-only Base policy | This policy blocks known [vulnerable or malicious kernel drivers](../design/microsoft-recommended-driver-block-rules.md). It's active by default on Windows 11 22H2, [Windows in S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85), [Windows 11 SE](/education/windows/windows-11-se-overview), and anywhere [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity (HVCI)) is on. Its policy binary file is found at `%windir%\System32\CodeIntegrity\driversipolicy.p7b` and in the EFI system partition at `<EFI System Partition>\Microsoft\Boot\driversipolicy.p7b`. |
 | **Windows10S_Lockdown_Policy_Supplementable** | {5951a96a-e0b5-4d3d-8fb8-3e5b61030784} | Base policy | This policy is active on devices running [Windows in S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85). Its policy binary file is found in the EFI system partition at `<EFI System Partition>\Microsoft\Boot\winsipolicy.p7b`. |
 | **WindowsE_Lockdown_Policy** | {82443e1e-8a39-4b4a-96a8-f40ddc00b9f3} | Base policy | This policy is active on devices running [Windows 11 SE](/education/windows/windows-11-se-overview). Its policy binary file is found in the EFI system partition at `<EFI System Partition>\Microsoft\Boot\CIPolicies\Active\{82443e1e-8a39-4b4a-96a8-f40ddc00b9f3}.cip`. |
 | **WindowsE_Lockdown_Flight_Policy_Supplemental** | {5dac656c-21ad-4a02-ab49-649917162e70} | Supplemental policy | This policy is active on devices running [Windows 11 SE](/education/windows/windows-11-se-overview) that are enrolled in the [Windows Insider](https://insider.windows.com) program. Its policy binary file is found in the EFI system partition at `<EFI System Partition>\Microsoft\Boot\CIPolicies\Active\{5dac656c-21ad-4a02-ab49-649917162e70}.cip`. |
diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md
new file mode 100644
index 0000000000..4181691e76
--- /dev/null
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md
@@ -0,0 +1,104 @@
+---
+title: App Control Admin Tips & Known Issues
+description: App Control Known Issues
+ms.manager: jsuther
+ms.date: 09/11/2024
+ms.topic: troubleshooting
+ms.localizationpriority: medium
+---
+
+# App Control Admin Tips & Known Issues
+
+[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)]
+
+This article covers tips and tricks for admins and known issues with App Control for Business. Test this configuration in your lab before enabling it in production.
+
+## App Control policy file locations
+
+**Multiple policy format App Control policies** are found in the following locations depending on whether the policy is signed or not, and the method of policy deployment that was used.
+
+- &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
+- &lt;EFI System Partition&gt;\\Microsoft\\Boot\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
+
+The *\{PolicyId GUID\}* value is unique by policy and defined in the policy XML with the &lt;PolicyId&gt; element.
+
+For **single policy format App Control policies**, in addition to the two preceding locations, also look for a file called SiPolicy.p7b in the following locations:
+
+- &lt;EFI System Partition&gt;\\Microsoft\\Boot\\SiPolicy.p7b
+- &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\SiPolicy.p7b
+
+> [!NOTE]
+> A multiple policy format App Control policy using the single policy format GUID `{A244370E-44C9-4C06-B551-F6016E563076}` may exist under any of the policy file locations.
+
+## File Rule Precedence Order
+
+When the App Control engine evaluates files against the active set of policies on the device, rules are applied in the following order. Once a file encounters a match, App Control stops further processing.
+
+1. Explicit deny rules - a file is blocked if any explicit deny rule exists for it, even if other rules are created to try to allow it. Deny rules can use any [rule level](../design/select-types-of-rules-to-create.md#app-control-for-business-file-rule-levels). Use the most specific rule level practical when creating deny rules to avoid blocking more than you intend.
+
+2. Explicit allow rules - if any explicit allow rule exists for the file, the file runs.
+
+3. App Control then checks for the [Managed Installer extended attribute (EA)](../design/configure-authorized-apps-deployed-with-a-managed-installer.md) or the [Intelligent Security Graph (ISG) EA](../design/use-appcontrol-with-intelligent-security-graph.md) on the file. If either EA exists and the policy enables the corresponding option, then the file is allowed.
+
+4. Lastly, App Control makes a cloud call to the ISG to get reputation about the file, if the policy enables the ISG option.
+
+5. Any file not allowed by an explicit rule or based on ISG or MI is blocked implicitly.
+
+## Known issues
+
+### Boot stop failure (blue screen) occurs if more than 32 policies are active
+
+Until you apply the Windows security update released on or after April 9, 2024, your device is limited to 32 active policies. If the maximum number of policies is exceeded, the device bluescreens referencing ci.dll with a bug check value of 0x0000003b. Consider this maximum policy count limit when planning your App Control policies. Any [Windows inbox policies](inbox-appcontrol-policies.md) that are active on the device also count towards this limit. To remove the maximum policy limit, install the Windows security update released on, or after, April 9, 2024 and then restart the device. Otherwise, reduce the number of policies on the device to remain below 32 policies.
+
+> [!NOTE]
+> The policy limit was not removed on Windows 11 21H2, and will remain limited to 32 policies.
+
+### Audit mode policies can change the behavior for some apps or cause app crashes
+
+Although App Control audit mode is designed to avoid impact to apps, some features are always on/always enforced with any App Control policy that turns on user mode code integrity (UMCI) with the option **0 Enabled:UMCI**. Here's a list of known system changes in audit mode:
+
+- Some script hosts might block code or run code with fewer privileges even in audit mode. See [Script enforcement with App Control](../design/script-enforcement.md) for information about individual script host behaviors.
+- Option **19 Enabled:Dynamic Code Security** is always enforced if any UMCI policy includes that option. See [App Control and .NET](../design/appcontrol-and-dotnet.md#app-control-and-net-hardening).
+
+### .NET native images may generate false positive block events
+
+In some cases, the code integrity logs where App Control for Business errors and warnings are written include error events for native images generated for .NET assemblies. Typically, native image blocks are functionally benign as a blocked native image falls back to its corresponding assembly and .NET regenerates the native image at its next scheduled maintenance window.
+
+### Signatures using elliptical curve cryptography (ECC) aren't supported
+
+App Control signer-based rules only work with RSA cryptography. ECC algorithms, such as ECDSA, aren't supported. If App Control blocks a file based on ECC signatures, the corresponding 3089 signature information events show VerificationError = 23. You can authorize the files instead by hash or file attribute rules, or using other signer rules if the file is also signed with signatures using RSA.
+
+### MSI installers are treated as user writeable on Windows 10 when allowed by FilePath rule
+
+MSI installer files are always detected as user writeable on Windows 10, and on Windows Server 2022 and earlier. If you need to allow MSI files using FilePath rules, you must set option **18 Disabled:Runtime FilePath Rule Protection** in your App Control policy.
+
+### MSI Installations launched directly from the internet are blocked by App Control
+
+Installing .msi files directly from the internet to a computer protected by App Control fails.
+For example, this command fails:
+
+```cmd
+msiexec -i https://download.microsoft.com/download/2/E/3/2E3A1E42-8F50-4396-9E7E-76209EA4F429/Windows10_Version_1511_ADMX.msi
+```
+
+As a workaround, download the MSI file and run it locally:
+
+```cmd
+msiexec -i c:\temp\Windows10_Version_1511_ADMX.msi
+```
+
+### Slow boot and performance with custom policies
+
+App Control evaluates all processes that run, including inbox Windows processes. You can cause slower boot times, degraded performance, and possibly boot issues if your policies don't build upon the App Control templates or don't trust the Windows signers. For these reasons, you should use the [App Control base templates](../design/example-appcontrol-base-policies.md) whenever possible to create your policies.
+
+#### AppId Tagging policy considerations
+
+AppId Tagging policies that aren't built upon the App Control base templates or don't allow the Windows in-box signers might cause a significant increase in boot times (~2 minutes).
+
+If you can't allowlist the Windows signers or build off the App Control base templates, add the following rule to your policies to improve the performance:
+
+:::image type="content" source="../images/known-issue-appid-dll-rule.png" alt-text="Allow all dlls in the policy.":::
+
+:::image type="content" source="../images/known-issue-appid-dll-rule-xml.png" alt-text="Allow all dll files in the xml policy.":::
+
+Since AppId Tagging policies evaluate but can't tag dll files, this rule short circuits dll evaluation and improve evaluation performance.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md
similarity index 79%
rename from windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md
rename to windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md
index c17adb2b1c..d39105c4a1 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md
+++ b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md
@@ -1,29 +1,29 @@
 ---
-title: Query Application Control events with Advanced Hunting
-description: Learn how to query Windows Defender Application Control events across your entire organization by using Advanced Hunting.
+title: Query App Control events with Advanced Hunting
+description: Learn how to query App Control for Business events across your entire organization by using Advanced Hunting.
 ms.localizationpriority: medium
-ms.date: 03/01/2022
+ms.date: 09/11/2024
 ms.topic: troubleshooting
 ---
 
-# Querying Application Control events centrally using Advanced hunting
+# Querying App Control events centrally using Advanced hunting
 
-A Windows Defender Application Control (WDAC) policy logs events locally in Windows Event Viewer in either enforced or audit mode.
+An App Control for Business policy logs events locally in Windows Event Viewer in either enforced or audit mode.
 While Event Viewer helps to see the impact on a single system, IT Pros want to gauge it across many systems.
 
-In November 2018, we added functionality in Microsoft Defender for Endpoint that makes it easy to view WDAC events centrally from all connected systems.
+In November 2018, we added functionality in Microsoft Defender for Endpoint that makes it easy to view App Control events centrally from all connected systems.
 
-Advanced hunting in Microsoft Defender for Endpoint allows customers to query data using a rich set of capabilities. WDAC events can be queried with using an ActionType that starts with "AppControl".
+Advanced hunting in Microsoft Defender for Endpoint allows customers to query data using a rich set of capabilities. App Control events can be queried with using an ActionType that starts with "AppControl".
 This capability is supported beginning with Windows version 1607.
 
 ## Action Types
 
 | ActionType Name | ETW Source Event ID | Description |
 | - | - | - |
-| AppControlCodeIntegrityDriverRevoked | 3023 | The driver file under validation didn't meet the requirements to pass the application control policy. |
+| AppControlCodeIntegrityDriverRevoked | 3023 | The driver file under validation didn't meet the requirements to pass the App Control policy. |
 | AppControlCodeIntegrityImageRevoked | 3036 | The signed file under validation is signed by a code signing certificate that has been revoked by Microsoft or the certificate issuing authority. |
-| AppControlCodeIntegrityPolicyAudited | 3076 | This event is the main Windows Defender Application Control block event for audit mode policies. It indicates the file would have been blocked if the WDAC policy was enforced. |
-| AppControlCodeIntegrityPolicyBlocked | 3077 | This event is the main Windows Defender Application Control block event for enforced policies. It indicates the file didn't pass your WDAC policy and was blocked. |
+| AppControlCodeIntegrityPolicyAudited | 3076 | This event is the main App Control for Business block event for audit mode policies. It indicates the file would have been blocked if the App Control policy was enforced. |
+| AppControlCodeIntegrityPolicyBlocked | 3077 | This event is the main App Control for Business block event for enforced policies. It indicates the file didn't pass your App Control policy and was blocked. |
 | AppControlExecutableAudited | 8003 | Applied only when the Audit only enforcement mode is enabled. Specifies the .exe or .dll file would be blocked if the Enforce rules enforcement mode were enabled. |
 | AppControlExecutableBlocked | 8004 | The .exe or .dll file can't run. |
 | AppControlPackagedAppAudited | 8021 | Applied only when the Audit only enforcement mode is enabled. Specifies the packaged app would be blocked if the Enforce rules enforcement mode were enabled. |
@@ -39,15 +39,15 @@ This capability is supported beginning with Windows version 1607.
 | AppControlCodeIntegritySigningInformation | 3089 | Signing information event correlated with either a 3076 or 3077 event. One 3089 event is generated for each signature of a file. |
 | AppControlPolicyApplied | 8001 | Indicates the AppLocker policy was successfully applied to the computer. |
 
-Learn more about the [Understanding Application Control event IDs (Windows)](event-id-explanations.md)
+Learn more about the [Understanding App Control event IDs (Windows)](event-id-explanations.md)
 
-## Example Advanced Hunting Application Control Queries
+## Example Advanced Hunting App Control Queries
 
-Query Example 1: Query the application control action types summarized by type for past seven days
+Query Example 1: Query the App Control action types summarized by type for past seven days
 
-Here's a simple example query that shows all the Windows Defender Application Control events generated in the last seven days from machines being monitored by Microsoft Defender for Endpoint:
+Here's a simple example query that shows all the App Control for Business events generated in the last seven days from machines being monitored by Microsoft Defender for Endpoint:
 
-```
+```kusto
 DeviceEvents
 | where Timestamp > ago(7d) and
 ActionType startswith "AppControl"
@@ -55,7 +55,7 @@ ActionType startswith "AppControl"
 | order by Machines desc
 ```
 
-The query results can be used for several important functions related to managing Windows Defender Application Control including:
+The query results can be used for several important functions related to managing App Control for Business including:
 
 - Assessing the impact of deploying policies in audit mode
   Since applications still run in audit mode, it's an ideal way to see the impact and correctness of the rules included in the policy. Integrating the generated events with Advanced Hunting makes it much easier to have broad deployments of audit mode policies and see how the included rules would influence those systems in real world usage. This audit mode data will help streamline the transition to using policies in enforced mode.
@@ -64,7 +64,7 @@ The query results can be used for several important functions related to managin
 
 Query Example #2: Query to determine audit blocks in the past seven days
 
-```
+```kusto
 DeviceEvents
 | where ActionType startswith "AppControlExecutableAudited"
 | where Timestamp > ago(7d)
diff --git a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
deleted file mode 100644
index 239ddd052c..0000000000
--- a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: Windows Defender Application Control and virtualization-based code integrity
-description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with Windows Defender Application Control (WDAC).
-ms.localizationpriority: medium
-author: vinaypamnani-msft
-ms.author: vinpa
-manager: aaroncz
-ms.date: 03/26/2024
-ms.topic: conceptual
-appliesto:
-- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>
-- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>
-- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2022</a>
-- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>
-- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>
----
-
-# Windows Defender Application Control and virtualization-based protection of code integrity
-
-Windows includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they behave more like kiosk devices. In this configuration, [**Windows Defender Application Control (WDAC)**](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control) is used to restrict devices to run only approved apps, while the OS is hardened against kernel memory attacks using [**memory integrity**](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md).
-
-> [!NOTE]
-> Memory integrity is sometimes referred to as *hypervisor-protected code integrity (HVCI)* or *hypervisor enforced code integrity*, and was originally released as part of *Device Guard*. Device Guard is no longer used except to locate memory integrity and VBS settings in Group Policy or the Windows registry.
-
-WDAC policies and memory integrity are powerful protections that can be used separately. However, when these two technologies are configured to work together, they present a strong protection capability for Windows devices. Using WDAC to restrict devices to only authorized apps has these advantages over other solutions:
-
-1. The Windows kernel handles enforcement of WDAC policy and requires no other services or agents.
-1. The WDAC policy takes effect early in the boot sequence before nearly all other OS code and before traditional antivirus solutions run.
-1. WDAC lets you set application control policy for any code that runs on Windows, including kernel mode drivers and even code that runs as part of Windows.
-1. Customers can protect the WDAC policy even from local administrator tampering by digitally signing the policy. Changing signed policy requires both administrative privilege and access to the organization's digital signing process. Using signed policies makes it difficult for an attacker, including one who manages to gain administrative privilege, to tamper with WDAC policy.
-1. You can protect the entire WDAC enforcement mechanism with memory integrity. Even if a vulnerability exists in kernel mode code, memory integrity greatly reduces the likelihood that an attacker could successfully exploit it. Without memory integrity, an attacker who compromises the kernel could normally disable most system defenses, including application control policies enforced by WDAC or any other application control solution.
-
-There are no direct dependencies between WDAC and memory integrity. You can deploy them individually or together and there's no order in which they must be deployed.
-
-Memory integrity relies on Windows Virtualization-based security, and has hardware, firmware, and kernel driver compatibility requirements that some older systems can't meet.
-
-WDAC has no specific hardware or software requirements.
-
-## Related articles
-
-- [Windows Defender Application Control](windows-defender-application-control/wdac.md)
-- [Memory integrity](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md)
-- [Driver compatibility with memory integrity](https://techcommunity.microsoft.com/t5/windows-hardware-certification/driver-compatibility-with-device-guard-in-windows-10/ba-p/364865)
diff --git a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md
new file mode 100644
index 0000000000..ce8d6225a0
--- /dev/null
+++ b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md
@@ -0,0 +1,43 @@
+---
+title: App Control for Business and virtualization-based code integrity
+description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with App Control for Business.
+ms.localizationpriority: medium
+author: vinaypamnani-msft
+ms.author: vinpa
+manager: aaroncz
+ms.date: 09/11/2024
+ms.topic: conceptual
+appliesto:
+- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>
+- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>
+- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2022</a>
+- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>
+- ✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>
+---
+
+# App Control and virtualization-based protection of code integrity
+
+Windows includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they behave more like kiosk devices. In this configuration, [**App Control for Business**](app-control-for-business/appcontrol.md) is used to restrict devices to run only approved apps, while the OS is hardened against kernel memory attacks using [**memory integrity**](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md).
+
+> [!NOTE]
+> Memory integrity is sometimes referred to as **hypervisor-protected code integrity (HVCI)** or **hypervisor enforced code integrity**, and was originally released as part of **Device Guard**. Device Guard is no longer used except to locate memory integrity and VBS settings in Group Policy or the Windows registry.
+
+App Control policies and memory integrity are powerful protections that can be used separately. However, when these two technologies are configured to work together, they present a strong protection capability for Windows devices. Using App Control to restrict devices to only authorized apps has these advantages over other solutions:
+
+1. The Windows kernel handles enforcement of App Control policy and requires no other services or agents.
+1. The App Control policy takes effect early in the boot sequence before nearly all other OS code and before traditional antivirus solutions run.
+1. App Control lets you set application control policy for any code that runs on Windows, including kernel mode drivers and even code that runs as part of Windows.
+1. Customers can protect the App Control policy even from local administrator tampering by digitally signing the policy. Changing signed policy requires both administrative privilege and access to the organization's digital signing process. Using signed policies makes it difficult for an attacker, including one who manages to gain administrative privilege, to tamper with App Control policy.
+1. You can protect the entire App Control enforcement mechanism with memory integrity. Even if a vulnerability exists in kernel mode code, memory integrity greatly reduces the likelihood that an attacker could successfully exploit it. Without memory integrity, an attacker who compromises the kernel could normally disable most system defenses, including application control policies enforced by App Control or any other application control solution.
+
+There are no direct dependencies between App Control and memory integrity. You can deploy them individually or together and there's no order in which they must be deployed.
+
+Memory integrity relies on Windows Virtualization-based security, and has hardware, firmware, and kernel driver compatibility requirements that some older systems can't meet.
+
+App Control has no specific hardware or software requirements.
+
+## Related articles
+
+- [App Control for Business](app-control-for-business/appcontrol.md)
+- [Memory integrity](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md)
+- [Driver compatibility with memory integrity](https://techcommunity.microsoft.com/t5/windows-hardware-certification/driver-compatibility-with-device-guard-in-windows-10/ba-p/364865)
diff --git a/windows/security/application-security/application-control/toc.yml b/windows/security/application-security/application-control/toc.yml
index f8b2ebf7a8..3a7a1fa706 100644
--- a/windows/security/application-security/application-control/toc.yml
+++ b/windows/security/application-security/application-control/toc.yml
@@ -1,10 +1,10 @@
 items:
 - name: Smart App Control
-  href: windows-defender-application-control/wdac.md
-- name: Windows Defender Application Control
-  href: windows-defender-application-control/wdac.md
-- name: Windows Defender Application Control and virtualization-based protection of code integrity
-  href: introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
+  href: app-control-for-business/appcontrol.md
+- name: App Control for Business
+  href: app-control-for-business/appcontrol.md
+- name: App Control for Business and virtualization-based protection of code integrity
+  href: introduction-to-virtualization-based-security-and-appcontrol.md
 - name: User Account Control (UAC)
   items:
   - name: Overview
@@ -14,5 +14,4 @@ items:
   - name: UAC settings and configuration
     href: user-account-control/settings-and-configuration.md
 - name: Microsoft Vulnerable Driver Blocklist
-  href: windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md
-  
+  href: app-control-for-business/design/microsoft-recommended-driver-block-rules.md
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md
deleted file mode 100644
index 4b7e1e6b2f..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md
+++ /dev/null
@@ -1,104 +0,0 @@
----
-title: Create your Windows Defender Application Control AppId Tagging Policies
-description: Create your Windows Defender Application Control AppId tagging policies for Windows devices.
-ms.localizationpriority: medium
-ms.date: 04/29/2022
-ms.topic: conceptual
----
-
-# Creating your WDAC AppId Tagging Policies
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-## Create the policy using the WDAC Wizard
-
-You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md).
-
-1. Create a new base policy using the templates:
-
-	Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/wdac-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules.
-
-	![Configuring the policy base and template.](../images/appid-wdac-wizard-1.png)
-
-	> [!NOTE]
-	> If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates.
-	For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies).
-
-2. 	Set the following rule-options using the Wizard toggles:
-
-	![Configuring the policy rule-options.](../images/appid-wdac-wizard-2.png)
-
-3. Create custom rules:
-
-	Selecting the `+ Custom Rules` button opens the Custom Rules panel. The Wizard supports five types of file rules:
-
-	- Publisher rules: Create a rule based off the signing certificate hierarchy. Additionally, the original filename and version can be combined with the signing certificate for added security.
-	- Path rules: Create a rule based off the path to a file or a parent folder path. Path rules support wildcards.
-	- File attribute rules: Create a rule based off a file's immutable properties like the original filename, file description, product name or internal name.
-	- Package app name rules: Create a rule based off the package family name of an appx/msix.
-	- Hash rules: Create a rule based off the PE Authenticode hash of a file.
-
-	For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/wdac-wizard-create-base-policy.md#creating-custom-file-rules).
-
-4. Convert to AppId Tagging Policy:
-
-	After the Wizard builds the policy file, open the file in a text editor and remove the entire "Value=131" SigningScenario text block. The only remaining signing scenario should be "Value=12" which is the user mode application section. Next, open PowerShell in an elevated prompt and run the following command. Replace the AppIdTagging Key-Value pair for your scenario:
-
-	```powershell
-	Set-CIPolicyIdInfo -ResetPolicyID -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue"
-	```
-	The policyID GUID is returned by the PowerShell command if successful.
-
-## Create the policy using PowerShell
-
-Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md). In an elevate PowerShell instance:
-
-1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [WDAC File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-windows-defender-application-control-policy---file-rule-levels) can be used in AppId rules:
-
-	```powershell
-	$rule = New-CiPolicyRule -Level SignedVersion -DriverFilePath <path_to_application>
-	```
-2. Create the AppId Tagging Policy. Replace the AppIdTagging Key-Value pair for your scenario:
-
-	```powershell
-	New-CIPolicy -rules $rule -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue"
-	```
-3. Set the rule-options for the policy:
-
-	```powershell
-	Set-RuleOption -Option 0 .\AppIdPolicy.xml  # Usermode Code Integrity (UMCI)
-	Set-RuleOption -Option 16 .\AppIdPolicy.xml # Refresh Policy no Reboot
-	Set-RuleOption -Option 18 .\AppIdPolicy.xml # (Optional) Disable FilePath Rule Protection
-	```
-
-	If you're using filepath rules, you may want to set option 18. Otherwise, there's no need.
-
-4. Set the name and ID on the policy, which is helpful for future debugging:
-
-	```powershell
-	Set-CIPolicyIdInfo -ResetPolicyId -PolicyName "MyPolicyName" -PolicyId "MyPolicyId" -AppIdTaggingPolicy -FilePath ".\AppIdPolicy.xml"
-	```
-	The policyID GUID is returned by the PowerShell command if successful.
-
-## Deploy for Local Testing
-
-After creating your AppId Tagging policy in the above steps, you can deploy the policy to your local machine for testing before broadly deploying the policy to your endpoints:
-
-1. Depending on your deployment method, convert the xml to binary:
-
-	```powershell
-	Convertfrom-CIPolicy .\policy.xml ".\{PolicyIDGUID}.cip"
-	```
-
-2. Optionally, deploy it for local testing:
-
-	```powershell
-		copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\
-		./RefreshPolicy.exe
-	```
-
-	RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925).
-
-## Next Steps
-For more information on debugging and broad deployment of the AppId Tagging policy, see [Debugging AppId policies](debugging-operational-guide-appid-tagging-policies.md) and [Deploying AppId policies](deploy-appid-tagging-policies.md).
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md
deleted file mode 100644
index fa463a999a..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md
+++ /dev/null
@@ -1,61 +0,0 @@
----
-title: Use audit events to create WDAC policy rules
-description: Audits allow admins to discover apps, binaries, and scripts that should be added to the WDAC policy.
-ms.localizationpriority: medium
-ms.date: 05/03/2018
-ms.topic: conceptual
----
-
-# Use audit events to create WDAC policy rules
-
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
-
-Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your WDAC policy but should be included.
-
-While a WDAC policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new WDAC policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed.
-
-## Overview of the process to create WDAC policy to allow apps using audit events
-
-> [!Note]
-> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](wdac-deployment-guide.md).
-
-To familiarize yourself with creating WDAC rules from audit events, follow these steps on a device with a WDAC audit mode policy.
-
-1. Install and run an application not allowed by the WDAC policy but that you want to allow.
-
-2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](../operations/event-id-explanations.md).
-
-   **Figure 1. Exceptions to the deployed WDAC policy**
-   ![Event showing exception to WDAC policy.](../images/dg-fig23-exceptionstocode.png)
-
-3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](../design/create-wdac-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**.
-
-   ```powershell
-   $PolicyName= "Lamna_FullyManagedClients_Audit"
-   $LamnaPolicy=$env:userprofile+"\Desktop\"+$PolicyName+".xml"
-   $EventsPolicy=$env:userprofile+"\Desktop\EventsPolicy.xml"
-   $EventsPolicyWarnings=$env:userprofile+"\Desktop\EventsPolicyWarnings.txt"
-   ```
-
-4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new WDAC policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**.
-
-   ```powershell
-   New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash -UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
-   ```
-
-   > [!NOTE]
-   > When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of  **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about WDAC rule levels, see [Understand WDAC policy rules and file rules](../design/select-types-of-rules-to-create.md).
-
-5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](../design/wdac-wizard-editing-policy.md)).
-
-6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that WDAC couldn't create a rule for at either the specified rule level or fallback rule level.
-
-   > [!NOTE]
-   > New-CIPolicy only creates rules for files that can still be found on disk. Files which are no longer present on the system will not have a rule created to allow them. However, the event log should have sufficient information to allow these files by manually editing the policy XML to add rules. You can use an existing rule as a template and verify your results against the WDAC policy schema definition found at **%windir%\schemas\CodeIntegrity\cipolicy.xsd**.
-
-7. Merge **EventsPolicy.xml** with the Base policy **Lamna_FullyManagedClients_Audit.xml** or convert it to a supplemental policy.
-
-    For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-wdac-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](../design/deploy-multiple-wdac-policies.md).
-
-8. Convert the Base or Supplemental policy to binary and deploy using your preferred method.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md
deleted file mode 100644
index 78a686dada..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-title: Deploy WDAC policies via Group Policy
-description: Windows Defender Application Control (WDAC) policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide.
-ms.localizationpriority: medium
-ms.date: 01/23/2023
-ms.topic: how-to
----
-
-# Deploy Windows Defender Application Control policies by using Group Policy
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-> [!IMPORTANT]
-> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Group Policy, deploy new signed WDAC Base policies [via script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script#deploying-signed-policies) and activate the policy with a system restart.
->
-> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
-
-Single-policy format Windows Defender Application Control policies (pre-1903 policy schema) can be easily deployed and managed with Group Policy.
-
-> [!IMPORTANT]
-> Group Policy-based deployment of Windows Defender Application Control policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for policy deployment.
-
-You should now have a WDAC policy converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
-
-The following procedure walks you through how to deploy a WDAC policy called **SiPolicy.p7b** to a test OU called *WDAC Enabled PCs* by using a GPO called **Contoso GPO Test**.
-
-To deploy and manage a Windows Defender Application Control policy with Group Policy:
-
-1. On a client computer on which RSAT is installed, open the GPMC by running **GPMC.MSC**
-
-2. Create a new GPO: right-click an OU and then select **Create a GPO in this domain, and Link it here**.
-
-   > [!NOTE]
-   > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies (or keeping them separate), as discussed in [Plan for Windows Defender Application Control lifecycle policy management](../design/plan-wdac-management.md).
-
-   ![Group Policy Management, create a GPO.](../images/dg-fig24-creategpo.png)
-
-3. Name the new GPO. You can choose any name.
-
-4. Open the Group Policy Management Editor: right-click the new GPO, and then select **Edit**.
-
-5. In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy Windows Defender Application Control** and then select **Edit**.
-
-    ![Edit the Group Policy for Windows Defender Application Control.](../images/wdac-edit-gp.png)
-
-6. In the **Deploy Windows Defender Application Control** dialog box, select the **Enabled** option, and then specify the WDAC policy deployment path.
-
-    In this policy setting, you specify either the local path where the policy will exist on each client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. For example, the path to SiPolicy.p7b using the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide) would be %USERPROFILE%\Desktop\SiPolicy.p7b.
-
-    > [!NOTE]
-    > This policy file does not need to be copied to every computer. You can instead copy the WDAC policies to a file share to which all computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers.
-
-    ![Group Policy called Deploy Windows Defender Application Control.](../images/dg-fig26-enablecode.png)
-
-    > [!NOTE]
-    > You may have noticed that the GPO setting references a .p7b file, but the file extension and name of the policy binary do not matter. Regardless of what you name your policy binary, they are all converted to SIPolicy.p7b when applied to the client computers running Windows 10. If you are deploying different WDAC policies to different sets of devices, you may want to give each of your WDAC policies a friendly name and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository.
-
-7. Close the Group Policy Management Editor, and then restart the Windows test computer. Restarting the computer updates the WDAC policy.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md
deleted file mode 100644
index c7086b6b5e..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md
+++ /dev/null
@@ -1,90 +0,0 @@
----
-title: Deploy WDAC policies using Mobile Device Management (MDM)
-description: You can use an MDM like Microsoft Intune to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
-ms.localizationpriority: medium
-ms.date: 08/30/2023
-ms.topic: how-to
----
-
-# Deploy WDAC policies using Mobile Device Management (MDM)
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure Windows Defender Application Control (WDAC) on client machines. Intune includes native support for WDAC, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for WDAC policy deployment steps.
-
-> [!IMPORTANT]
-> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed WDAC Base policies [via script](deploy-wdac-policies-with-script.md) and activate the policy with a system restart.
->
-> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
-
-## Use Intune's built-in policies
-
-Intune's built-in Windows Defender Application Control support allows you to configure Windows client computers to only run:
-
-- Windows components
-- Third-party hardware and software kernel drivers
-- Microsoft Store-signed apps
-- [Optional] Reputable apps as defined by the Intelligent Security Graph (ISG)
-
-> [!NOTE]
-> Intune's built-in policies use the pre-1903 single-policy format version of the DefaultWindows policy. Use the [improved Intune WDAC experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to create and deploy multiple-policy format files. Or, you can use Intune's custom OMA-URI feature to deploy your own multiple-policy format WDAC policies and leverage features available on Windows 10 1903+ or Windows 11 as described later in this topic.
-
-> [!NOTE]
-> Intune currently uses the AppLocker CSP to deploy its built-in policies. The AppLocker CSP always requests a device restart when it applies WDAC policies. Use the [improved Intune WDAC experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to deploy your own WDAC policies without a restart. Or, you can use Intune's custom OMA-URI feature with the ApplicationControl CSP.
-
-To use Intune's built-in WDAC policies, configure [Endpoint Protection for Windows 10 (and later)](/mem/intune/protect/endpoint-protection-windows-10?toc=/intune/configuration/toc.json&bc=/intune/configuration/breadcrumb/toc.json).
-
-## Deploy WDAC policies with custom OMA-URI
-
-> [!NOTE]
-> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create Windows Defender Application Control policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-wdac-policies.md) which allow more granular policy.
-
-You should now have one or more WDAC policies converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
-
-### Deploy custom WDAC policies on Windows 10 1903+
-
-Beginning with Windows 10 1903, custom OMA-URI policy deployment can use the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies.
-
-> [!NOTE]
-> You must convert your custom policy XML to binary form before deploying with OMA-URI.
-
-The steps to use Intune's custom OMA-URI functionality are:
-
-1. Open the Microsoft Intune portal and [create a profile with custom settings](/mem/intune/configuration/custom-settings-windows-10).
-
-2. Specify a **Name** and **Description** and use the following values for the remaining custom OMA-URI settings:
-    - **OMA-URI**: `./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy`
-    - **Data type**: Base64 (file)
-    - **Certificate file**: Upload your binary format policy file. To do this, change your {GUID}.cip file to {GUID}.bin. You don't need to upload a Base64 file, as Intune converts the uploaded .bin file to Base64 on your behalf.
-
-    :::image type="content" alt-text="Configure custom WDAC." source="../images/wdac-intune-custom-oma-uri.png" lightbox="../images/wdac-intune-custom-oma-uri.png":::
-
-> [!NOTE]
-> For the _Policy GUID_ value, do not include the curly brackets.
-
-### Remove WDAC policies on Windows 10 1903+
-
-Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to disable Windows Defender Application Control enforcement, first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example  policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, you can then delete the policy from the Intune portal. This deletion will prevent anything from being blocked and fully remove the WDAC policy on the next reboot.
-
-### For pre-1903 systems
-
-#### Deploying policies
-
-The steps to use Intune's Custom OMA-URI functionality to apply the [AppLocker CSP](/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy to pre-1903 systems are:
-
-1. Convert the policy XML to binary format using the [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-
-2. Open the Microsoft Intune portal and [create a profile with custom settings](/mem/intune/configuration/custom-settings-windows-10).
-
-3. Specify a **Name** and **Description** and use the following values for the remaining custom OMA-URI settings:
-    - **OMA-URI**: `./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/_Grouping_/CodeIntegrity/Policy`
-    - **Data type**: Base64 (file)
-    - **Certificate file**: upload your binary format policy file
-
-   > [!NOTE]
-   > Deploying policies via the AppLocker CSP will force a reboot during OOBE.
-
-#### Removing policies
-
-Policies deployed through Intune via the AppLocker CSP can't be deleted through the Intune console. In order to disable Windows Defender Application Control policy enforcement, either deploy an audit-mode policy or use a script to delete the existing policy.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md
deleted file mode 100644
index d4135733c2..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md
+++ /dev/null
@@ -1,82 +0,0 @@
----
-title: Deploy Windows Defender Application Control policies with Configuration Manager
-description: You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide.
-ms.date: 06/27/2022
-ms.topic: how-to
-ms.localizationpriority: medium
----
-
-# Deploy WDAC policies by using Microsoft Configuration Manager
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
-
-You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC) on client machines.
-
-## Use Configuration Manager's built-in policies
-
-Configuration Manager includes native support for WDAC, which allows you to configure Windows 10 and Windows 11 client computers with a policy that will only allow:
-
-- Windows components
-- Microsoft Store apps
-- Apps installed by Configuration Manager (Configuration Manager self-configured as a managed installer)
-- (Optional) Reputable apps as defined by the Intelligent Security Graph (ISG)
-- (Optional) Apps and executables already installed in admin-definable folder locations that Configuration Manager will allow through a one-time scan during policy creation on managed endpoints.
-
-Configuration Manager doesn't remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable Windows Defender Application Control (WDAC) altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot.
-
-### Create a WDAC Policy in Configuration Manager
-
-1. Select **Asset and Compliance** > **Endpoint Protection** > **Windows Defender Application Control** > **Create Application Control Policy**
-
-    ![Create a WDAC policy in Configuration Manager.](../images/memcm/memcm-create-wdac-policy.jpg)
-
-2. Enter the name of the policy > **Next**
-3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes**
-4. Select the mode that you want the policy to run (Enforcement enabled / Audit Only)
-5. Select **Next**
-
-    ![Create an enforced WDAC policy in Configuration Manager.](../images/memcm/memcm-create-wdac-policy-2.jpg)
-
-6. Select **Add** to begin creating rules for trusted software
-
-    ![Create a WDAC path rule in Configuration Manager.](../images/memcm/memcm-create-wdac-rule.jpg)
-
-7. Select **File** or **Folder** to create a path rule > **Browse**
-
-    ![Select a file or folder to create a path rule.](../images/memcm/memcm-create-wdac-rule-2.jpg)
-
-8. Select the executable or folder for your path rule > **OK**
-
-    ![Select the executable file or folder.](../images/memcm/memcm-create-wdac-rule-3.jpg)
-
-9. Select **OK** to add the rule to the table of trusted files or folder
-10. Select **Next** to navigate to the summary page > **Close**
-
-    ![Confirm the WDAC path rule in Configuration Manager.](../images/memcm/memcm-confirm-wdac-rule.jpg)
-
-### Deploy the WDAC policy in Configuration Manager
-
-1. Right-click the newly created policy > **Deploy Application Control Policy**
-
-    ![Deploy WDAC via Configuration Manager.](../images/memcm/memcm-deploy-wdac.jpg)
-
-2. Select **Browse**
-
-    ![Select Browse.](../images/memcm/memcm-deploy-wdac-2.jpg)
-
-3. Select the Device Collection you created earlier > **OK**
-
-    ![Select the device collection.](../images/memcm/memcm-deploy-wdac-3.jpg)
-
-4. Change the schedule > **OK**
-
-    ![Change the WDAC deployment schedule.](../images/memcm/memcm-deploy-wdac-4.jpg)
-
-For more information on using Configuration Manager's native WDAC policies, see [Windows Defender Application Control management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager).
-
-Download the entire [WDAC in Configuration Manager lab paper](https://download.microsoft.com/download/c/f/d/cfd6227c-8ec4-442d-8c50-825550d412f6/WDAC-Deploy-WDAC-using-MEMCM.pdf).
-
-## Deploy custom WDAC policies using Packages/Programs or Task Sequences
-
-Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom WDAC policies using [script-based deployment](deploy-wdac-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
deleted file mode 100644
index 6910b03b04..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
+++ /dev/null
@@ -1,105 +0,0 @@
----
-title: Deploy Windows Defender Application Control (WDAC) policies using script
-description: Use scripts to deploy Windows Defender Application Control (WDAC) policies. Learn how with this step-by-step guide.
-ms.manager: jsuther
-ms.date: 01/23/2023
-ms.topic: how-to
-ms.localizationpriority: medium
----
-
-# Deploy WDAC policies using script
-
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
-
-This article describes how to deploy Windows Defender Application Control (WDAC) policies using script. The following instructions use PowerShell but can work with any scripting host.
-
-You should now have one or more WDAC policies converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide).
-
-> [!IMPORTANT]
-> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Skip all steps below that use CiTool, RefreshPolicy.exe, or WMI to initiate a policy activation. Instead, copy the policy binary to the correct system32 and EFI locations and then activate the policy with a system restart.
->
-> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
-
-## Deploying policies for Windows 11 22H2 and above
-
-You can use the inbox [CiTool](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands) to apply policies on Windows 11 22H2 with the following commands. Be sure to replace **&lt;Path to policy binary file to deploy&gt;** in the following example with the actual path to your WDAC policy binary file.
-
-```powershell
-# Policy binary files should be named as {GUID}.cip for multiple policy format files (where {GUID} = <PolicyId> from the Policy XML)
-$PolicyBinary = "<Path to policy binary file to deploy>"
-CiTool --update-policy $PolicyBinary [-json]
-```
-
-## Deploying policies for Windows 11, Windows 10 version 1903 and above, and Windows Server 2022 and above
-
-To use this procedure, download and distribute the [WDAC policy refresh tool](https://aka.ms/refreshpolicy) to all managed endpoints. Ensure your WDAC policies allow the WDAC policy refresh tool or use a managed installer to distribute the tool.
-
-1. Initialize the variables to be used by the script.
-
-    ```powershell
-    # Policy binary files should be named as {GUID}.cip for multiple policy format files (where {GUID} = <PolicyId> from the Policy XML)
-    $PolicyBinary = "<Path to policy binary file to deploy>"
-    $DestinationFolder = $env:windir+"\System32\CodeIntegrity\CIPolicies\Active\"
-    $RefreshPolicyTool = "<Path where RefreshPolicy.exe can be found from managed endpoints>"
-    ```
-
-2. Copy Windows Defender Application Control (WDAC) policy binary to the destination folder.
-
-   ```powershell
-   Copy-Item -Path $PolicyBinary -Destination $DestinationFolder -Force
-   ```
-
-3. Repeat steps 1-2 as appropriate to deploy more WDAC policies.
-4. Run RefreshPolicy.exe to activate and refresh all WDAC policies on the managed endpoint.
-
-   ```powershell
-   & $RefreshPolicyTool
-   ```
-
-## Deploying policies for all other versions of Windows and Windows Server
-
-Use WMI to apply policies on all other versions of Windows and Windows Server.
-
-1. Initialize the variables to be used by the script.
-
-    ```powershell
-    # Policy binary files should be named as SiPolicy.p7b for Windows 10 versions earlier than 1903
-    $PolicyBinary = "<Path to policy binary file to deploy>"
-    $DestinationBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b"
-    ```
-
-2. Copy Windows Defender Application Control (WDAC) policy binary to the destination.
-
-   ```powershell
-   Copy-Item  -Path $PolicyBinary -Destination $DestinationBinary -Force
-   ```
-
-3. Refresh and activate WDAC policy using WMI
-
-   ```powershell
-   Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = $DestinationBinary}
-   ```
-
-## Deploying signed policies
-
-If you're using [signed WDAC policies](/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering), the policies must be deployed into your device's EFI partition in addition to the locations outlined in the earlier sections. Unsigned WDAC policies don't need to be present in the EFI partition. <!-- Deploying your policy via [Microsoft Intune](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) or the Application Control CSP will handle this step automatically. -->
-
-1. Mount the EFI volume and make the directory, if it doesn't exist, in an elevated PowerShell prompt:
-
-    ```powershell
-   $MountPoint = 'C:\EFIMount'
-   $EFIDestinationFolder = "$MountPoint\EFI\Microsoft\Boot\CiPolicies\Active"
-   $EFIPartition = (Get-Partition | Where-Object IsSystem).AccessPaths[0]
-   if (-Not (Test-Path $MountPoint)) { New-Item -Path $MountPoint -Type Directory -Force }
-   mountvol $MountPoint $EFIPartition
-   if (-Not (Test-Path $EFIDestinationFolder)) { New-Item -Path $EFIDestinationFolder -Type Directory -Force }
-    ```
-
-2. Copy the signed policy to the created folder:
-
-    ```powershell
-   Copy-Item -Path $PolicyBinary -Destination $EFIDestinationFolder -Force
-    ```
-
-3. Restart the system.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md b/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md
deleted file mode 100644
index 46d07c19a7..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: Deploying Windows Defender Application Control (WDAC) policies
-description: Learn how to plan and implement a WDAC deployment.
-ms.localizationpriority: medium
-ms.date: 01/23/2023
-ms.topic: overview
----
-
-# Deploying Windows Defender Application Control (WDAC) policies
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-You should now have one or more Windows Defender Application Control (WDAC) policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](../design/wdac-design-guide.md), do so now before proceeding.
-
-## Convert your WDAC policy XML to binary
-
-Before you deploy your WDAC policies, you must first convert the XML to its binary form. You can do this using the following PowerShell example. You must set the $WDACPolicyXMLFile variable to point to your WDAC policy XML file.
-
-   ```powershell
-    ## Update the path to your WDAC policy XML
-    $WDACPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyWDACPolicy.xml"
-    [xml]$WDACPolicy = Get-Content -Path $WDACPolicyXMLFile
-    if (($WDACPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022)
-    {
-        $PolicyID = $WDACPolicy.SiPolicy.PolicyID
-        $PolicyBinary = $PolicyID+".cip"
-    }
-    else ## Single policy format (Windows Server 2016 and 2019, and Windows 10 1809 LTSC)
-    {
-        $PolicyBinary = "SiPolicy.p7b"
-    }
-
-    ## Binary file will be written to your desktop
-    ConvertFrom-CIPolicy -XmlFilePath $WDACPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary
-   ```
-
-## Plan your deployment
-
-As with any significant change to your environment, implementing application control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with WDAC and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next.
-
-All Windows Defender Application Control policy changes should be deployed in audit mode before proceeding to enforcement. Carefully monitor events from devices where the policy has been deployed to ensure the block events you observe match your expectation before broadening the deployment to other deployment rings. If your organization uses Microsoft Defender for Endpoint, you can use the Advanced Hunting feature to centrally monitor WDAC-related events. Otherwise, we recommend using an event log forwarding solution to collect relevant events from your managed endpoints.
-
-## Choose how to deploy WDAC policies
-
-> [!IMPORTANT]
-> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-wdac-policies-with-script.md) in this case.
->
-> This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity.
-
-There are several options to deploy Windows Defender Application Control policies to managed endpoints, including:
-
-- [Deploy using a Mobile Device Management (MDM) solution](deploy-wdac-policies-using-intune.md), such as Microsoft Intune
-- [Deploy using Microsoft Configuration Manager](deploy-wdac-policies-with-memcm.md)
-- [Deploy via script](deploy-wdac-policies-with-script.md)
-- [Deploy via group policy](deploy-wdac-policies-using-group-policy.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md b/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md
deleted file mode 100644
index 7f203efaf7..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Policy creation for common WDAC usage scenarios
-description: Develop a plan for deploying Windows Defender Application Control (WDAC) in your organization based on these common scenarios.
-ms.localizationpriority: medium
-ms.date: 04/05/2023
-ms.topic: conceptual
----
-
-# Windows Defender Application Control deployment in different scenarios: types of devices
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-Typically, deployment of Windows Defender Application Control (WDAC) happens best in phases, rather than being a feature that you simply "turn on." The choice and sequence of phases depends on the way various computers and other devices are used in your organization, and to what degree IT manages those devices. The following table can help you begin to develop a plan for deploying WDAC in your organization. It's common for organizations to have device use cases across each of the categories described.
-
-## Types of devices
-
-|  Type of device                 | How WDAC relates to this type of device  |
-|------------------------------------|------------------------------------------------------|
-| **Lightly managed devices**: Company-owned, but users are free to install software.<br>Devices are required to run organization's antivirus solution and client management tools. | Windows Defender Application Control can be used to help protect the kernel, and to monitor (audit) for problem applications rather than limiting the applications that can be run. |
-| **Fully managed devices**: Allowed software is restricted by IT department.<br>Users can request for more software, or install from a list of applications provided by IT department.<br>Examples: locked-down, company-owned desktops and laptops. | An initial baseline Windows Defender Application Control policy can be established and enforced. Whenever the IT department approves more applications, it updates the WDAC policy and (for unsigned LOB applications) the catalog. |
-| **Fixed-workload devices**: Perform same tasks every day.<br>Lists of approved applications rarely change.<br>Examples: kiosks, point-of-sale systems, call center computers. | Windows Defender Application Control can be deployed fully, and deployment and ongoing administration are relatively straightforward.<br>After Windows Defender Application Control deployment, only approved applications can run. This rule is because of protections offered by WDAC. |
-| **Bring Your Own Device**: Employees are allowed to bring their own devices, and also use those devices away from work. | In most cases, Windows Defender Application Control doesn't apply. Instead, you can explore other hardening and security features with MDM-based conditional access solutions, such as Microsoft Intune. However, you may choose to deploy an audit-mode policy to these devices or employ a blocklist only policy to prevent specific apps or binaries that are considered malicious or vulnerable by your organization. |
-
-## An introduction to Lamna Healthcare Company
-
-In the next set of articles, we'll explore each of the above scenarios using a fictional organization called Lamna Healthcare Company.
-
-Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the United States. Lamna employs thousands of people, from doctors and nurses to accountants, in-house lawyers, and IT technicians. Their device use cases are varied and include single-user workstations for their professional staff, shared kiosks used by doctors and nurses to access patient records, dedicated medical devices such as MRI scanners, and many others. Additionally, Lamna has a relaxed, bring-your-own-device policy for many of their professional staff.
-
-Lamna uses [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) in hybrid mode with both Configuration Manager and Intune. Although they use Microsoft Intune to deploy many applications, Lamna has always had relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) for better endpoint detection and response.
-
-Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized many new security IT responses, including tightening policies for application use and introducing application control.
-
-## Up next
-
-- [Create a Windows Defender Application Control policy for lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md
deleted file mode 100644
index 76720b9535..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md
+++ /dev/null
@@ -1,149 +0,0 @@
----
-title: Create a WDAC policy for fully managed devices
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in system core.
-ms.topic: conceptual
-ms.localizationpriority: medium
-ms.date: 11/07/2022
----
-
-# Create a WDAC policy for fully managed devices
-
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Intune. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access.
-
-> [!NOTE]
-> Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
-
-As described in [common Windows Defender Application Control deployment scenarios](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices.
-
-**Alice Pena** is the IT team lead tasked with the rollout of WDAC.
-
-Alice previously created a policy for the organization's lightly managed devices. Some devices, however, are more tightly managed and can benefit from a more constrained policy. In particular, certain job functions such as administrative staff and firstline workers aren't granted administrator level access to their devices. Similarly, shared kiosks are configured only with a managed set of apps and all users of the device except IT run as standard user. On these devices, all apps are deployed and installed by IT.
-
-## Define the "circle-of-trust" for fully managed devices
-
-Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed devices:
-
-- All clients are running Windows 10 version 1903 or above or Windows 11;
-- All clients are managed by Configuration Manager or with Intune;
-- Most, but not all, apps are deployed using Configuration Manager;
-- Sometimes, IT staff install apps directly to these devices without using Configuration Manager;
-- All users except IT are standard users on these devices.
-
-Alice's team develops a simple console application, called *LamnaITInstaller.exe*, which will become the authorized way for IT staff to install apps directly to devices. *LamnaITInstaller.exe* allows the IT pro to launch another process, such as an app installer. Alice will configure *LamnaITInstaller.exe* as an extra managed installer for WDAC and allows her to remove the need for filepath rules.
-
-Based on the above, Alice defines the pseudo-rules for the policy:
-
-1. **"Windows works"** rules that authorize:
-   - Windows
-   - WHQL (third-party kernel drivers)
-   - Windows Store signed apps
-
-2. **"ConfigMgr works"** rules that include signer and hash rules for Configuration Manager components to properly function.
-3. **Allow Managed Installer** (Configuration Manager and *LamnaITInstaller.exe* configured as a managed installer)
-
-The critical differences between this set of pseudo-rules and those pseudo-rules defined for Lamna's [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md#define-the-circle-of-trust-for-lightly-managed-devices) are:
-
-- Removal of the Intelligent Security Graph (ISG) option; and
-- Removal of filepath rules.
-
-## Create a custom base policy using an example WDAC base policy
-
-Having defined the "circle-of-trust", Alice is ready to generate the initial policy for Lamna's fully managed devices and decides to use Configuration Manager to create the initial base policy and then customize it to meet Lamna's needs.
-
-Alice follows these steps to complete this task:
-
-> [!NOTE]
-> If you do not use Configuration Manager or prefer to use a different [example Windows Defender Application Control base policy](example-wdac-base-policies.md) for your own policy, skip to step 2 and substitute the Configuration Manager policy path with your preferred example base policy.
-
-1. [Use Configuration Manager to create and deploy an audit policy](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) to a client device running Windows 10 version 1903 or above, or Windows 11.
-
-2. On the client device, run the following commands in an elevated Windows PowerShell session to initialize variables:
-
-      ```powershell
-      $PolicyPath=$env:userprofile+"\Desktop\"
-      $PolicyName= "Lamna_FullyManagedClients_Audit"
-      $LamnaPolicy=$PolicyPath+$PolicyName+".xml"
-      $ConfigMgrPolicy=$env:windir+"\CCM\DeviceGuard\MergedPolicy_Audit_ISG.xml"
-      ```
-
-3. Copy the policy created by Configuration Manager to the desktop:
-
-      ```powershell
-      cp $ConfigMgrPolicy $LamnaPolicy
-      ```
-
-4. Give the new policy a unique ID, descriptive name, and initial version number:
-
-      ```powershell
-      Set-CIPolicyIdInfo -FilePath $LamnaPolicy -PolicyName $PolicyName -ResetPolicyID
-      Set-CIPolicyVersion -FilePath $LamnaPolicy -Version "1.0.0.0"
-      ```
-
-5. Modify the copied policy to set policy rules:
-
-      ```powershell
-      Set-RuleOption -FilePath $LamnaPolicy -Option 3 # Audit Mode
-      Set-RuleOption -FilePath $LamnaPolicy -Option 6 # Unsigned Policy
-      Set-RuleOption -FilePath $LamnaPolicy -Option 9 # Advanced Boot Menu
-      Set-RuleOption -FilePath $LamnaPolicy -Option 12 # Enforce Store Apps
-      Set-RuleOption -FilePath $LamnaPolicy -Option 13 # Managed Installer
-      Set-RuleOption -FilePath $LamnaPolicy -Option 16 # No Reboot
-      Set-RuleOption -FilePath $LamnaPolicy -Option 17 # Allow Supplemental
-      Set-RuleOption -FilePath $LamnaPolicy -Option 19 # Dynamic Code Security
-      ```
-
-6. If appropriate, add more signer or file rules to further customize the policy for your organization.
-
-7. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the Windows Defender Application Control policy to a binary format:
-
-   ```powershell
-    [xml]$PolicyXML = Get-Content $LamnaPolicy
-    $LamnaPolicyBin = Join-Path $PolicyPath "$($PolicyXML.SiPolicy.PolicyID).cip"
-    ConvertFrom-CIPolicy $LamnaPolicy $LamnaPolicyBin
-   ```
-
-8. Upload your base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
-
-At this point, Alice now has an initial policy that is ready to deploy in audit mode to the managed clients within Lamna.
-
-## Security considerations of this fully managed policy
-
-Alice has defined a policy for Lamna's fully managed devices that makes some trade-offs between security and manageability for apps. Some of the trade-offs include:
-
-- **Users with administrative access**<br>
-    Although applying to fewer users, Lamna still allows some IT staff to sign in to its fully managed devices as administrator. This privilege allows these users (or malware running with the user's privileges) to modify or remove altogether the WDAC policy applied on the device. Additionally, administrators can configure any app they wish to operate as a managed installer that would allow them to gain persistent app authorization for whatever apps or binaries they wish.
-
-   Possible mitigations:
-  - Use signed WDAC policies and UEFI BIOS access protection to prevent tampering of WDAC policies.
-  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
-  - Use device attestation to detect the configuration state of WDAC at boot time and use that information to condition access to sensitive corporate resources.
-- **Unsigned policies**<br>
-    Unsigned policies can be replaced or removed without consequence by any process running as administrator. Unsigned base policies that also enable supplemental policies can have their "circle-of-trust" altered by any unsigned supplemental policy.
-
-   Existing mitigations applied:
-  - Limit who can elevate to administrator on the device.
-
-   Possible mitigations:
-  - Use signed WDAC policies and UEFI BIOS access protection to prevent tampering of WDAC policies.
-- **Managed installer**<br>
-    See [security considerations with managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md#security-considerations-with-managed-installer)
-
-   Existing mitigations applied:
-  - Limit who can elevate to administrator on the device.
-
-   Possible mitigations:
-  - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer.
-- **Supplemental policies**<br>
-    Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction.
-
-   Possible mitigations:
-  - Use signed WDAC policies that allow authorized signed supplemental policies only.
-  - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection.
-
-## Up next
-
-- [Create a Windows Defender Application Control policy for fixed-workload devices using a reference computer](create-wdac-policy-using-reference-computer.md)
-- [Prepare to deploy Windows Defender Application Control policies](../deployment/wdac-deployment-guide.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md b/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md
deleted file mode 100644
index 4b7a2f317b..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md
+++ /dev/null
@@ -1,125 +0,0 @@
----
-title: Create a WDAC policy using a reference computer
-description: To create a Windows Defender Application Control (WDAC) policy that allows all code installed on a reference computer within your organization, follow this guide.
-ms.localizationpriority: medium
-ms.date: 08/08/2022
-ms.topic: how-to
----
-
-# Create a WDAC policy using a reference computer
-
->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-This section outlines the process to create a Windows Defender Application Control (WDAC) policy **using a reference computer** that is already configured with the software you want to allow. You can use this approach for fixed-workload devices that are dedicated to a specific functional purpose and share common configuration attributes with other devices servicing the same functional role. Examples of fixed-workload devices may include Active Directory Domain Controllers, Secure Admin Workstations, pharmaceutical drug-mixing equipment, manufacturing devices, cash registers, ATMs, etc. This approach can also be used to turn on WDAC on systems "in the wild" and you want to minimize the potential impact on users' productivity.
-
-> [!NOTE]
-> Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs.
-
-As described in [common Windows Defender Application Control deployment scenarios](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices.
-
-**Alice Pena** is the IT team lead tasked with the rollout of WDAC.
-
-## Create a custom base policy using a reference device
-
-Alice previously created a policy for the organization's fully managed end-user devices. She now wants to use WDAC to protect Lamna's critical infrastructure servers. Lamna's imaging practice for infrastructure systems is to establish a "golden" image as a reference for what an ideal system should look like, and then use that image to clone more company assets. Alice decides to use these same "golden" image systems to create the WDAC policies, which will result in separate custom base policies for each type of infrastructure server. As with imaging, she'll have to create policies from multiple golden computers based on model, department, application set, and so on.
-
-> [!NOTE]
-> Make sure the reference computer is virus and malware-free, and install any software you want to be scanned before creating the WDAC policy. <br><br> Each installed software application should be validated as trustworthy before you create a policy. <br><br> We recommend that you review the reference computer for software that can load arbitrary DLLs and run code or scripts that could render the PC more vulnerable. Examples include software aimed at development or scripting such as msbuild.exe (part of Visual Studio and the .NET Framework) which can be removed if you don't want to run scripts. You can remove or disable such software on the reference computer.
-
-Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's critical infrastructure servers:
-
-- All devices are running Windows Server 2019 or above;
-- All apps are centrally managed and deployed;
-- No interactive users.
-
-Based on the above, Alice defines the pseudo-rules for the policy:
-
-1. **"Windows works"** rules that authorize:
-   - Windows
-   - WHQL (third-party kernel drivers)
-   - Windows Store signed apps
-
-2. Rules for **scanned files** that authorize all pre-existing app binaries found on the device
-
-To create the WDAC policy, Alice runs each of the following commands in an elevated Windows PowerShell session, in order:
-
-1. Initialize variables.
-
-   ```powershell
-   $PolicyPath=$env:userprofile+"\Desktop\"
-   $PolicyName="FixedWorkloadPolicy_Audit"
-   $LamnaServerPolicy=$PolicyPath+$PolicyName+".xml"
-   $DefaultWindowsPolicy=$env:windir+"\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Audit.xml"
-   ```
-
-2. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to create a new WDAC policy by scanning the system for installed applications:
-
-   ```powershell
-   New-CIPolicy -FilePath $LamnaServerPolicy -Level SignedVersion -Fallback FilePublisher,FileName,Hash -ScanPath c:\ -UserPEs -MultiplePolicyFormat -OmitPaths c:\Windows,'C:\Program Files\WindowsApps\',c:\windows.old\,c:\users\ 3> CIPolicyLog.txt
-   ```
-
-   > [!Note]
-   >
-   > - You can add the **-Fallback** parameter to catch any applications not discovered using the primary file rule level specified by the **-Level** parameter. For more information about file rule level options, see [Windows Defender Application Control file rule levels](select-types-of-rules-to-create.md).
-   > - To specify that the WDAC policy scan only a specific drive, include the **-ScanPath** parameter followed by a path. Without this parameter, the tool will scan the C-drive by default.
-   > - When you specify the **-UserPEs** parameter (to include user mode executables in the scan), rule option **0 Enabled:UMCI** is automatically added to the WDAC policy. If you do not specify **-UserPEs**, the policy will be empty of user mode executables and will only have rules for kernel mode binaries like drivers. In other words, the allow list will not include applications. If you create such a policy and later add rule option **0 Enabled:UMCI**, all attempts to start applications will cause a response from Windows Defender Application Control. In audit mode, the response is logging an event, and in enforced mode, the response is blocking the application.
-   > - To create a policy for Windows 10 1903 and above, including support for supplemental policies, use **-MultiplePolicyFormat**.
-   > - To specify a list of paths to exclude from the scan, use the **-OmitPaths** option and supply a comma-delimited list of paths.
-   > - The preceding example includes `3> CIPolicylog.txt`, which redirects warning messages to a text file, **CIPolicylog.txt**.
-
-3. Merge the new policy with the WindowsDefault_Audit policy to ensure all Windows binaries and kernel drivers will load.
-
-      ```powershell
-      Merge-CIPolicy -OutputFilePath $LamnaServerPolicy -PolicyPaths $LamnaServerPolicy,$DefaultWindowsPolicy
-      ```
-
-4. Give the new policy a descriptive name, and initial version number:
-
-      ```powershell
-      Set-CIPolicyIdInfo -FilePath $LamnaServerPolicy -PolicyName $PolicyName
-      Set-CIPolicyVersion -FilePath $LamnaServerPolicy -Version "1.0.0.0"
-      ```
-
-5. Modify the merged policy to set policy rules:
-
-      ```powershell
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 3 # Audit Mode
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 6 # Unsigned Policy
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 9 # Advanced Boot Menu
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 12 # Enforce Store Apps
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 16 # No Reboot
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 17 # Allow Supplemental
-      Set-RuleOption -FilePath $LamnaServerPolicy -Option 19 # Dynamic Code Security
-      ```
-
-6. If appropriate, add more signer or file rules to further customize the policy for your organization.
-
-7. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the WDAC policy to a binary format:
-
-   ```powershell
-   [xml]$LamnaServerPolicyXML = Get-Content $LamnaServerPolicy
-   $PolicyId = $LamnaServerPolicyXML.SiPolicy.PolicyId
-   $LamnaServerPolicyBin = $PolicyPath+$PolicyId+".cip"
-   ConvertFrom-CIPolicy $LamnaServerPolicy $LamnaServerPolicyBin
-   ```
-
-8. Upload the base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration).
-
-Alice now has an initial policy for Lamna's critical infrastructure servers that is ready to deploy in audit mode.
-
-## Create a custom base policy to minimize user impact on in-use client devices
-
-Alice previously created a policy for the organization's fully managed devices. Alice has included the fully managed device policy as part of Lamna's device build process so all new devices now begin with WDAC enabled. She's preparing to deploy the policy to systems that are already in use, but is worried about causing disruption to users' productivity. To minimize that risk, Alice decides to take a different approach for those systems. She'll continue to deploy the fully managed device policy in audit mode to those devices, but for enforcement mode she'll merge the fully managed device policy rules with a policy created by scanning the device for all previously installed software. In this way, each device is treated as its own "golden" system.
-
-Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed in-use devices:
-
-- Everything described for Lamna's [Fully Managed Devices](create-wdac-policy-for-fully-managed-devices.md);
-- Users have installed apps that they need to continue to run.
-
-Based on the above, Alice defines the pseudo-rules for the policy:
-
-1. Everything included in the Fully Managed Devices policy
-2. Rules for **scanned files** that authorize all pre-existing app binaries found on the device
-
-For Lamna's existing, in-use devices, Alice deploys a script along with the Fully Managed Devices policy XML (not the converted WDAC policy binary). The script then generates a custom policy locally on the client as described in the previous section, but instead of merging with the DefaultWindows policy, the script merges with Lamna's Fully Managed Devices policy. Alice also modifies the steps above to match the requirements of this different use case.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md b/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md
deleted file mode 100644
index caebc2c6c3..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md
+++ /dev/null
@@ -1,89 +0,0 @@
----
-title: Plan for WDAC policy management
-description: Learn about the decisions you need to make to establish the processes for managing and maintaining Windows Defender Application Control policies.
-ms.localizationpriority: medium
-ms.date: 11/22/2023
-ms.topic: conceptual
----
-
-# Plan for Windows Defender Application Control lifecycle policy management
-
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-This article describes the decisions you need to make to establish the processes for managing and maintaining Windows Defender Application Control (WDAC) policies.
-
-## Policy XML lifecycle management
-
-The first step in implementing application control is to consider how your policies will be managed and maintained over time. Developing a process for managing Windows Defender Application Control policies helps ensure that WDAC continues to effectively control how applications are allowed to run in your organization.
-
-Most Windows Defender Application Control policies will evolve over time and proceed through a set of identifiable phases during their lifetime. Typically, these phases include:
-
-1. [Define (or refine) the "circle-of-trust"](understand-wdac-policy-design-decisions.md) for the policy and build an audit mode version of the policy XML. In audit mode, block events are generated but files aren't prevented from executing.
-2. [Deploy the audit mode policy](/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies) to intended devices.
-3. [Monitor audit block events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations) from the intended devices and add/edit/delete rules as needed to address unexpected/unwanted blocks.
-4. Repeat steps 2-3 until the remaining block events meet expectations.
-5. [Generate the enforced mode version](/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies) of the policy. In enforced mode, files that the policy doesn't allow are prevented from running and corresponding block events are generated.
-6. [Deploy the enforced mode policy](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide) to intended devices. We recommend using staged rollouts for enforced policies to detect and respond to issues before deploying the policy broadly.
-7. Repeat steps 1-6 anytime the desired "circle-of-trust" changes.
-
-![Recommended WDAC policy deployment process.](../images/policyflow.png)
-
-### Keep WDAC policies in a source control or document management solution
-
-To effectively manage Windows Defender Application Control policies, you should store and maintain your policy XML documents in a central repository that is accessible to everyone responsible for WDAC policy management. We recommend a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration), which provide version control and allow you to specify metadata about the XML documents.
-
-### Set PolicyName, PolicyID, and Version metadata for each policy
-
-Use the [Set-CIPolicyIDInfo](/powershell/module/configci/set-cipolicyidinfo) cmdlet to give each policy a descriptive name and set a unique policy ID. These unique attributes help you differentiate each policy when reviewing Windows Defender Application Control events or when viewing the policy XML document. Although you can specify a string value for PolicyId, for policies using the multiple policy format we recommend using the -ResetPolicyId switch to let the system autogenerate a unique ID for the policy.
-
-> [!NOTE]
-> PolicyID only applies to policies using the [multiple policy format](deploy-multiple-wdac-policies.md) on computers running Windows 10, version 1903 and above, or Windows 11. Running -ResetPolicyId on a policy created for pre-1903 computers will convert it to multiple policy format and prevent it from running on those earlier versions of Windows 10.
-> PolicyID should be set only once per policy and use different PolicyID's for the audit and enforced mode versions of each policy.
-
-In addition, we recommend using the [Set-CIPolicyVersion](/powershell/module/configci/set-cipolicyversion) cmdlet to increment the policy's internal version number when you make changes to the policy. The version must be defined as a standard four-part version string (for example, "1.0.0.0").
-
-### Policy rule updates
-
-You might need to revise your policy when new apps are deployed or existing apps are updated by the software publisher to ensure that apps run correctly. Whether policy rule updates are required will depend significantly on the types of rules your policy includes. Rules based on codesigning certificates provide the most resiliency against app changes while rules based on file attributes or hash are most likely to require updates when apps change. Alternatively, if you use WDAC [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) functionality and consistently deploy all apps and their updates through your managed installer, then you're less likely to need policy updates.
-
-## WDAC event management
-
-Each time that WDAC blocks a process, events are written to either the CodeIntegrity\Operational or the AppLocker\MSI and Script Windows event logs. The event describes the file that tried to run, the attributes of that file and its signatures, and the process that attempted to run the blocked file.
-
-Collecting these events in a central location can help you maintain your Windows Defender Application Control policy and troubleshoot rule configuration problems. You can [use the Azure Monitor Agent](/azure/azure-monitor/agents/data-collection-rule-azure-monitor-agent) to automatically collect your WDAC events for analysis.
-
-Additionally, [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint) collects WDAC events which can be queried using the [advanced hunting](../operations/querying-application-control-events-centrally-using-advanced-hunting.md) feature.
-
-## Application and user support policy
-
-Considerations include:
-
-- What type of end-user support is provided for blocked applications?
-- How are new rules added to the policy?
-- How are existing rules updated?
-- Are events forwarded for review?
-
-### Help desk support
-
-If your organization has an established help desk support department in place, consider the following points when deploying Windows Defender Application Control policies:
-
-- What documentation does your support department require for new policy deployments?
-- What are the critical processes in each business group both in work flow and timing that will be affected by application control policies and how could they affect your support department's workload?
-- Who are the contacts in the support department?
-- How will the support department resolve application control issues between the end user and those resources who maintain the Windows Defender Application Control rules?
-
-### End-user support
-
-Because Windows Defender Application Control is preventing unapproved apps from running, it's important that your organization carefully plans how to provide end-user support. Considerations include:
-
-- Do you want to use an intranet site as a frontline of support for users who try to run a blocked app?
-- How do you want to support exceptions to the policy? Will you allow users to run a script to temporarily allow access to a blocked app?
-
-## Document your plan
-
-After deciding how your organization will manage your Windows Defender Application Control policy, record your findings.
-
-- **End-user support policy.** Document the process that you'll use for handling calls from users who have attempted to run a blocked app, and ensure that support personnel have clear escalation steps so that the administrator can update the Windows Defender Application Control policy, if necessary.
-- **Event processing.** Document whether events will be collected in a central location called a store, how that store will be archived, and whether the events will be processed for analysis.
-- **Policy management.** Detail what policies are planned, how they'll be managed, and how rules will be maintained over time.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md b/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md
deleted file mode 100644
index 8ebfc6ca57..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md
+++ /dev/null
@@ -1,63 +0,0 @@
----
-title: Understand WDAC script enforcement
-description: WDAC script enforcement
-ms.manager: jsuther
-ms.date: 05/26/2023
-ms.topic: conceptual
-ms.localizationpriority: medium
----
-
-# Script enforcement with Windows Defender Application Control (WDAC)
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
-
-> [!IMPORTANT]
-> Option **11 Disabled:Script Enforcement** is not supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and should not be used on those platforms. Doing so will result in unexpected script enforcement behaviors.
-
-## Script enforcement overview
-
-By default, script enforcement is enabled for all WDAC policies unless the option **11 Disabled:Script Enforcement** is set in the policy. WDAC script enforcement involves a handshake between an enlightened script host, such as PowerShell, and WDAC. However, the script host handles the actual enforcement behavior. Some script hosts, like the Microsoft HTML Application Host (mshta.exe), block all code execution if any WDAC UMCI policy is active. Most script hosts first ask WDAC whether a script should be allowed to run based on the WDAC policies currently active. The script host then either blocks, allows, or changes *how* the script is run to best protect the user and the device.
-
-Validation for signed scripts is done using the [WinVerifyTrust API](/windows/win32/api/wintrust/nf-wintrust-winverifytrust). To pass validation, the signature root must be present in the trusted root store on the device and your WDAC policy must allow it. This behavior is different from WDAC validation for executable files, which doesn't require installation of the root certificate.
-
-WDAC shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks WDAC if a script should be allowed, an event is logged with the answer WDAC returned to the script host. For more information on WDAC script enforcement events, see [Understanding Application Control events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#windows-applocker-msi-and-script-log).
-
-> [!NOTE]
-> When a script runs that is not allowed by policy, WDAC raises an event indicating that the script was "blocked." However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running.
->
-> Also be aware that some script hosts may change how they behave even if a WDAC policy is in audit mode only. You should review the script host specific information in this article and test thoroughly within your environment to ensure the scripts you need to run are working properly.
-
-## Enlightened script hosts that are part of Windows
-
-### PowerShell
-
-Your WDAC policies must allow all PowerShell scripts (.ps1), modules (.psm1), and manifests (.psd1) for them to run with Full Language rights.
-
-Your WDAC policies must also allow any **dependent modules** that are loaded by an allowed module, and module functions must be exported explicitly by name when WDAC is enforced. Modules that don't specify any exported functions (no export name list) still load but no module functions are accessible. Modules that use wildcards (\*) in their name will fail to load.
-
-Any PowerShell script that isn't allowed by WDAC policy still runs, but only in Constrained Language Mode.
-
-PowerShell **dot-sourcing** isn't recommended. Instead, scripts should use PowerShell modules to provide common functionality. If an allowed script file does try to run dot-sourced script files, those script files must also pass the policy.
-
-WDAC puts **interactive PowerShell** into Constrained Language Mode if any WDAC UMCI policy is enforced and *any* active WDAC policy enables script enforcement, even if that policy is in audit mode. To run interactive PowerShell with Full Language rights, you must disable script enforcement for *all* policies.
-
-For more information, see [About Language Modes](/powershell/module/microsoft.powershell.core/about/about_language_modes) and [Constrained Language Mode](https://devblogs.microsoft.com/powershell/powershell-constrained-language-mode/).
-
-### VBscript, cscript, and jscript
-
-Your WDAC policies must allow all scripts run using the Windows Based Script Host (wscript.exe) or the Microsoft Console Based Script Host (cscript.exe). If not, the script is blocked.
-
-### Microsoft HTML Application Host (MSHTA) and MSXML
-
-All code execution using MSHTA or MSXML is blocked if any WDAC policy with script enforcement is active, even if that policy is in audit mode.
-
-### COM objects
-
-WDAC additionally enforces a restricted allowlist for COM objects that your WDAC policy can expand or further restrict. COM object enforcement **isn't** affected by option **11 Disabled:Script Enforcement**. For more information on how to allow or deny COM objects, see [Allow COM object registration](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy).
-
-## Scripts that aren't directly controlled by WDAC
-
-WDAC doesn't directly control code run via the Windows Command Processor (cmd.exe), including .bat/.cmd script files. However, anything that such a batch script tries to run is subject to WDAC control. If you don't need to run cmd.exe, it's recommended to block it outright or allow it only by exception based on the calling process. See [Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules).
-
-WDAC doesn't control scripts run through an unenlightened script host, such as many 3rd-party Java or Python engines. If your WDAC policy allows an unenlightened script host to run, then you implicitly allow all scripts run through that host. For non-Microsoft script hosts, you should check with the software vendor whether their script hosts are enlightened to WDAC policy.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md b/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md
deleted file mode 100644
index 6f2f154463..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md
+++ /dev/null
@@ -1,72 +0,0 @@
----
-title: Understanding Windows Defender Application Control (WDAC) secure settings
-description: Learn about secure settings in Windows Defender Application Control.
-ms.localizationpriority: medium
-ms.date: 04/05/2023
-ms.topic: conceptual
----
-
-# Understanding WDAC Policy Settings
-
-Windows Defender Application Control (WDAC) policies expose a Settings section where policy authors can define arbitrary secure settings. Secure Settings provide local admin tamper-free settings for secure boot enabled systems, with policy signing enabled. Settings consist of a Provider, Key, ValueName, and a setting value. Setting values can be of type boolean, ulong, binary, and string. Applications can query for policy settings using WldpQuerySecurityPolicy.
-
-An example settings section of a Windows Defender Application Control policy:
-
-```xml
-<Settings>
-  <Setting Provider="Contoso" Key="FooApplication" ValueName="DisableMacroExecution">
-    <Value>
-      <Boolean>true</Boolean>
-    </Value>
-  </Setting>
-</Settings>
-```
-
-## Example Scenario
-
-An application that may want to restrict its capabilities, when used on a system with an active Windows Defender Application Control policy. Application authors can define a WDAC policy, setting their application queries, in order to disable certain features. For example, if Contoso's Foo Application wants to disable a risky feature, such as macro execution, they can define a WDAC policy setting, and query for it at runtime. Contoso can then instruct IT administrators to configure the setting in their WDAC policy, if they don't want Foo Application to execute macros on a system with a WDAC policy.
-
-## WldpQuerySecurityPolicy
-
-API that queries the secure settings of a Windows Defender Application Control policy.
-
-### Syntax
-
-``` C++
-HRESULT WINAPI WldpQuerySecurityPolicy(
-    _In_ const UNICODE_STRING * Provider,
-    _In_ const UNICODE_STRING * Key,
-    _In_ const UNICODE_STRING * ValueName,
-    _Out_ PWLDP_SECURE_SETTING_VALUE_TYPE ValueType,
-    _Out_writes_bytes_opt_(*ValueSize) PVOID Value,
-    _Inout_ PULONG ValueSize)
-```
-
-### Parameters
-
-Provider [in]
-Setting Provider name.
-
-#### Key [in]
-
-Key name of the Key-Value pair under Setting Provider "Provider".
-
-#### ValueName [in]
-
-The value name of the "Key-Value" pair.
-
-#### ValueType [in, out]
-
-Pointer to receive the value type.
-
-#### Value [in, out]
-
-Pointer to a buffer to receive the value. The buffer should be of size "ValueSize". If this value is NULL, this function returns the required buffer size for Value.
-
-#### ValueSize [in, out]
-
-On input, it indicates the buffer size of "Value". On successful return, it indicates the size of data written to Value buffer.
-
-#### Return Value
-
-This method returns S_OK if successful or a failure code otherwise.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md
deleted file mode 100644
index d46c2de5a6..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-title: Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules
-description: WDAC policies can be used not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps.
-ms.localizationpriority: medium
-ms.date: 11/02/2022
-ms.topic: how-to
----
-
-# Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-You can use Windows Defender Application Control (WDAC) policies to control applications and also to control whether specific plug-ins, add-ins, and modules can run from specific apps (such as a line-of-business application or a browser):
-
-| Approach | Guideline |
-|---|---|
-| You can work from a list of plug-ins, add-ins, or modules that you want only a specific application to be able to run. Other applications would be blocked from running them. | Use `New-CIPolicyRule` with the `-AppID` option. |
-| In addition, you can work  from a list of plug-ins, add-ins, or modules that you want to block in a specific application. Other applications would be allowed to run them. | Use `New-CIPolicyRule` with the `-AppID` and `-Deny` options. |
-
-For example, to add rules to a WDAC policy called "Lamna_FullyManagedClients_Audit.xml" that allow **addin1.dll** and **addin2.dll** to be run by **ERP1.exe**, Lamna's enterprise resource planning (ERP) application, run the following commands. In the second command, **+=** is used to add a second rule to the **$rule** variable:
-
-```powershell
-$rule = New-CIPolicyRule -DriverFilePath '.\temp\addin1.dll' -Level FileName -AppID '.\ERP1.exe'
-$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin2.dll' -Level FileName -AppID '.\ERP1.exe'
-```
-
-As another example, to create a Windows Defender Application Control policy that blocks **addin3.dll** from running in Microsoft Word, run the following command. You must include the `-Deny` option to block the specified add-ins in the specified application. Once you have all the rules you want, you can merge them into an existing WDAC policy using the Merge-CIPolicy cmdlet as shown here:
-
-```powershell
-$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin3.dll' -Level FileName -Deny -AppID '.\winword.exe'
-Merge-CIPolicy -OutputFilePath .\Lamna_FullyManagedClients_Audit.xml -PolicyPaths .\Lamna_FullyManagedClients_Audit.xml -Rules $rule
-```
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md b/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md
deleted file mode 100644
index 02cd2f93cd..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md
+++ /dev/null
@@ -1,97 +0,0 @@
----
-title: Authorize reputable apps with the Intelligent Security Graph (ISG)
-description: Automatically authorize applications that Microsoft's ISG recognizes as having known good reputation.
-ms.localizationpriority: medium
-ms.date: 12/31/2017
-ms.topic: how-to
----
-
-# Authorize reputable apps with the Intelligent Security Graph (ISG)
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-Application control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective application control policy.
-
-To reduce end-user friction and helpdesk calls, you can set Windows Defender Application Control (WDAC) to automatically allow applications that Microsoft's Intelligent Security Graph (ISG) recognizes as having known good reputation. The ISG option helps organizations begin to implement application control even when the organization has limited control over their app ecosystem. To learn more about the ISG, see the Security section in [Major services and features in Microsoft Graph](/graph/overview-major-services).
-
-> [!WARNING]
-> Binaries that are critical to boot the system must be allowed using explicit rules in your WDAC policy. Do not rely on the ISG to authorize these files.
->
-> The ISG option is not the recommended way to allow apps that are business critical. You should always authorize business critical apps using explicit allow rules or by installing them with a [managed installer](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer).
-
-## How does WDAC work with the ISG?
-
-The ISG isn't a "list" of apps. Rather, it uses the same vast security intelligence and machine learning analytics that power Microsoft Defender SmartScreen and Microsoft Defender Antivirus to help classify applications as having "known good", "known bad", or "unknown" reputation. This cloud-based AI is based on trillions of signals collected from Windows endpoints and other data sources, and processed every 24 hours. As a result, the decision from the cloud can change.
-
-WDAC only checks the ISG for binaries that aren't explicitly allowed or denied by your policy, and that weren't installed by a managed installer. When such a binary runs on a system with WDAC enabled with the ISG option, WDAC will check the file's reputation by sending its hash and signing information to the cloud. If the ISG reports that the file has a "known good" reputation, then the file will be allowed to run. Otherwise, it will be blocked by WDAC.
-
-If the file with good reputation is an application installer, the installer's reputation will pass along to any files that it writes to disk. This way, all the files needed to install and run an app inherit the positive reputation data from the installer. Files authorized based on the installer's reputation will have the $KERNEL.SMARTLOCKER.ORIGINCLAIM kernel Extended Attribute (EA) written to the file.
-
-WDAC periodically requeries the reputation data on a file. Additionally, enterprises can specify that any cached reputation results are flushed on reboot by using the **Enabled:Invalidate EAs on Reboot** option.
-
-## Configuring ISG authorization for your WDAC policy
-
-Setting up the ISG is easy using any management solution you wish. Configuring the ISG option involves these basic steps:
-
-- [Ensure that the **Enabled:Intelligent Security Graph authorization** option is set in the WDAC policy XML](#ensure-that-the-isg-option-is-set-in-the-wdac-policy-xml)
-- [Enable the necessary services to allow WDAC to use the ISG correctly on the client](#enable-the-necessary-services-to-allow-wdac-to-use-the-isg-correctly-on-the-client)
-
-### Ensure that the ISG option is set in the WDAC policy XML
-
-To allow apps and binaries based on the Microsoft Intelligent Security Graph, the **Enabled:Intelligent Security Graph authorization** option must be specified in the WDAC policy. This step can be done with the Set-RuleOption cmdlet. You should also set the **Enabled:Invalidate EAs on Reboot** option so that ISG results are verified again after each reboot. The ISG option isn't recommended for devices that don't have regular access to the internet. The following example shows both options set.
-
-```xml
-<Rules>
-    <Rule>
-      <Option>Enabled:Unsigned System Integrity Policy</Option>
-    </Rule>
-    <Rule>
-      <Option>Enabled:Advanced Boot Options Menu</Option>
-    </Rule>
-    <Rule>
-      <Option>Required:Enforce Store Applications</Option>
-    </Rule>
-    <Rule>
-      <Option>Enabled:UMCI</Option>
-    </Rule>
-    <Rule>
-      <Option>Enabled:Managed Installer</Option>
-    </Rule>
-    <Rule>
-      <Option>Enabled:Intelligent Security Graph Authorization</Option>
-    </Rule>
-    <Rule>
-      <Option>Enabled:Invalidate EAs on Reboot</Option>
-    </Rule>
-</Rules>
-```
-
-### Enable the necessary services to allow WDAC to use the ISG correctly on the client
-
-In order for the heuristics used by the ISG to function properly, other components in Windows must be enabled. You can configure these components by running the appidtel executable in `c:\windows\system32`.
-
-```console
-appidtel start
-```
-
-This step isn't required for WDAC policies deployed over MDM, as the CSP will enable the necessary components. This step is also not required when the ISG is configured using Configuration Manager's WDAC integration.
-
-## Security considerations with the ISG option
-
-Since the ISG is a heuristic-based mechanism, it doesn't provide the same security guarantees as explicit allow or deny rules. It's best suited where users operate with standard user rights and where a security monitoring solution like Microsoft Defender for Endpoint is used.
-
-Processes running with kernel privileges can circumvent WDAC by setting the ISG extended file attribute to make a binary appear to have known good reputation.
-
-Also, since the ISG option passes along reputation from app installers to the binaries they write to disk, it can over-authorize files in some cases. For example, if the installer launches the app upon completion, any files the app writes during that first run will also be allowed.
-
-## Known limitations with using the ISG
-
-Since the ISG only allows binaries that are "known good", there are cases where the ISG may be unable to predict whether legitimate software is safe to run. If that happens, the software will be blocked by WDAC. In this case, you need to allow the software with a rule in your WDAC policy, deploy a catalog signed by a certificate trusted in the WDAC policy, or install the software from a WDAC managed installer. Installers or applications that dynamically create binaries at runtime, and self-updating applications, may exhibit this symptom.
-
-Packaged apps aren't supported with the ISG and will need to be separately authorized in your WDAC policy. Since packaged apps have a strong app identity and must be signed, it's straightforward to [authorize packaged apps](/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control) with your WDAC policy.
-
-The ISG doesn't authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run.
-
-> [!NOTE]
-> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in WDAC support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom WDAC policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-wdac-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md
deleted file mode 100644
index f99639f8fd..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: Windows Defender Application Control and .NET
-description: Understand how WDAC and .NET work together and use Dynamic Code Security to verify code loaded by .NET at runtime.
-ms.localizationpriority: medium
-ms.date: 11/22/2023
-ms.topic: conceptual
----
-
-# Windows Defender Application Control (WDAC) and .NET
-
-.NET apps (as written in a high-level language like C#) are compiled to an Intermediate Language (IL). IL is a compact code format that can be supported on any operating system or architecture. Most .NET apps use APIs that are supported in multiple environments, requiring only the .NET runtime to run. IL needs to be compiled to native code in order to execute on a CPU, for example Arm64 or x64. When .NET compiles IL to native image (NI) on a device with a WDAC user mode policy, it first checks whether the original IL file passes the current WDAC policies. If so, .NET sets an NTFS extended attribute (EA) on the generated NI file so that WDAC knows to trust it as well. When the .NET app runs, WDAC sees the EA on the NI file and allows it.
-
-The EA set on the NI file only applies to the currently active WDAC policies. If one of the active WDAC policies is updated or a new policy is applied, the EA on the NI file is invalidated. The next time the app runs, WDAC will block the NI file. .NET handles the block gracefully and falls back to the original IL code. If the IL still passes the latest WDAC policies, then the app runs without any functional impact. Since the IL is now being compiled at runtime, you might notice a slight impact to performance of the app. When .NET must fall back to IL, .NET will also schedule a process to run at the next maintenance window to regenerate all NI files, thus reestablishing the WDAC EA for all code that passes the latest WDAC policies.
-
-In some cases, if an NI file is blocked, you might see a "false positive" block event in the *CodeIntegrity - Operational* event log as described in [WDAC Admin Tips & Known Issues](/windows/security/threat-protection/windows-defender-application-control/operations/known-issues#net-native-images-may-generate-false-positive-block-events).
-
-To mitigate any performance impact caused when the WDAC EA isn't valid or missing:
-
-- Avoid updating the WDAC policies often.
-- Run `ngen update` (on all machine architectures) to force .NET to regenerate all NI files immediately after applying changes to your WDAC policies.
-- Migrate applications to .NET Core (.NET 6 or greater).
-
-## WDAC and .NET hardening
-
-Security researchers found that some .NET capabilities that allow apps to load libraries from external sources or generate new code at runtime can be used to circumvent WDAC controls.
-To address this potential vulnerability, WDAC includes an option called *Dynamic Code Security* that works with .NET to verify code loaded at runtime.
-
-When the Dynamic Code Security option is enabled, Application Control policy is applied to libraries that .NET loads from external sources. For example, any remote sources, such as the internet or a network share.
-
-> [!IMPORTANT]
-> .Net dynamic code security hardening is *turned on and enforced* if any WDAC policy with UMCI enabled has set option **19 Enabled:Dynamic Code Security**. There is no audit mode for this feature. You should test your apps with this option set before turning it on across large numbers of devices.
-
-Additionally, it detects tampering in code generated to disk by .NET and blocks loading code that was tampered with.
-
-Dynamic Code Security isn't enabled by default because existing policies might not account for externally loaded libraries.
-Additionally, a few .NET loading features, including loading unsigned assemblies built with System.Reflection.Emit, aren't currently supported with Dynamic Code Security enabled.
-Microsoft recommends testing Dynamic Code Security in audit mode before enforcing it to discover whether any new libraries should be included in the policy.
-
-Additionally, customers can precompile for deployment only to prevent an allowed executable from being terminated because it tries to load unsigned dynamically generated code. See the "Precompiling for Deployment Only" section in the [ASP.NET Precompilation Overview](/previous-versions/aspnet/bb398860(v=vs.100)) document for how to fix that.
-
-To enable Dynamic Code Security, add the following option to the `<Rules>` section of your WDAC policy:
-
-```xml
-<Rule>
-    <Option>Enabled:Dynamic Code Security</Option>
-</Rule>
-```
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md
deleted file mode 100644
index 84a5e4839a..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md
+++ /dev/null
@@ -1,37 +0,0 @@
----
-title: Windows Defender Application Control design guide
-description: Microsoft Windows Defender Application Control allows organizations to control what apps and drivers will run on their managed Windows devices.
-ms.localizationpriority: medium
-ms.topic: conceptual
-ms.date: 02/20/2018
----
-
-# Windows Defender Application Control design guide
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-This guide covers design and planning for Windows Defender Application Control (WDAC). It's intended to help security architects, security administrators, and system administrators create a plan that addresses specific application control requirements for different departments or business groups within an organization.
-
-## Plan for success
-
-A common refrain you may hear about application control is that it is "too hard." While it's true that application control isn't as simple as flipping a switch, organizations can be successful, if they're methodical when carefully planning their approach. In reality, the issues that lead to failure with application control often arise from business issues rather than technology challenges. Organizations that have successfully deployed application control have ensured the following before starting their planning:
-
--   Executive sponsorship and organizational buy-in is in place.
--   There's a clear **business** objective for using application control, and it's not being planned as a purely technical problem from IT.
--   The organization has a plan to handle potential helpdesk support requests for users who are blocked from running some apps.
--   The organization has considered where application control can be most useful (for example, securing sensitive workloads or business functions) and also where it may be difficult to achieve (for example, developer workstations).
-
-Once these business factors are in place, you're ready to begin planning your Windows Defender Application Control (WDAC) deployment. The following topics can help guide you through your planning process.
-
-## In this section
-
-| Topic | Description |
-| - | - |
-| [Plan for WDAC policy management](plan-wdac-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining WDAC policies. |
-| [Understand WDAC policy design decisions](understand-wdac-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of application control policies. |
-| [Understand WDAC policy rules and file rules](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your application control policy rules by using WDAC. |
-| [Policy creation for common WDAC usage scenarios](common-wdac-use-cases.md) | This set of topics outlines common use case scenarios, and helps you begin to develop a plan for deploying WDAC in your organization. |
-| [Policy creation using the WDAC Wizard tool](wdac-wizard.md) | This set of topics describes how to use the WDAC Wizard desktop app to easily create, edit, and merge WDAC policies. |
-
-After planning is complete, the next step is to deploy WDAC. The [Windows Defender Application Control Deployment Guide](../deployment/wdac-deployment-guide.md) covers creating and testing policies, deploying the enforcement setting, and managing and maintaining policies.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md
deleted file mode 100644
index 95692365fc..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md
+++ /dev/null
@@ -1,59 +0,0 @@
----
-title: Editing Windows Defender Application Control Policies with the Wizard
-description: Editing existing base and supplemental policies with the Microsoft WDAC Wizard.
-ms.localizationpriority: medium
-ms.topic: conceptual
-ms.date: 10/14/2020
----
-
-# Editing existing base and supplemental WDAC policies with the Wizard
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-The Windows Defender Application Control Wizard makes editing and viewing WDAC policies easier than the PowerShell cmdlets or manually. The Wizard currently supports the following editing capabilities: 
-<ul>
-    <li><a href="#configuring-policy-rules">Configuring policy rules</a></li>
-    <li><a href="#adding-file-rules">Adding new allow or block file rules to existing policies</a></li>
-    <li><a href="#removing-file-rules">Removing allow or block file rules on existing policies</a></li>
-</ul>
-
-## Configuring Policy Rules
-
-The `Policy Rules` page will load with the in-edit policy rules configured per the set rules. Selecting the `+ Advanced Options` button will reveal the advanced policy rule options panel. This grouping of rules contains other policy rule options that are less common to most users. To edit any of the rules, flip the corresponding policy rule state.  For instance, to disable Audit Mode and enable Enforcement Mode in the figure below, the button beside the `Audit Mode` label needs only to be pressed. Once the policy rules are configured, select the Next button to continue the next stage of editing: [Adding File Rules](#adding-file-rules).
-
-![Configuring the policy rules.](../images/wdac-wizard-edit-policy-rules.png)
-
-A description of the policy rule is shown at the bottom of the page when the cursor is placed over the rule title. For a complete list of the policy rules and their capabilities, see the [Windows Defender Application Control policy rules table](select-types-of-rules-to-create.md#windows-defender-application-control-policy-rules).
-
-## Adding File Rules
-
-The Windows Defender Application Control Wizard allows users to add rules to their existing policy seamlessly. Previously, this rule-adding task would have involved creating a new policy with the new rules and merging it with the existing policy. 
-
-Selecting the `+ Custom Rules` button will open the Custom Rules panel. For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](wdac-wizard-create-base-policy.md#creating-custom-file-rules).
-
-## Removing File Rules
-
-The WDAC Wizard makes deleting file rules from an existing policy quick and easy. To remove any type of file rule: publisher rule, path rule, filename rule, or a hash rule, select the rule in the `Policy Signing Rules List` table on the left-hand side of the page. Selecting the rule will highlight the entire row. Once the row is highlighted, select the remove icon underneath the table. The Wizard will prompt for user confirmation before removing the file rule. Once removed, the rule will no longer appear in the policy or the table. 
-
-![Removing file rule from policy during edit.](../images/wdac-wizard-edit-remove-file-rule.png)
-
-**Note:** removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. 
-
-```xml
-    <Signer ID="ID_SIGNER_CONTOSO_PUBLISHER" Name="Contoso LOB Publisher CA">
-      <CertRoot Type="TBS" Value="0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" />
-      <CertPublisher Value="Contoso IT Dept App Publisher" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_LOB_APP_1" />
-      <FileAttribRef RuleID="ID_FILEATTRIB_LOB_APP_2" />
-```
-
-[comment]: <> (## Editing File Rules Coming soon!)
-
-### Policy Creation
-
-Once the policy is created, the new policy will be written to the same path as the in-edit policy. The new policy file name will have the policy version appended to the end of the file name. For instance, if the in-edit policy is saved at MyDocuments\BasePolicy.xml, after edit, the new policy will be saved at MyDocuments\BasePolicy_v10.0.0.1.xml. 
-
-## Up next
-
-- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](wdac-wizard-merging-policies.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md
deleted file mode 100644
index 2db7264ca4..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: Windows Defender Application Control Wizard Policy Merging Operation
-description: Merging multiple policies into a single application control policy with the Microsoft WDAC Wizard.
-ms.localizationpriority: medium
-ms.topic: conceptual
-ms.date: 10/14/2020
----
-
-# Merging existing policies with the WDAC Wizard
-
-Beginning in Windows 10 version 1903, Windows Defender Application Control (WDAC) supports multiple policies. Before version 1903, however, Windows 10 could only have one WDAC policy. So, users were required to merge multiple WDAC policies into one. The WDAC Wizard has a simple to use user interface to allow users to merge multiple WDAC policies. The Wizard can support up to 15 policy files as input during the merge workflow.  
-
-Select the policies you wish to merge into one policy using the `+ Add Policy` button under the table. Once added, policies will be enumerated within the table. To remove a policy from the table, if accidentally added, highlight the policy row and select the `- Remove Policy` button. Confirmation will be required before the policy is withdrawn from the table. 
-
-> [!NOTE]
-> The policy type and ID of the final output policy will be determined based on the type and ID of the **first policy** in the policy list table. For instance, if a legacy policy format policy and a multi-policy format policy are merged together, the output format of the policy will be whichever policy is specified first in the table. For more information on policy formats, visit the [Multiple Windows Defender Application Control (WDAC) Policies page](deploy-multiple-wdac-policies.md).
-
-Lastly, select a filepath save location for the final merged policy using the `Browse` button. If a minimum of two policies are selected, and the save location is specified, select the `Next` button to build the policy. 
-
-![Merging WDAC policies into a final WDAC policy.](../images/wdac-wizard-merge.png)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
deleted file mode 100644
index 5fb5ff24d3..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md
+++ /dev/null
@@ -1,121 +0,0 @@
----
-title: Windows Defender Application Control Wizard WDAC Event Parsing
-description: Creating WDAC policy rules from the WDAC event logs and the MDE Advanced Hunting WDAC events.
-ms.localizationpriority: medium
-ms.topic: conceptual
-ms.date: 01/24/2024
----
-
-# Creating WDAC Policy Rules from WDAC Events in the Wizard
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-As of [version 2.2.0.0](https://webapp-wdac-wizard.azurewebsites.net/archives.html), the WDAC Wizard supports creating WDAC policy rules from the following event log types: 
-
-1. [WDAC event log events on the system](#wdac-event-viewer-log-parsing)
-2. [Exported WDAC events (EVTX files) from any system](#wdac-event-log-file-parsing)
-3. [Exported WDAC events from MDE Advanced Hunting](#mde-advanced-hunting-wdac-event-parsing)
-
-## WDAC Event Viewer Log Parsing
-
-To create rules from the WDAC event logs on the system:
-
-1. Select **Policy Editor** from the main page.
-2. Select **Convert Event Log to a WDAC Policy**.
-3. Select the **Parse Event Logs** button under the **Parse Event Logs from the System Event Viewer to Policy** header.
-
-   The Wizard parses the relevant audit and block events from the CodeIntegrity (WDAC) Operational and AppLocker MSI and Script logs. You see a notification when the Wizard successfully finishes reading the events. 
-
-   > [!div class="mx-imgBorder"]
-   > [![Parse WDAC and AppLocker event log system events](../images/wdac-wizard-event-log-system.png)](../images/wdac-wizard-event-log-system-expanded.png)
-
-4. Select the Next button to view the audit and block events and create rules.
-5. [Generate rules from the events](#creating-policy-rules-from-the-events).
-
-## WDAC Event Log File Parsing
-
-To create rules from the WDAC `.EVTX` event logs files on the system:
-
-1. Select **Policy Editor** from the main page.
-2. Select **Convert Event Log to a WDAC Policy**.
-3. Select the **Parse Log File(s)** button under the **Parse Event Log evtx Files to Policy** header.
-4. Select the WDAC CodeIntegrity Event log EVTX file(s) from the disk to parse.
-
-   The Wizard parses the relevant audit and block events from the selected log files. You see a notification when the Wizard successfully finishes reading the events. 
-
-   > [!div class="mx-imgBorder"]
-   > [![Parse evtx file WDAC events](../images/wdac-wizard-event-log-files.png)](../images/wdac-wizard-event-log-files-expanded.png)
-
-5. Select the Next button to view the audit and block events and create rules.
-6. [Generate rules from the events](#creating-policy-rules-from-the-events).
-
-## MDE Advanced Hunting WDAC Event Parsing
-
-To create rules from the WDAC events in [MDE Advanced Hunting](../operations/querying-application-control-events-centrally-using-advanced-hunting.md):
-
-1. Navigate to the Advanced Hunting section within the MDE console and query the WDAC events. **The Wizard requires the following fields** in the Advanced Hunting csv file export: 
-
-   ```KQL
-   | project-keep Timestamp, DeviceId, DeviceName, ActionType, FileName, FolderPath, SHA1, SHA256, IssuerName, IssuerTBSHash, PublisherName, PublisherTBSHash, AuthenticodeHash, PolicyId, PolicyName
-   ```
-
-   The following Advanced Hunting query is recommended:
-
-   ```KQL
-   DeviceEvents 
-   // Take only WDAC events
-   | where ActionType startswith 'AppControlCodeIntegrity' 
-   // SigningInfo Fields
-   | extend IssuerName = parsejson(AdditionalFields).IssuerName
-   | extend IssuerTBSHash = parsejson(AdditionalFields).IssuerTBSHash
-   | extend PublisherName = parsejson(AdditionalFields).PublisherName
-   | extend PublisherTBSHash = parsejson(AdditionalFields).PublisherTBSHash
-   // Audit/Block Fields
-   | extend AuthenticodeHash = parsejson(AdditionalFields).AuthenticodeHash
-   | extend PolicyId = parsejson(AdditionalFields).PolicyID
-   | extend PolicyName = parsejson(AdditionalFields).PolicyName
-   // Keep only required fields for the WDAC Wizard
-   | project-keep Timestamp,DeviceId,DeviceName,ActionType,FileName,FolderPath,SHA1,SHA256,IssuerName,IssuerTBSHash,PublisherName,PublisherTBSHash,AuthenticodeHash,PolicyId,PolicyName
-   ```
-
-2. Export the WDAC event results by selecting the **Export** button in the results view.
-
-   > [!div class="mx-imgBorder"]
-   > [![Export the MDE Advanced Hunting results to CSV](../images/wdac-wizard-event-log-mde-ah-export.png)](../images/wdac-wizard-event-log-mde-ah-export-expanded.png)
-
-3. Select **Policy Editor** from the main page.
-4. Select **Convert Event Log to a WDAC Policy**.
-5. Select the **Parse Log File(s)** button under the "Parse MDE Advanced Hunting Events to Policy" header.
-6. Select the WDAC MDE Advanced Hunting export CSV files from the disk to parse.
-
-   The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You see a notification when the Wizard successfully finishes reading the events. 
-
-   > [!div class="mx-imgBorder"]
-   > [![Parse the Advanced Hunting CSV WDAC event files](../images/wdac-wizard-event-log-mde-ah-parsing.png)](../images/wdac-wizard-event-log-mde-ah-parsing-expanded.png)
-
-7. Select the Next button to view the audit and block events and create rules.
-8. [Generate rules from the events](#creating-policy-rules-from-the-events).
-
-## Creating Policy Rules from the Events
-
-On the "Configure Event Log Rules" page, the unique WDAC log events are shown in the table. Event Ids, filenames, product names, the policy name that audited or blocked the file, and the file publisher are all shown in the table. The table can be sorted alphabetically by clicking on any of the headers. 
-
-To create a rule and add it to the WDAC policy: 
-
-1. Select an audit or block event in the table by selecting the row of interest.
-2. Select a rule type from the dropdown. The Wizard supports creating Publisher, Path, File Attribute, Packaged App and Hash rules.
-3. Select the attributes and fields that should be added to the policy rules using the checkboxes provided for the rule type.
-4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label is shown in the selected row confirming that the rule will be generated.
-
-   > [!div class="mx-imgBorder"]
-   > [![Adding a publisher rule to the WDAC policy](../images/wdac-wizard-event-rule-creation.png)](../images/wdac-wizard-event-rule-creation-expanded.png)
-
-5. Select the **Next** button to output the policy. Once generated, the event log policy should be merged with your base or supplemental policies. 
-
-> [!WARNING]
-> It is not recommended to deploy the event log policy on its own, as it likely lacks rules to authorize Windows and may cause blue screens.
-
-## Up next
-
-- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](wdac-wizard-merging-policies.md)
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md b/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md
deleted file mode 100644
index 2f67ee3ad7..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md
+++ /dev/null
@@ -1,36 +0,0 @@
----
-title: Windows Defender Application Control Wizard
-description: The Windows Defender Application Control policy wizard tool allows you to create, edit, and merge application control policies in a simple to use Windows application.
-ms.localizationpriority: medium
-ms.topic: conceptual
-ms.date: 05/24/2022
----
-
-# Windows Defender Application Control Wizard
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-The Windows Defender Application Control policy wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. It was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge Application Control policies. This tool uses the [ConfigCI PowerShell cmdlets](/powershell/module/configci) in the backend so the output policy of the tool and PowerShell cmdlets is identical.
-
-## Downloading the application
-
-Download the tool from the official [Windows Defender Application Control Policy Wizard website](https://webapp-wdac-wizard.azurewebsites.net/) as an MSIX packaged application. The tool's source code is available as part of Microsoft's Open Source Software offerings on GitHub at the [Windows Defender Application Control (WDAC) Policy Wizard repository](https://github.com/MicrosoftDocs/WDAC-Toolkit).
-
-### Supported clients
-
-As the tool uses the cmdlets in the background, it's functional on clients only where the cmdlets are supported. For more information, see [Application Control feature availability](../feature-availability.md). Specifically, the tool verifies that the client meets one of the following requirements:
-
-- Windows 10, version 1909 or later
-- For pre-1909 builds, the Enterprise SKU of Windows is installed
-
-If neither requirement is satisfied, it throws an error as the cmdlets aren't available.
-
-## Resources to learn more
-
-| Article | Description |
-| - | - |
-| [Creating a new base policy](wdac-wizard-create-base-policy.md) | This article describes how to create a new base policy using one of the supplied policy templates. |
-| [Creating a new supplemental policy](wdac-wizard-create-supplemental-policy.md) | This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy. |
-| [Editing a base or supplemental policy](wdac-wizard-editing-policy.md) | This article demonstrates how to modify an existing policy and the tool's editing capabilities. |
-| [Merging policies](wdac-wizard-merging-policies.md) | This article describes how to merge policies into a single application control policy. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md b/windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md
deleted file mode 100644
index 264f3589f8..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md
+++ /dev/null
@@ -1,30 +0,0 @@
----
-title: Windows Defender Application Control feature availability
-description: Compare Windows Defender Application Control (WDAC) and AppLocker feature availability.
-ms.localizationpriority: medium
-ms.date: 12/21/2023
-ms.topic: overview
----
-
-# Windows Defender Application Control and AppLocker feature availability
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Review the following table to learn more.
-
-| Capability  | Windows Defender Application Control | AppLocker   |
-|-------------|------|-------------|
-| Platform support    | Available on Windows 10, Windows 11, and Windows Server 2016 or later.  | Available on Windows 8 or later.   |
-| Edition availability     | Available on Windows 10, Windows 11, and Windows Server 2016 or later. <br> WDAC PowerShell cmdlets aren't available on Home edition, but policies are effective on all editions. | Policies are supported on all editions Windows 10 version 2004 and newer with [KB 5024351](https://support.microsoft.com/help/5024351).<br><br>Windows versions older than version 2004, including Windows Server 2019:<br><ul><li>Policies deployed through GP are only supported on Enterprise and Server editions.</li><li>Policies deployed through MDM are supported on all editions.</li></ul>|
-| Management solutions   | <ul><li>[Intune](deployment/deploy-wdac-policies-using-intune.md)</li><li>[Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)</li><li>[Group policy](deployment/deploy-wdac-policies-using-group-policy.md) </li><li>[Script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script)</li></ul>  | <ul><li>[Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)</li><li>Configuration Manager (custom policy deployment via software distribution only)</li><li>[Group Policy](applocker/determine-group-policy-structure-and-rule-enforcement.md)</li><li>PowerShell</li><ul> |
-| Per-user and Per-user group rules | Not available (policies are device-wide).  | Available on Windows 8+.  |
-| Kernel mode policies  | Available on Windows 10, Windows 11, and Windows Server 2016 or later. | Not available. |
-| [Rule option 11 - Disabled:Script Enforcement](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement)  | Available on all versions of Windows 10 except 1607 LTSB, Windows 11, and Windows Server 2019 and above. **Disabled:Script Enforcement** isn't supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and shouldn't be used on those platforms. Doing so results in unexpected script enforcement behaviors. | MSI and Script rule collection is separately configurable. |
-| [Per-app rules](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules)  | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Not available. |
-| [Managed Installer (MI)](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer)  | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
-| [Reputation-Based intelligence](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph)     | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Not available. |
-| [Multiple policy support](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) | Available on Windows 10, version 1903 and above, Windows 11, and Windows Server 2022.  | Not available.  |
-| [Path-based rules](/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create) | Available on Windows 10, version 1903 and above, Windows 11, and Windows Server 2022 or later. Exclusions aren't supported. Runtime user-writeability checks enforced by default.  | Available on Windows 8+. Exclusions are supported. No runtime user-writeability check. |
-| [COM object allowlisting](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy) | Available on Windows 10, Windows 11, and Windows Server 2019 or later. | Not available. |
-| [Packaged app rules](/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control) | Available on Windows 10, Windows 11, and Windows Server 2019 or later.  | Available on Windows 8+. |
-| Enforceable file types | <ul><li>Driver files: .sys</li><li>Executable files: .exe and .com</li><li>DLLs: .dll, .rll and .ocx</li><li>Windows Installer files: .msi, .mst, and .msp</li><li>Scripts: .ps1, .vbs, and .js</li><li>Packaged apps and packaged app installers: .appx</li></ul>| <ul><li>Executable files: .exe and .com</li><li>[Optional] DLLs: .dll, .rll and .ocx</li><li>Windows Installer files: .msi, .mst, and .msp</li><li>Scripts: .ps1, .bat, .cmd, .vbs, and .js</li><li>Packaged apps and packaged app installers: .appx</li></ul>|
-| [Application ID (AppId) Tagging](/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide) | Available on Windows 10, version 20H1 and later, and Windows 11. | Not available. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md b/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md
deleted file mode 100644
index a100e1a2c0..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md
+++ /dev/null
@@ -1,161 +0,0 @@
----
-title: Understanding Application Control event IDs
-description: Learn what different Windows Defender Application Control event IDs signify.
-ms.localizationpriority: medium
-ms.date: 03/24/2023
-ms.topic: reference
----
-
-# Understanding Application Control events
-
-## WDAC Events Overview
-
-WDAC logs events when a policy is loaded, when a file is blocked, or when a file would be blocked if in audit mode. These block events include information that identifies the policy and gives more details about the block. WDAC doesn't generate events when a binary is allowed. However, you can turn on allow audit events for files authorized by a managed installer or the Intelligent Security Graph (ISG) as described later in this article.
-
-### Core WDAC event logs
-
-WDAC events are generated under two locations in the Windows Event Viewer:
-
-- **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational** includes events about Application Control policy activation and the control of executables, dlls, and drivers.
-- **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** includes events about the control of MSI installers, scripts, and COM objects.
-
-Most app and script failures that occur when WDAC is active can be diagnosed using these two event logs. This article describes in greater detail the events that exist in these logs. To understand the meaning of different data elements, or tags, found in the details of these events, see [Understanding Application Control event tags](event-tag-explanations.md).
-
-> [!NOTE]
-> **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** events are not included on Windows Server Core edition.
-
-## WDAC block events for executables, dlls, and drivers
-
-These events are found in the **CodeIntegrity - Operational** event log.
-
-| Event ID | Explanation |
-|--------|-----------|
-| 3004 | This event isn't common and may occur with or without an Application Control policy present. It typically indicates a kernel driver tried to load with an invalid signature. For example, the file may not be WHQL-signed on a system where WHQL is required. <br><br> This event is also seen for kernel- or user-mode code that the developer opted-in to [/INTEGRITYCHECK](/cpp/build/reference/integritycheck-require-signature-check) but isn't signed correctly. |
-| 3033 | This event may occur with or without an Application Control policy present and should occur alongside a 3077 event if caused by WDAC policy. It often means the file's signature is revoked or a signature with the Lifetime Signing EKU has expired. Presence of the Lifetime Signing EKU is the only case where WDAC blocks files due to an expired signature. Try using option `20 Enabled:Revoked Expired As Unsigned` in your policy along with a rule (for example, hash) that doesn't rely on the revoked or expired cert. <br><br> This event also occurs if code compiled with [Code Integrity Guard (CIG)](/microsoft-365/security/defender-endpoint/exploit-protection-reference#code-integrity-guard) tries to load other code that doesn't meet the CIG requirements. |
-| 3034 | This event isn't common. It's the audit mode equivalent of event 3033. |
-| 3076 | This event is the main Application Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. |
-| 3077 | This event is the main Application Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. |
-| 3089 | This event contains signature information for files that were blocked or audit blocked by Application Control. One of these events is created for each signature of a file. Each event shows the total number of signatures found and an index value to identify the current signature. Unsigned files generate a single one of these events with TotalSignatureCount of 0. These events are correlated with 3004, 3033, 3034, 3076 and 3077 events. You can match the events using the `Correlation ActivityID` found in the **System** portion of the event. |
-
-## WDAC block events for packaged apps, MSI installers, scripts, and COM objects
-
-These events are found in the **AppLocker - MSI and Script** event log.
-
-| Event ID | Explanation |
-|--------|-----------|
-| 8028 | This event indicates that a script host, such as PowerShell, queried Application Control about a file the script host was about to run. Since the policy was in audit mode, the script or MSI file should have run, but wouldn't have passed the WDAC policy if it was enforced. Some script hosts may have additional information in their logs. Note: Most third-party script hosts don't integrate with Application Control. Consider the risks from unverified scripts when choosing which script hosts you allow to run. |
-| 8029 | This event is the enforcement mode equivalent of event 8028. Note: While this event says that a script was blocked, the script hosts control the actual script enforcement behavior. The script host may allow the file to run with restrictions and not block the file outright. For example, PowerShell runs script not allowed by your WDAC policy in [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). |
-| 8036| COM object was blocked. To learn more about COM object authorization, see [Allow COM object registration in a Windows Defender Application Control policy](../design/allow-com-object-registration-in-wdac-policy.md). |
-| 8037 | This event indicates that a script host checked whether to allow a script to run, and the file passed the WDAC policy. |
-| 8038 | Signing information event correlated with either an 8028 or 8029 event. One 8038 event is generated for each signature of a script file. Contains the total number of signatures on a script file and an index as to which signature it is. Unsigned script files generate a single 8038 event with TotalSignatureCount 0. These events are correlated with 8028 and 8029 events and can be matched using the `Correlation ActivityID` found in the **System** portion of the event. |
-| 8039 | This event indicates that a packaged app (MSIX/AppX) was allowed to install or run because the WDAC policy is in audit mode. But, it would have been blocked if the policy was enforced. |
-| 8040 | This event indicates that a packaged app was prevented from installing or running due to the WDAC policy. |
-
-## WDAC policy activation events
-
-These events are found in the **CodeIntegrity - Operational** event log.
-
-| Event ID | Explanation |
-|--------|-----------|
-| 3095 | The Application Control policy can't be refreshed and must be rebooted instead. |
-| 3096 | The Application Control policy wasn't refreshed since it's already up-to-date. This event's Details includes useful information about the policy, such as its policy options. |
-| 3097 | The Application Control policy can't be refreshed. |
-| 3099 | Indicates that a policy has been loaded. This event's Details includes useful information about the Application Control policy, such as its policy options. |
-| 3100 | The application control policy was refreshed but was unsuccessfully activated. Retry. |
-| 3101 | Application Control policy refresh started for *N* policies. |
-| 3102 | Application Control policy refresh finished for *N* policies. |
-| 3103 | The system is ignoring the Application Control policy refresh. For example, an inbox Windows policy that doesn't meet the conditions for activation. |
-| 3105 | The system is attempting to refresh the Application Control policy with the specified ID. |
-
-## Diagnostic events for Intelligent Security Graph (ISG) and Managed Installer (MI)
-
-> [!NOTE]
-> When Managed Installer is enabled, customers using LogAnalytics should be aware that Managed Installer may fire many 3091 events.  Customers may need to filter out these events to avoid high LogAnalytics costs.
-
-The following events provide helpful diagnostic information when a WDAC policy includes the ISG or MI option. These events can help you debug why something was allowed/denied based on managed installer or ISG. Events 3090, 3091, and 3092 don't necessarily indicate a problem but should be reviewed in context with other events like 3076 or 3077.
-
-Unless otherwise noted, these events are found in either the **CodeIntegrity - Operational** event log or the **CodeIntegrity - Verbose** event log depending on your version of Windows.
-
-| Event ID | Explanation |
-|--------|---------|
-| 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. |
-| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the Application Control policy is in audit mode. |
-| 3092 | This event is the enforcement mode equivalent of 3091. |
-| 8002 | This event is found in the **AppLocker - EXE and DLL** event log. When a process launches that matches a managed installer rule, this event is raised with PolicyName = MANAGEDINSTALLER found in the event Details. Events with PolicyName = EXE or DLL aren't related to WDAC. |
-
-Events 3090, 3091, and 3092 are reported per active policy on the system, so you may see multiple events for the same file.
-
-### ISG and MI diagnostic event details
-
-The following information is found in the details for 3090, 3091, and 3092 events.
-
-| Name | Explanation |
-|------|------|
-| ManagedInstallerEnabled | Indicates whether the specified policy enables managed installer trust |
-| PassesManagedInstaller | Indicates whether the file originated from a MI |
-| SmartlockerEnabled | Indicates whether the specified policy enables ISG trust |
-| PassesSmartlocker | Indicates whether the file had positive reputation according to the ISG |
-| AuditEnabled | True if the Application Control policy is in audit mode, otherwise it is in enforce mode |
-| PolicyName | The name of the Application Control policy to which the event applies |
-
-### Enabling ISG and MI diagnostic events
-
-To enable 3090 allow events, create a TestFlags regkey with a value of 0x300 as shown in the following PowerShell command. Then restart your computer.
-
-```powershell
-reg add hklm\system\currentcontrolset\control\ci -v TestFlags -t REG_DWORD -d 0x300
-```
-
-Events 3091 and 3092 are inactive on some versions of Windows and are turned on by the preceding command.
-
-## Appendix
-
-A list of other relevant event IDs and their corresponding description.
-
-| Event ID | Description |
-|-------|------|
-| 3001 | An unsigned driver was attempted to load on the system. |
-| 3002 | Code Integrity couldn't verify the boot image as the page hash couldn't be found. |
-| 3004 | Code Integrity couldn't verify the file as the page hash couldn't be found. |
-| 3010 | The catalog containing the signature for the file under validation is invalid. |
-| 3011 | Code Integrity finished loading the signature catalog. |
-| 3012 | Code Integrity started loading the signature catalog. |
-| 3023 | The driver file under validation didn't meet the requirements to pass the application control policy. |
-| 3024 | Windows application control was unable to refresh the boot catalog file. |
-| 3026 | Microsoft or the certificate issuing authority revoked the certificate that signed the catalog. |
-| 3032 | The file under validation is revoked or the file has a signature that is revoked.
-| 3033 | The file under validation didn't meet the requirements to pass the application control policy. |
-| 3034 | The file under validation wouldn't meet the requirements to pass the Application Control policy if it was enforced. The file was allowed since the policy is in audit mode. |
-| 3036 | Microsoft or the certificate issuing authority revoked the certificate that signed the file being validated. |
-| 3064 | If the Application Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the application control policy. The DLL was allowed since the policy is in audit mode. |
-| 3065 | If the Application Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the application control policy. |
-| 3074 | Page hash failure while hypervisor-protected code integrity was enabled. |
-| 3075 | This event measures the performance of the Application Control policy check during file validation. |
-| 3076 | This event is the main Application Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. |
-| 3077 | This event is the main Application Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. |
-| 3079 | The file under validation didn't meet the requirements to pass the application control policy. |
-| 3080 | If the Application Control policy was in enforced mode, the file under validation wouldn't have met the requirements to pass the application control policy. |
-| 3081 | The file under validation didn't meet the requirements to pass the application control policy. |
-| 3082 | If the Application Control policy was enforced, the policy would have blocked this non-WHQL driver. |
-| 3084 | Code Integrity is enforcing WHQL driver signing requirements on this boot session. |
-| 3085 | Code Integrity isn't enforcing WHQL driver signing requirements on this boot session. |
-| 3086 | The file under validation doesn't meet the signing requirements for an isolated user mode (IUM) process. |
-| 3089 | This event contains signature information for files that were blocked or audit blocked by Application Control. One 3089 event is created for each signature of a file. |
-| 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. |
-| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the Application Control policy is in audit mode. |
-| 3092 | This event is the enforcement mode equivalent of 3091. |
-| 3095 | The Application Control policy can't be refreshed and must be rebooted instead. |
-| 3096 | The Application Control policy wasn't refreshed since it's already up-to-date. |
-| 3097 | The Application Control policy can't be refreshed. |
-| 3099 | Indicates that a policy has been loaded. This event also includes information about the options set by the Application Control policy.  |
-| 3100 | The application control policy was refreshed but was unsuccessfully activated. Retry. |
-| 3101 | The system started refreshing the Application Control policy. |
-| 3102 | The system finished refreshing the Application Control policy. |
-| 3103 | The system is ignoring the Application Control policy refresh. |
-| 3104 | The file under validation doesn't meet the signing requirements for a PPL (protected process light) process. |
-| 3105 | The system is attempting to refresh the Application Control policy. |
-| 3108 | Windows mode change event was successful. |
-| 3110 | Windows mode change event was unsuccessful. |
-| 3111 | The file under validation didn't meet the hypervisor-protected code integrity (HVCI) policy. |
-| 3112 | Windows has revoked the certificate that signed the file being validated. |
-| 3114 | Dynamic Code Security opted the .NET app or DLL into Application Control policy validation. The file under validation didn't pass your policy and was blocked. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md b/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md
deleted file mode 100644
index f33e99121c..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md
+++ /dev/null
@@ -1,104 +0,0 @@
----
-title: WDAC Admin Tips & Known Issues
-description: WDAC Known Issues
-ms.manager: jsuther
-ms.date: 04/15/2024
-ms.topic: troubleshooting
-ms.localizationpriority: medium
----
-
-# WDAC Admin Tips & Known Issues
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
-
-This article covers tips and tricks for admins and known issues with Windows Defender Application Control (WDAC). Test this configuration in your lab before enabling it in production.
-
-## WDAC policy file locations
-
-**Multiple policy format WDAC policies** are found in the following locations depending on whether the policy is signed or not, and the method of policy deployment that was used.
-
-- &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
-- &lt;EFI System Partition&gt;\\Microsoft\\Boot\\CiPolicies\Active\\*\{PolicyId GUID\}*.cip
-
-The *\{PolicyId GUID\}* value is unique by policy and defined in the policy XML with the &lt;PolicyId&gt; element.
-
-For **single policy format WDAC policies**, in addition to the two preceding locations, also look for a file called SiPolicy.p7b in the following locations:
-
-- &lt;EFI System Partition&gt;\\Microsoft\\Boot\\SiPolicy.p7b
-- &lt;OS Volume&gt;\\Windows\\System32\\CodeIntegrity\\SiPolicy.p7b
-
-> [!NOTE]
-> A multiple policy format WDAC policy using the single policy format GUID `{A244370E-44C9-4C06-B551-F6016E563076}` may exist under any of the policy file locations.
-
-## File Rule Precedence Order
-
-When the WDAC engine evaluates files against the active set of policies on the device, rules are applied in the following order. Once a file encounters a match, WDAC stops further processing.
-
-1. Explicit deny rules - a file is blocked if any explicit deny rule exists for it, even if other rules are created to try to allow it. Deny rules can use any [rule level](/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create#windows-defender-application-control-file-rule-levels). Use the most specific rule level practical when creating deny rules to avoid blocking more than you intend.
-
-2. Explicit allow rules - if any explicit allow rule exists for the file, the file runs.
-
-3. WDAC then checks for the [Managed Installer extended attribute (EA)](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer) or the [Intelligent Security Graph (ISG) EA](/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph) on the file. If either EA exists and the policy enables the corresponding option, then the file is allowed.
-
-4. Lastly, WDAC makes a cloud call to the ISG to get reputation about the file, if the policy enables the ISG option.
-
-5. Any file not allowed by an explicit rule or based on ISG or MI is blocked implicitly.
-
-## Known issues
-
-### Boot stop failure (blue screen) occurs if more than 32 policies are active
-
-Until you apply the Windows security update released on or after April 9, 2024, your device is limited to 32 active policies. If the maximum number of policies is exceeded, the device bluescreens referencing ci.dll with a bug check value of 0x0000003b. Consider this maximum policy count limit when planning your WDAC policies. Any [Windows inbox policies](/windows/security/threat-protection/windows-defender-application-control/operations/inbox-wdac-policies) that are active on the device also count towards this limit. To remove the maximum policy limit, install the Windows security update released on, or after, April 9, 2024 and then restart the device. Otherwise, reduce the number of policies on the device to remain below 32 policies.
-
-**Note:** The policy limit was not removed on Windows 11 21H2, and will remain limited to 32 policies.
-
-### Audit mode policies can change the behavior for some apps or cause app crashes
-
-Although WDAC audit mode is designed to avoid impact to apps, some features are always on/always enforced with any WDAC policy that turns on user mode code integrity (UMCI) with the option **0 Enabled:UMCI**. Here's a list of known system changes in audit mode:
-
-- Some script hosts might block code or run code with fewer privileges even in audit mode. See [Script enforcement with WDAC](/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement) for information about individual script host behaviors.
-- Option **19 Enabled:Dynamic Code Security** is always enforced if any UMCI policy includes that option. See [WDAC and .NET](/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet#wdac-and-net-hardening).
-
-### .NET native images may generate false positive block events
-
-In some cases, the code integrity logs where Windows Defender Application Control errors and warnings are written include error events for native images generated for .NET assemblies. Typically, native image blocks are functionally benign as a blocked native image falls back to its corresponding assembly and .NET regenerates the native image at its next scheduled maintenance window.
-
-### Signatures using elliptical curve cryptography (ECC) aren't supported
-
-WDAC signer-based rules only work with RSA cryptography. ECC algorithms, such as ECDSA, aren't supported. If WDAC blocks a file based on ECC signatures, the corresponding 3089 signature information events show VerificationError = 23. You can authorize the files instead by hash or file attribute rules, or using other signer rules if the file is also signed with signatures using RSA.
-
-### MSI installers are treated as user writeable on Windows 10 when allowed by FilePath rule
-
-MSI installer files are always detected as user writeable on Windows 10, and on Windows Server 2022 and earlier. If you need to allow MSI files using FilePath rules, you must set option **18 Disabled:Runtime FilePath Rule Protection** in your WDAC policy.
-
-### MSI Installations launched directly from the internet are blocked by WDAC
-
-Installing .msi files directly from the internet to a computer protected by WDAC fails.
-For example, this command fails:
-
-```console
-msiexec -i https://download.microsoft.com/download/2/E/3/2E3A1E42-8F50-4396-9E7E-76209EA4F429/Windows10_Version_1511_ADMX.msi
-```
-
-As a workaround, download the MSI file and run it locally:
-
-```console
-msiexec -i c:\temp\Windows10_Version_1511_ADMX.msi
-```
-
-### Slow boot and performance with custom policies
-
-WDAC evaluates all processes that run, including inbox Windows processes. You can cause slower boot times, degraded performance, and possibly boot issues if your policies don't build upon the WDAC templates or don't trust the Windows signers. For these reasons, you should use the [WDAC base templates](../design/example-wdac-base-policies.md) whenever possible to create your policies.
-
-#### AppId Tagging policy considerations
-
-AppId Tagging policies that aren't built upon the WDAC base templates or don't allow the Windows in-box signers might cause a significant increase in boot times (~2 minutes).
-
-If you can't allowlist the Windows signers or build off the WDAC base templates, add the following rule to your policies to improve the performance:
-
-:::image type="content" source="../images/known-issue-appid-dll-rule.png" alt-text="Allow all dlls in the policy.":::
-
-:::image type="content" source="../images/known-issue-appid-dll-rule-xml.png" alt-text="Allow all dll files in the xml policy.":::
-
-Since AppId Tagging policies evaluate but can't tag dll files, this rule short circuits dll evaluation and improve evaluation performance.
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md b/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md
deleted file mode 100644
index 71c48fb256..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md
+++ /dev/null
@@ -1,27 +0,0 @@
----
-title: Managing and troubleshooting Windows Defender Application Control policies
-description: Gather information about how your deployed Windows Defender Application Control policies are behaving.
-ms.localizationpriority: medium
-ms.date: 03/30/2023
-ms.topic: how-to
----
-
-# Windows Defender Application Control operational guide
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
-
-You now understand how to design and deploy your Windows Defender Application Control (WDAC) policies. This guide explains how to understand the effects your policies have and how to troubleshoot when they aren't behaving as expected. It contains information on where to find events and what they mean, and also querying these events with Microsoft Defender for Endpoint Advanced Hunting feature.
-
-## In this section
-
-| Article | Description |
-| - | - |
-| [Debugging and troubleshooting](/windows/security/threat-protection/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting) | This article explains how to debug app and script failures with WDAC. |
-| [Understanding Application Control event IDs](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations) | This article explains the meaning of different WDAC event IDs. |
-| [Understanding Application Control event tags](/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations) | This article explains the meaning of different WDAC event tags. |
-| [Query WDAC events with Advanced hunting](/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting) | This article covers how to view WDAC events centrally from all systems that are connected to Microsoft Defender for Endpoint. |
-| [Admin Tips & Known Issues](/windows/security/threat-protection/windows-defender-application-control/operations/known-issues) | This article describes some WDAC Admin Tips & Known Issues. |
-| [Managed installer and ISG technical reference and troubleshooting guide](/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer) | This article provides technical details and debugging steps for managed installer and ISG. |
-| [CITool.exe technical reference](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands) | This article explains how to use CITool.exe. |
-| [Inbox WDAC policies](/windows/security/threat-protection/windows-defender-application-control/operations/inbox-wdac-policies) | This article describes the WDAC policies that ship with Windows and when they're active. |
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md b/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md
deleted file mode 100644
index 81042f2926..0000000000
--- a/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md
+++ /dev/null
@@ -1,65 +0,0 @@
----
-title: WDAC and AppLocker Overview
-description: Compare Windows application control technologies.
-ms.localizationpriority: medium
-ms.date: 01/03/2024
-ms.topic: conceptual
----
-
-# Windows Defender Application Control and AppLocker Overview
-
-> [!NOTE]
-> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](feature-availability.md).
-
-Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker.
-
-## Windows Defender Application Control
-
-WDAC was introduced with Windows 10 and allows organizations to control which drivers and applications are allowed to run on their Windows clients. It was designed as a security feature under the [servicing criteria](https://www.microsoft.com/msrc/windows-security-servicing-criteria), defined by the Microsoft Security Response Center (MSRC).
-
-WDAC policies apply to the managed computer as a whole and affects all users of the device. WDAC rules can be defined based on:
-
-- Attributes of the codesigning certificate(s) used to sign an app and its binaries
-- Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file
-- The reputation of the app as determined by Microsoft's [Intelligent Security Graph](design/use-wdac-with-intelligent-security-graph.md)
-- The identity of the process that initiated the installation of the app and its binaries ([managed installer](design/configure-authorized-apps-deployed-with-a-managed-installer.md))
-- The [path from which the app or file is launched](design/select-types-of-rules-to-create.md#more-information-about-filepath-rules) (beginning with Windows 10 version 1903)
-- The process that launched the app or binary
-
-> [!NOTE]
-> WDAC was originally released as part of Device Guard and called configurable code integrity. Device Guard and configurable code integrity are no longer used except to find where to deploy WDAC policy via Group Policy.
-
-### WDAC System Requirements
-
-WDAC policies can be created and applied on any client edition of Windows 10 or Windows 11, or on Windows Server 2016 and higher. WDAC policies can be deployed via a Mobile Device Management (MDM) solution, for example, Intune; a management interface such as Configuration Manager; or a script host such as PowerShell. Group Policy can also be used to deploy WDAC policies, but is limited to single-policy format policies that work on Windows Server 2016 and 2019.
-
-For more information on which individual WDAC features are available on specific WDAC builds, see [WDAC feature availability](feature-availability.md).
-
-## AppLocker
-
-AppLocker was introduced with Windows 7, and allows organizations to control which applications are allowed to run on their Windows clients. AppLocker helps to prevent end-users from running unapproved software on their computers but doesn't meet the servicing criteria for being a security feature.
-
-AppLocker policies can apply to all users on a computer, or to individual users and groups. AppLocker rules can be defined based on:
-
-- Attributes of the codesigning certificate(s) used to sign an app and its binaries.
-- Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file.
-- The path from which the app or file is launched.
-
-AppLocker is also used by some features of WDAC, including [managed installer](/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer) and the [Intelligent Security Graph](/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph).
-
-### AppLocker System Requirements
-
-AppLocker policies can only be configured on and applied to devices that are running on the supported versions and editions of the Windows operating system. For more info, see [Requirements to Use AppLocker](applocker/requirements-to-use-applocker.md).
-AppLocker policies can be deployed using Group Policy or MDM.
-
-## Choose when to use WDAC or AppLocker
-
-Generally, customers who are able to implement application control using WDAC, rather than AppLocker, should do so. WDAC is undergoing continual improvements, and is getting added support from Microsoft management platforms. Although AppLocker continues to receive security fixes, it isn't getting new feature improvements.
-
-However, in some cases, AppLocker might be the more appropriate technology for your organization. AppLocker is best when:
-
-- You have a mixed Windows operating system (OS) environment and need to apply the same policy controls to Windows 10 and earlier versions of the OS.
-- You need to apply different policies for different users or groups on shared computers.
-- You don't want to enforce application control on application files such as DLLs or drivers.
-
-AppLocker can also be deployed as a complement to WDAC to add user or group-specific rules for shared device scenarios, where it's important to prevent some users from running specific apps. As a best practice, you should enforce WDAC at the most restrictive level possible for your organization, and then you can use AppLocker to further fine-tune the restrictions.
diff --git a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
index 29d6d96ecb..0de253e2e9 100644
--- a/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+++ b/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
@@ -87,7 +87,7 @@ An array of folders, each representing a location on the host machine that is sh
 ```xml
 <MappedFolders>
   <MappedFolder>
-    <HostFolder>absolute path to the host folder</HostFolder>
+    <HostFolder>absolute or relative path to the host folder</HostFolder>
     <SandboxFolder>absolute path to the sandbox folder</SandboxFolder>
     <ReadOnly>value</ReadOnly>
   </MappedFolder>
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index 1a7808e2b1..b2eefb6943 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -101,6 +101,12 @@
         "security-foundations/certification/**/*.md": "mike-grimm",
         "security-foundations/certification/**/*.yml": "mike-grimm"
       },
+      "feedback_system": {
+        "book/*.md": "none"
+      },
+      "hideEdit": {
+        "book/*.md": "true"
+      },
       "ms.author": {
         "application-security//**/*.md": "vinpa",
         "application-security//**/*.yml": "vinpa",
diff --git a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md
index b686fb205c..22b8f3245f 100644
--- a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md
@@ -54,7 +54,9 @@ Use the **Virtualization Based Technology** > **Hypervisor Enforced Code Integri
 1. Navigate to **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard**.
 1. Double-click **Turn on Virtualization Based Security**.
 1. Select **Enabled** and under **Virtualization Based Protection of Code Integrity**, select **Enabled without UEFI lock**. Only select **Enabled with UEFI lock** if you want to prevent memory integrity from being disabled remotely or by policy update. Once enabled with UEFI lock, you must have access to the UEFI BIOS menu to turn off Secure Boot if you want to turn off memory integrity.
+
    ![Enable memory integrity using Group Policy.](images/enable-hvci-gp.png)
+
 1. Select **Ok** to close the editor.
 
 To apply the new policy on a domain-joined computer, either restart or run `gpupdate /force` in an elevated Command Prompt.
@@ -73,7 +75,7 @@ Set the following registry keys to enable memory integrity. These keys provide s
 
 Recommended settings (to enable memory integrity without UEFI Lock):
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 0 /f
@@ -85,55 +87,55 @@ If you want to customize the preceding recommended settings, use the following r
 
 **To enable VBS only (no memory integrity)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f
 ```
 
 **To enable VBS and require Secure boot only (value 1)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f
 ```
 
 **To enable VBS with Secure Boot and DMA protection (value 3)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 3 /f
 ```
 
 **To enable VBS without UEFI lock (value 0)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 0 /f
 ```
 
 **To enable VBS with UEFI lock (value 1)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 1 /f
 ```
 
 **To enable memory integrity**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 1 /f
 ```
 
 **To enable memory integrity without UEFI lock (value 0)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 0 /f
 ```
 
 **To enable memory integrity with UEFI lock (value 1)**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 1 /f
 ```
 
 **To enable VBS (and memory integrity) in mandatory mode**
 
-```console
+```cmd
 reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Mandatory" /t REG_DWORD /d 1 /f
 ```
 
@@ -143,25 +145,25 @@ The **Mandatory** setting prevents the OS loader from continuing to boot in case
 > Special care should be used before enabling this mode, since, in case of any failure of the virtualization modules, the system will refuse to boot.
 
 **To gray out the memory integrity UI and display the message "This setting is managed by your administrator"**
-```console
+```cmd
 reg delete HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v "WasEnabledBy" /f
 ```
 
 **To let memory integrity UI behave normally (Not grayed out)**
-```console
+```cmd
 reg add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v "WasEnabledBy" /t REG_DWORD /d 2 /f
 ```
 
-### Enable memory integrity using Windows Defender Application Control (WDAC)
+### Enable memory integrity using App Control for Business
 
-You can use WDAC policy to turn on memory integrity using any of the following techniques:
+You can use App Control policy to turn on memory integrity using any of the following techniques:
 
-1. Use the [WDAC Wizard](https://aka.ms/wdacwizard) to create or edit your WDAC policy and select the option **Hypervisor-protected Code Integrity** on the **Policy Rules** page of the Wizard.
+1. Use the [App Control Wizard](https://aka.ms/wdacwizard) to create or edit your App Control policy and select the option **Hypervisor-protected Code Integrity** on the **Policy Rules** page of the Wizard.
 2. Use the [Set-HVCIOptions](/powershell/module/configci/set-hvcioptions) PowerShell cmdlet.
-3. Edit your WDAC policy XML and modify the value set for the `<HVCIOptions>` element.
+3. Edit your App Control policy XML and modify the value set for the `<HVCIOptions>` element.
 
 > [!NOTE]
-> If your WDAC policy is set to turn memory integrity on, it will be turned on even if the policy is in audit mode.
+> If your App Control policy is set to turn memory integrity on, it will be turned on even if the policy is in audit mode.
 
 ### Validate enabled VBS and memory integrity features
 
@@ -269,7 +271,7 @@ Another method to determine the available and enabled VBS features is to run msi
     2. Then, boot to Windows RE on the affected computer, see [Windows RE Technical Reference](/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference).
     3. After logging in to Windows RE, set the memory integrity registry key to off:
 
-        ```console
+        ```cmd
         reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f
         ```
 
diff --git a/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md b/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md
index 153871eba2..af01702227 100644
--- a/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md
+++ b/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md
@@ -30,7 +30,7 @@ System Guard Secure Launch can be configured for Mobile Device Management (MDM)
 1. Select **Start** > type and then select **Edit group policy**.
 1. Select **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard** > **Turn On Virtualization Based Security** > **Secure Launch Configuration**.
 
-    ![Secure Launch Configuration.](images/secure-launch-group-policy.png)
+   :::image type="content" alt-text="Secure Launch Configuration." source="images/secure-launch-group-policy.png" lightbox="images/secure-launch-group-policy.png":::
 
 ### Windows Security
 
@@ -52,10 +52,10 @@ Select **Start** > **Settings** > **Update & Security** > **Windows Security** >
 
 To verify that Secure Launch is running, use System Information (MSInfo32). Select **Start**, search for **System Information**, and look under **Virtualization-based Security Services Running** and **Virtualization-based Security Services Configured**.
 
-![Verifying Secure Launch is running in the Windows Security settings.](images/secure-launch-msinfo.png)
+:::image type="content" alt-text="Verifying Secure Launch is running in the Windows Security settings." source="images/secure-launch-msinfo.png" lightbox="images/secure-launch-msinfo.png":::
 
 > [!NOTE]
-> To enable System Guard Secure launch, the platform must meet all the baseline requirements for [System Guard](how-hardware-based-root-of-trust-helps-protect-windows.md), [Device Guard](../application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md), [Credential Guard](../identity-protection/credential-guard/index.md), and [Virtualization Based Security](/windows-hardware/design/device-experiences/oem-vbs).
+> To enable System Guard Secure launch, the platform must meet all the baseline requirements for [System Guard](how-hardware-based-root-of-trust-helps-protect-windows.md), [Device Guard](../application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md), [Credential Guard](../identity-protection/credential-guard/index.md), and [Virtualization Based Security](/windows-hardware/design/device-experiences/oem-vbs).
 
 > [!NOTE]
 > For more information around AMD processors, see [Microsoft Security Blog: Force firmware code to be measured and attested by Secure Launch on Windows 10](https://www.microsoft.com/security/blog/2020/09/01/force-firmware-code-to-be-measured-and-attested-by-secure-launch-on-windows-10/).
diff --git a/windows/security/hardware-security/tpm/tpm-recommendations.md b/windows/security/hardware-security/tpm/tpm-recommendations.md
index ae731d1f10..ff2f368320 100644
--- a/windows/security/hardware-security/tpm/tpm-recommendations.md
+++ b/windows/security/hardware-security/tpm/tpm-recommendations.md
@@ -87,7 +87,7 @@ The following table defines which Windows features require TPM support.
 | Measured Boot | Yes | Yes | Yes | Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot. TPM 2.0 is recommended since it supports newer cryptographic algorithms. TPM 1.2 only supports the SHA-1 algorithm, which is being deprecated. |
 | BitLocker | No | Yes | Yes | TPM 1.2 or 2.0 are supported but TPM 2.0 is recommended. [Device Encryption requires Modern Standby](../../operating-system-security/data-protection/bitlocker/index.md#device-encryption) including TPM 2.0 support |
 | Device Encryption | Yes | N/A | Yes | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0. |
-| Windows Defender Application Control (Device Guard) | No | Yes | Yes |
+| App Control for Business | No | Yes | Yes |
 | System Guard (DRTM) | Yes | No | Yes | TPM 2.0 and UEFI firmware is required. |
 | Credential Guard | No | Yes | Yes | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported. Paired with System Guard, TPM 2.0 provides enhanced security for Credential Guard. Windows 11 requires TPM 2.0 by default to facilitate easier enablement of this enhanced security for customers. |
 | Device Health Attestation | Yes | Yes | Yes | TPM 2.0 is recommended since it supports newer cryptographic algorithms. TPM 1.2 only supports the SHA-1 algorithm, which is being deprecated. |
diff --git a/windows/security/identity-protection/hello-for-business/faq.yml b/windows/security/identity-protection/hello-for-business/faq.yml
index c17a99f819..9a2ac25742 100644
--- a/windows/security/identity-protection/hello-for-business/faq.yml
+++ b/windows/security/identity-protection/hello-for-business/faq.yml
@@ -5,7 +5,7 @@ metadata:
   author: paolomatarazzo
   ms.author: paoloma
   ms.topic: faq
-  ms.date: 01/03/2024
+  ms.date: 10/10/2024
 
 title: Common questions about Windows Hello for Business
 summary: Windows Hello for Business replaces password sign-in with strong authentication, using an asymmetric key pair. This Frequently Asked Questions (FAQ) article is intended to help you learn more about Windows Hello for Business.
diff --git a/windows/security/includes/mdag-edge-deprecation-notice.md b/windows/security/includes/mdag-edge-deprecation-notice.md
index 150cffe43f..69454f1d18 100644
--- a/windows/security/includes/mdag-edge-deprecation-notice.md
+++ b/windows/security/includes/mdag-edge-deprecation-notice.md
@@ -6,5 +6,5 @@ ms.topic: include
 ---
 
 > [!NOTE]
-> - Microsoft Defender Application Guard, including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), will be deprecated for Microsoft Edge for Business and [will no longer be updated](/windows/whats-new/feature-lifecycle). Please download the [Microsoft Edge For Business Security Whitepaper](https://edgestatic.azureedge.net/shared/cms/pdfs/Microsoft_Edge_Security_Whitepaper_v2.pdf) to learn more about Edge for Business security capabilities.
+> - Microsoft Defender Application Guard, including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), will be deprecated for Microsoft Edge for Business and [will no longer be updated](/windows/whats-new/feature-lifecycle). To learn more about Microsoft Edge security capabilities, see [Microsoft Edge For Business Security](/deployedge/ms-edge-security-for-business).
 > - Because Application Guard is deprecated there will not be a migration to Edge Manifest V3. The corresponding browser extensions and associated Windows Store app are no longer available. If you want to block unprotected browsers until you are ready to retire MDAG usage in your enterprise, we recommend using AppLocker policies or [Microsoft Edge management service](/deployedge/microsoft-edge-management-service). For more information, see [Microsoft Edge and Microsoft Defender Application Guard](/deployedge/microsoft-edge-security-windows-defender-application-guard).<!--8932292-->
\ No newline at end of file
diff --git a/windows/security/includes/sections/application.md b/windows/security/includes/sections/application.md
index 8b6b510ef4..75e29b9470 100644
--- a/windows/security/includes/sections/application.md
+++ b/windows/security/includes/sections/application.md
@@ -9,8 +9,8 @@ ms.topic: include
 
 | Feature name | Description |
 |:---|:---|
-| **[Smart App Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Smart App Control prevents users from running malicious applications on Windows devices by blocking untrusted or unsigned applications. Smart App Control goes beyond previous built-in browser protections, by adding another layer of security that is woven directly into the core of the OS at the process level. Using AI, our new Smart App Control only allows processes to run that are predicted to be safe based on existing and new intelligence processed daily. Smart App Control builds on top of the same cloud-based AI used in Windows Defender Application Control (WDAC) to predict the safety of an application, so people can be confident they're using safe and reliable applications on their new Windows 11 devices, or Windows 11 devices that have been reset. |
-| **[Windows Defender Application Control (WDAC)](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Your organization is only as secure as the applications that run on your devices. With application control, apps must earn trust to run, in contrast to an application trust model where all code is assumed trustworthy. By helping prevent unwanted or malicious code from running, application control is an important part of an effective security strategy. Many organizations cite application control as one of the most effective means for addressing the threat of executable file-based malware.<br><br>Windows 10 and above include Windows Defender Application Control (WDAC) and AppLocker. WDAC is the next generation app control solution for Windows and provides powerful control over what runs in your environment. Customers who were using AppLocker on previous versions of Windows can continue to use the feature as they consider whether to switch to WDAC for the stronger protection. |
+| **[Smart App Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Smart App Control prevents users from running malicious applications on Windows devices by blocking untrusted or unsigned applications. Smart App Control goes beyond previous built-in browser protections, by adding another layer of security that is woven directly into the core of the OS at the process level. Using AI, our new Smart App Control only allows processes to run that are predicted to be safe based on existing and new intelligence processed daily. Smart App Control builds on top of the same cloud-based AI used in App Control for Business to predict the safety of an application, so people can be confident they're using safe and reliable applications on their new Windows 11 devices, or Windows 11 devices that have been reset. |
+| **[App Control for Business](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Your organization is only as secure as the applications that run on your devices. With application control, apps must earn trust to run, in contrast to an application trust model where all code is assumed trustworthy. By helping prevent unwanted or malicious code from running, application control is an important part of an effective security strategy. Many organizations cite application control as one of the most effective means for addressing the threat of executable file-based malware.<br><br>Windows 10 and above include App Control for Business and AppLocker. App Control is the next generation app control solution for Windows and provides powerful control over what runs in your environment. Customers who were using AppLocker on previous versions of Windows can continue to use the feature as they consider whether to switch to App Control for the stronger protection. |
 | **[AppLocker](/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview)** |  |
 | **[User Account Control (UAC)](/windows/security/application-security/application-control/user-account-control/)** | User Account Control (UAC) helps prevent malware from damaging a device. With UAC, apps and tasks always run in the security context of a non-administrator account, unless an administrator authorizes administrator-level access to the system. UAC can block the automatic installation of unauthorized apps and prevents inadvertent changes to system settings. Enabling UAC helps to prevent malware from altering device settings and potentially gaining access to networks and sensitive data. UAC can also block the automatic installation of unauthorized apps and prevent inadvertent changes to system settings. |
 | **[Microsoft vulnerable driver blocklist](/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules)** | The Windows kernel is the most privileged software and is therefore a compelling target for malware authors. Since Windows has strict requirements for code running in the kernel, cybercriminals commonly exploit vulnerabilities in kernel drivers to get access. Microsoft works with the ecosystem partners to constantly identify and respond to potentially vulnerable kernel drivers.<br><br>Prior to Windows 11, version 22H2, the operating system enforced a block policy when HVCI is enabled to prevent vulnerable versions of drivers from running. Starting in Windows 11, version 22H2, the block policy is enabled by default for all new Windows devices, and users can opt-in to enforce the policy from the Windows Security app. |
diff --git a/windows/security/includes/sections/security-foundations.md b/windows/security/includes/sections/security-foundations.md
index 7a85af0543..905fb63998 100644
--- a/windows/security/includes/sections/security-foundations.md
+++ b/windows/security/includes/sections/security-foundations.md
@@ -25,5 +25,5 @@ ms.topic: include
 | Feature name | Description |
 |:---|:---|
 | **Software Bill of Materials (SBOM)** | SBOMs are leveraged to provide the transparency and provenance of the content as it moves through various stages of the Windows supply chain. This enables trust between each supply chain segment, ensures that tampering has not taken place during ingestion and along the way, and provides a provable chain of custody for the product that we ship to customers. |
-| **[Azure Code Signing](/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection)** | Windows Defender Application Control (WDAC) enables customers to define policies for controlling what is allowed to run on their devices. WDAC policies can be remotely applied to devices using an MDM solution like Microsoft Intune. <br><br>To simplify WDAC enablement, organizations can take advantage of Azure Code Signing, a secure and fully managed service for signing WDAC policies and apps. <br><br>Azure Code Signing minimizes the complexity of code signing with a turnkey service backed by a Microsoft managed certificate authority, eliminating the need to procure and self-manage any signing certificates. The service is managed just as any other Azure resource and integrates easily with the leading development and CI/CD toolsets.  |
+| **[Azure Code Signing](/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection)** | App Control for Business enables customers to define policies for controlling what is allowed to run on their devices. App Control policies can be remotely applied to devices using an MDM solution like Microsoft Intune. <br><br>To simplify App Control enablement, organizations can take advantage of Azure Code Signing, a secure and fully managed service for signing App Control policies and apps. <br><br>Azure Code Signing minimizes the complexity of code signing with a turnkey service backed by a Microsoft managed certificate authority, eliminating the need to procure and self-manage any signing certificates. The service is managed just as any other Azure resource and integrates easily with the leading development and CI/CD toolsets.  |
 | **[Windows application software development kit (SDK)](https://developer.microsoft.com/windows/downloads/windows-sdk/)** | Developers have an opportunity to design highly secure applications that benefit from the latest Windows safeguards. The Windows App SDK provides a unified set of APIs and tools for developing secure desktop apps for Windows. To help create apps that are up-to-date and protected, the SDK follows the same security standards, protocols, and compliance as the core Windows operating system.  |
diff --git a/windows/security/index.yml b/windows/security/index.yml
index 9553388f93..9738ace595 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -101,7 +101,7 @@ landingContent:
     linkLists:
       - linkListType: overview
         links:
-          - text: Windows Defender Application Control (WDAC)
+          - text: App Control for Business
             url: /windows/security/application-security/application-control/windows-defender-application-control/
           - text: User Account Control (UAC)
             url: /windows/security/application-security/application-control/user-account-control
diff --git a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md
index 7bf6e12c5a..645cf45add 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md
@@ -462,6 +462,9 @@ From the **BitLocker Drive Encryption** Control Panel applet, select the OS driv
 
 ### Resume BitLocker
 
+> [!NOTE]
+> Resuming protection only works on devices that have accepted the Windows EULA.
+
 #### [:::image type="icon" source="images/powershell.svg"::: **PowerShell**](#tab/powershell)
 
 ```powershell
diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md
index 4625b2f5e0..808550018a 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md
@@ -21,6 +21,7 @@ The following list provides examples of common events that cause a device to ent
 - Docking or undocking a portable computer
 - Changes to the NTFS partition table on the disk
 - Changes to the boot manager
+- Using PXE boot
 - Turning off, disabling, deactivating, or clearing the TPM
 - TPM self-test failure
 - Upgrading the motherboard to a new one with a new TPM
diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md
index 4b1498edf5..a3cded5a34 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md
@@ -180,6 +180,9 @@ When a volume is unlocked using a recovery password:
 
 After the volume is unlocked, BitLocker behaves the same way, regardless of how the access was granted.
 
+> [!NOTE]
+> If you move an OS volume with a TPM protector to a different device and unlock it using a recovery protector, BitLocker will bind to the new TPM. Returning the volume to the original device will prompt for the recovery protector due to the TPM mismatch. Once unlocked using recovery protector again, the volume will re-bind to the original device.
+
 If a device experiences multiple recovery password events, an administrator should perform post-recovery analysis to determine the root cause of the recovery. Then, refresh the BitLocker platform validation to prevent entering a recovery password each time that the device starts up.
 
 ### Determine the root cause of the recovery
diff --git a/windows/security/operating-system-security/device-management/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/operating-system-security/device-management/windows-security-configuration-framework/get-support-for-security-baselines.md
index c652900182..05f61ccf78 100644
--- a/windows/security/operating-system-security/device-management/windows-security-configuration-framework/get-support-for-security-baselines.md
+++ b/windows/security/operating-system-security/device-management/windows-security-configuration-framework/get-support-for-security-baselines.md
@@ -3,7 +3,7 @@ title: Get support for security baselines
 description: Find answers to frequently asked question on how to get support for baselines, the Security Compliance Toolkit (SCT), and related articles.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 07/10/2024
+ms.date: 10/01/2024
 ---
 
 # Get Support
@@ -47,6 +47,7 @@ No. SCM supported only SCAP 1.0, which wasn't updated as SCAP evolved. The new t
 
 | Name | Build | Baseline release date | Security tools |
 |--|--|--|--|
+| Windows 11 | [24H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-version-24h2-security-baseline/ba-p/4252801) <br> | October 2024<br> | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) |
 | Windows 11 | [23H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-version-23h2-security-baseline/ba-p/3967618) <br> | October 2023<br> | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) |
 | Windows 11 | [22H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-version-22h2-security-baseline/ba-p/3632520) <br> | September 2022<br> | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) |
 | Windows 10 | [22H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-10-version-22h2-security-baseline/ba-p/3655724) <br> [21H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-windows-10-version-21h2/ba-p/3042703) <br> [20H2](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-and-windows-server/ba-p/1999393) <br> [1809](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-v1809-and-windows-server/ba-p/701082) <br> [1607](/archive/blogs/secguide/security-baseline-for-windows-10-v1607-anniversary-edition-and-windows-server-2016) <br>[1507](/archive/blogs/secguide/security-baseline-for-windows-10-v1507-build-10240-th1-ltsb-update) | October 2022<br>December 2021<br>December 2020<br>October 2018<br>October 2016 <br>January 2016 | [SCT 1.0](https://www.microsoft.com/download/details.aspx?id=55319) |
diff --git a/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10.md
index a1a1d93059..ced5288d21 100644
--- a/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10.md
+++ b/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10.md
@@ -2,7 +2,7 @@
 title: Microsoft Security Compliance Toolkit Guide
 description: This article describes how to use Security Compliance Toolkit in your organization.
 ms.topic: conceptual
-ms.date: 07/10/2024
+ms.date: 10/01/2024
 ---
 
 # Microsoft Security Compliance Toolkit - How to use
@@ -16,6 +16,7 @@ The SCT enables administrators to effectively manage their enterprise's Group Po
 The Security Compliance Toolkit consists of:
 
 - Windows 11 security baseline
+  - Windows 11, version 24H2
   - Windows 11, version 23H2
   - Windows 11, version 22H2
   - Windows 11, version 21H2
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/rules.md b/windows/security/operating-system-security/network-security/windows-firewall/rules.md
index 4729ae6e10..3daf29314e 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/rules.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/rules.md
@@ -46,11 +46,11 @@ In either of these scenarios, once the rules are added, they must be deleted to
 > [!NOTE]
 > The firewall's default settings are designed for security. Allowing all inbound connections by default introduces the network to various threats. Therefore, creating exceptions for inbound connections from non-Microsoft software should be determined by trusted app developers, the user, or the admin on behalf of the user.
 
-### WDAC tagging policies
+### App Control tagging policies
 
-Windows Firewall supports the use of Windows Defender Application Control (WDAC) Application ID (AppID) tags in firewall rules. With this capability, Windows Firewall rules can be scoped to an application or a group of applications by referencing process tags, without using absolute path or sacrificing security. There are two steps for this configuration:
+Windows Firewall supports the use of App Control for Business Application ID (AppID) tags in firewall rules. With this capability, Windows Firewall rules can be scoped to an application or a group of applications by referencing process tags, without using absolute path or sacrificing security. There are two steps for this configuration:
 
-1. Deploy *WDAC AppId tagging policies*: a Windows Defender Application Control policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [WDAC AppId tagging guide](../../../application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications.
+1. Deploy *App Control AppId tagging policies*: an App Control for Business policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [App Control AppId tagging guide](../../../application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications.
 1. Configure firewall rules using *PolicyAppId tags* using one of the two methods:
     - Using the [PolicyAppId node of the Firewall CSP](/windows/client-management/mdm/firewall-csp#mdmstorefirewallrulesfirewallrulenamepolicyappid) with an MDM solution like Microsoft Intune. If you use Microsoft Intune, you can deploy the rules from Microsoft Intune Admin center, under the path **Endpoint security** > **Firewall** > **Create policy** > **Windows 10, Windows 11, and Windows Server** > **Windows Firewall Rules**. When creating the rules, provide the *AppId tag* in the **Policy App ID** setting
     - Create local firewall rules with PowerShell: use the [`New-NetFirewallRule`](/powershell/module/netsecurity/new-netfirewallrule) cmdlet and specify the `-PolicyAppId` parameter. You can specify one tag at a time while creating firewall rules. Multiple User Ids are supported
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
index d53d8c5dc7..9824baf8c1 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
@@ -1,7 +1,7 @@
 ---
 title: Available Microsoft Defender SmartScreen settings
 description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
-ms.date: 07/10/2024
+ms.date: 10/10/2024
 ms.topic: reference
 ---
 
@@ -9,7 +9,7 @@ ms.topic: reference
 
 Microsoft Defender SmartScreen works with Intune, Group Policy, and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Microsoft Defender SmartScreen, you can show users a warning page and let them continue to the site, or you can block the site entirely.
 
-See [Windows settings to protect devices using Intune](/intune/endpoint-protection-windows-10#windows-defender-smartscreen-settings) for the controls you can use in Intune.
+See [Windows settings to protect devices using Intune](/mem/intune/protect/endpoint-protection-windows-10#microsoft-defender-smartscreen-settings) for the controls you can use in Intune.
 
 > [!NOTE]
 > For a list of settings available for Enhanced phishing protection, see [Enhanced phishing protection](enhanced-phishing-protection.md#configure-enhanced-phishing-protection-for-your-organization).
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index 5dd0c7c3f0..68fce9d079 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -19,7 +19,7 @@ See the following articles to learn more about the different areas of Windows th
 - [Controlled Folder Access](/microsoft-365/security/defender-endpoint/controlled-folders)
 - [Exploit Protection](/microsoft-365/security/defender-endpoint/exploit-protection)
 - [Microsoft Defender Application Guard](../application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview.md)
-- [Microsoft Defender Device Guard](../application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
+- [Microsoft Defender Device Guard](../application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md)
 - [Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/)
 - [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)
 - [Virtualization-Based Protection of Code Integrity](../hardware-security/enable-virtualization-based-protection-of-code-integrity.md)
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 564b83b498..5b5fb3e06e 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -386,7 +386,7 @@ Examples:
     Set-ProcessMitigation -Name notepad.exe -Enable SEHOP -Disable MandatoryASLR,DEPATL
     ```
 
-- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying Windows Defender Application Control (WDAC) policies](../application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections.
+- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying App Control for Business policies](../application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections.
 
 - **Convert Certificate Trust settings to enterprise certificate pinning rules**: If you have an EMET "Certificate Trust" XML file (pinning rules file), you can also use ConvertTo-ProcessMitigationPolicy to convert the pinning rules file into an enterprise certificate pinning rules file. Then you can finish enabling that file as described in [Enterprise Certificate Pinning](/windows/access-protection/enterprise-certificate-pinning). For example:
 
diff --git a/windows/whats-new/TOC.yml b/windows/whats-new/TOC.yml
index 408873ec0b..f7564e0af6 100644
--- a/windows/whats-new/TOC.yml
+++ b/windows/whats-new/TOC.yml
@@ -13,6 +13,8 @@
       href: windows-11-prepare.md
     - name: Windows 11 enterprise feature control
       href: temporary-enterprise-feature-control.md
+    - name: What's new in Windows 11, version 24H2
+      href: whats-new-windows-11-version-24h2.md      
     - name: What's new in Windows 11, version 23H2
       href: whats-new-windows-11-version-23h2.md
     - name: What's new in Windows 11, version 22H2
@@ -24,11 +26,13 @@
       href: extended-security-updates.md
     - name: What's new in Windows 10, version 22H2
       href: whats-new-windows-10-version-22H2.md
-- name: Windows 10 Enterprise LTSC
+- name: Windows Enterprise LTSC
   expanded: false
   items:
-  - name: Windows 10 Enterprise LTSC overview
+  - name: Windows Enterprise LTSC overview
     href: ltsc/overview.md
+  - name: What's new in Windows 11 Enterprise LTSC 2024
+    href: ltsc/whats-new-windows-11-2024.md      
   - name: What's new in Windows 10 Enterprise LTSC 2021
     href: ltsc/whats-new-windows-10-2021.md
   - name: What's new in Windows 10 Enterprise LTSC 2019
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index 00fab61fd6..7c53798b03 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -1,7 +1,7 @@
 ---
 title: Resources for deprecated features in the Windows client
 description: Resources and details for deprecated features in the Windows client.
-ms.date: 08/12/2024
+ms.date: 08/14/2024
 ms.service: windows-client
 ms.subservice: itpro-fundamentals
 ms.localizationpriority: medium
@@ -38,7 +38,7 @@ Negotiate's built-in fallback to NTLM is preserved to mitigate compatibility iss
 
 ## WordPad
 
-WordPad will be removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. As a result, Windows will no longer have a built-in, default RTF reader. We recommend Microsoft Word for rich text documents like .doc and .rtf and Notepad for plain text documents like .txt. The following binaries will be removed as a result of WordPad removal:
+WordPad is removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. As a result, Windows will no longer have a built-in, default RTF reader. We recommend Microsoft Word for rich text documents like .doc and .rtf and Notepad for plain text documents like .txt. The following binaries will be removed as a result of WordPad removal:
 
 - wordpad.exe
 - wordpadfilter.dll
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index e1ee7cbf06..a12c5b5eb4 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -1,7 +1,7 @@
 ---
 title: Deprecated features in the Windows client
 description: Review the list of features that Microsoft is no longer actively developing in Windows 10 and Windows 11.
-ms.date: 09/11/2024
+ms.date: 10/01/2024
 ms.service: windows-client
 ms.subservice: itpro-fundamentals
 ms.localizationpriority: medium
@@ -57,7 +57,7 @@ The features in this article are no longer being actively developed, and might b
 | TLS server authentication certificates using RSA keys with key lengths shorter than 2048 bits <!--8644149-->| Support for certificates using RSA keys with key lengths shorter than 2048 bits will be deprecated. Internet standards and regulatory bodies disallowed the use of 1024-bit keys in 2013, recommending specifically that RSA keys should have a key length of 2048 bits or longer. For more information, see [Transitioning of Cryptographic Algorithms and Key Sizes - Discussion Paper (nist.gov)](https://csrc.nist.gov/CSRC/media/Projects/Key-Management/documents/transitions/Transitioning_CryptoAlgos_070209.pdf). This deprecation focuses on ensuring that all RSA certificates used for TLS server authentication must have key lengths greater than or equal to 2048 bits to be considered valid by Windows. </br></br> TLS certificates issued by enterprise or test certification authorities (CA) aren't impacted with this change. However, we recommend that they be updated to RSA keys greater than or equal to 2048 bits as a security best practice. This change is necessary to preserve security of Windows customers using certificates for authentication and cryptographic purposes.| March 2024|
 | Test Base <!--8790681--> | [Test Base for Microsoft 365](/microsoft-365/test-base/overview), an Azure cloud service for application testing, is deprecated. The service will be retired in the future and will be no longer available for use after retirement. | March 2024 |
 | Windows Mixed Reality <!--8412877--> | [Windows Mixed Reality](/windows/mixed-reality/enthusiast-guide/before-you-start) is deprecated and will be removed in Windows 11, version 24H2. This deprecation includes the [Mixed Reality Portal](/windows/mixed-reality/enthusiast-guide/install-windows-mixed-reality) app, [Windows Mixed Reality for SteamVR](/windows/mixed-reality/enthusiast-guide/using-steamvr-with-windows-mixed-reality), and Steam VR Beta. Existing Windows Mixed Reality devices will continue to work with Steam through November 2026, if users remain on their current released version of Windows 11, version 23H2. After November 2026, Windows Mixed Reality will no longer receive security updates, nonsecurity updates, bug fixes, technical support, or online technical content updates.</br> </br>This deprecation doesn't affect HoloLens. We remain committed to HoloLens and our enterprise customers. | December 2023 |
-| Microsoft Defender Application Guard for Edge <!--8591267-->| [Microsoft Defender Application Guard](/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview), including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), is being deprecated for Microsoft Edge for Business and [will no longer be updated](feature-lifecycle.md). Please download the [Microsoft Edge For Business Security Whitepaper](https://edgestatic.azureedge.net/shared/cms/pdfs/Microsoft_Edge_Security_Whitepaper_v2.pdf) to learn more about Edge for Business security capabilities. </br></br> **[Update - April 2024]**: Because Application Guard is deprecated there will not be a migration to Edge Manifest V3. The corresponding extensions and associated Windows Store app will not be available after May 2024. This affects the following browsers: *Application Guard Extension - Chrome* and *Application Guard Extension - Firefox*. If you want to block unprotected browsers until you are ready to retire MDAG usage in your enterprise, we recommend using AppLocker policies or [Microsoft Edge management service](/deployedge/microsoft-edge-management-service). For more information, see [Microsoft Edge and Microsoft Defender Application Guard](/deployedge/microsoft-edge-security-windows-defender-application-guard). <!--8932292-->| December 2023 |
+| Microsoft Defender Application Guard for Edge <!--8591267-->| [Microsoft Defender Application Guard](/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview), including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), is being deprecated for Microsoft Edge for Business and [will no longer be updated](feature-lifecycle.md). To learn more about Edge for Business security capabilities, see [Microsoft Edge security for your business](/deployedge/ms-edge-security-for-business). </br></br> **[Update - April 2024]**: Because Application Guard is deprecated there will not be a migration to Edge Manifest V3. The corresponding extensions and associated Windows Store app will not be available after May 2024. This affects the following browsers: *Application Guard Extension - Chrome* and *Application Guard Extension - Firefox*. If you want to block unprotected browsers until you are ready to retire MDAG usage in your enterprise, we recommend using AppLocker policies or [Microsoft Edge management service](/deployedge/microsoft-edge-management-service). For more information, see [Microsoft Edge and Microsoft Defender Application Guard](/deployedge/microsoft-edge-security-windows-defender-application-guard). <!--8932292-->| December 2023 |
 | Legacy console mode <!-- 8577271 -->| The [legacy console mode](/windows/console/legacymode) is deprecated and no longer being updated. In future Windows releases, it will be available as an optional [Feature on Demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities). This feature won't be installed by default. | December 2023 |
 | Windows speech recognition <!--8396142-->| [Windows speech recognition](https://support.microsoft.com/windows/83ff75bd-63eb-0b6c-18d4-6fae94050571) is  deprecated and is no longer being developed. This feature is being replaced with [voice access](https://support.microsoft.com/topic/4dcd23ee-f1b9-4fd1-bacc-862ab611f55d). Voice access is available for Windows 11, version 22H2, or later devices. Currently, voice access supports five English locales: English - US, English - UK, English - India, English - New Zealand, English - Canada, and English - Australia. For more information, see [Setup voice access](https://support.microsoft.com/topic/set-up-voice-access-9fc44e29-12bf-4d86-bc4e-e9bb69df9a0e). | December 2023 |
 | Microsoft Defender Application Guard for Office <!--8396036-->| [Microsoft Defender Application Guard for Office](/microsoft-365/security/office-365-security/app-guard-for-office-install), including the [Windows Isolated App Launcher APIs](/windows/win32/api/isolatedapplauncher/), is being deprecated and will no longer be updated. We recommend transitioning to Microsoft Defender for Endpoint [attack surface reduction rules](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction) along with [Protected View](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365#global-settings-for-safe-attachments) and [Windows Defender Application Control](/windows/security/application-security/application-control/windows-defender-application-control/wdac).  | November 2023 |
@@ -68,7 +68,7 @@ The features in this article are no longer being actively developed, and might b
 | Remote Mailslots <!--8454244-->| Remote Mailslots are deprecated. The Remote Mailslot protocol is a dated, simple, unreliable, insecure IPC method first introduced in MS DOS. This protocol was first disabled by default in [Windows 11 Insider Preview Build ](https://blogs.windows.com/windows-insider/2023/03/08/announcing-windows-11-insider-preview-build-25314/). For more information on Remote Mailslots, see [About Mailslots](/windows/win32/ipc/about-mailslots) and [[MS-MAIL]: Remote Mailslot Protocol](/openspecs/windows_protocols/ms-mail/8ea19aa4-6e5a-4aed-b628-0b5cd75a1ab9).| November 2023 |
 | Timeline for Microsoft Entra accounts <!--8396095--> | Cross-device syncing of Microsoft Entra user activity history will stop starting in January 2024. Microsoft will stop storing this data in the cloud, aligning with [the previous change for Microsoft accounts (MSA)](https://blogs.windows.com/windows-insider/2021/04/14/announcing-windows-10-insider-preview-build-21359) in 2021. The timeline user experience was retired in Windows 11, although it remains in Windows 10. The timeline user experience and all your local activity history still remains on Windows 10 devices. Users can access web history using their browser and access recent files through OneDrive and Office. | October 2023 |
 | VBScript <!--7954828--> | VBScript is deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript). | October 2023 |
-| WordPad | WordPad is no longer being updated and will be removed in a future release of Windows. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt. </br></br> **[Update - March 2024]**: WordPad will be removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. If you're a developer and need information about the affected binaries, see [Resources for deprecated features](deprecated-features-resources.md#wordpad). | September 1, 2023 |
+| WordPad <!--8254696-->| WordPad is no longer being updated and will be removed in a future release of Windows. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt. </br></br> **[Update - March 2024]**: WordPad will be removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. If you're a developer and need information about the affected binaries, see [Resources for deprecated features](deprecated-features-resources.md#wordpad). | September 1, 2023 |
 | AllJoyn |  Microsoft's implementation of AllJoyn, which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) is deprecated. [AllJoyn](https://openconnectivity.org/technology/reference-implementation/alljoyn/), sponsored by AllSeen Alliance, was an open source discovery and communication protocol for Internet of Things scenarios such as turning on/off lights or reading temperatures.AllSeen Alliance promoted the AllJoyn project from 2013 until 2016 when it merged with the Open Connectivity Foundation (OCF), the sponsors of [Iotivity.org](https://iotivity.org/), another protocol for Internet of Things scenarios. Customers should refer to the [Iotivity.org](https://iotivity.org/) website for alternatives such as [Iotivity Lite](https://github.com/iotivity/iotivity-lite) or [Iotivity](https://github.com/iotivity/iotivity).  | August 17, 2023 |
 | TLS 1.0 and 1.1 | Over the past several years, internet standards and regulatory bodies have [deprecated or disallowed](https://www.ietf.org/rfc/rfc8996.html) TLS versions 1.0 and 1.1 due to various security issues. Starting in Windows 11 Insider Preview builds for September 2023 and continuing in future Windows OS releases, TLS 1.0 and 1.1 will be disabled by default. This change increases the security posture of Windows customers and encourages modern protocol adoption. For organizations that need to use these versions, there's an option to re-enable TLS 1.0 or TLS 1.1. For more information, see [Resources for deprecated features](deprecated-features-resources.md). | August 1, 2023|
 | Cortana in Windows <!--7987543--> | Cortana in Windows as a standalone app is deprecated. This change only impacts Cortana in Windows, and your productivity assistant, Cortana, will continue to be available in Outlook mobile, Teams mobile, Microsoft Teams display, and Microsoft Teams rooms. | June 2023 |
diff --git a/windows/whats-new/index.yml b/windows/whats-new/index.yml
index f19e236cd4..9d6a27a7f2 100644
--- a/windows/whats-new/index.yml
+++ b/windows/whats-new/index.yml
@@ -41,6 +41,8 @@ landingContent:
     linkLists:
       - linkListType: whats-new
         links:
+          - text: What's new in Windows 11, version 24H2
+            url: whats-new-windows-11-version-24h2.md        
           - text: What's new in Windows 11, version 23H2
             url: whats-new-windows-11-version-23h2.md
           - text: What's new in Windows 11, version 22H2
@@ -55,12 +57,14 @@ landingContent:
           - text: What's new in Windows 10, version 22H2
             url: whats-new-windows-10-version-22h2.md
 
-  - title: Windows 10 Enterprise LTSC
+  - title: Windows Enterprise LTSC
     linkLists:
       - linkListType: whats-new
         links:
-          - text: Windows 10 Enterprise LTSC overview
+          - text: Windows Enterprise LTSC overview
             url: ltsc/overview.md
+          - text: What's new in Windows 11 Enterprise LTSC 2024
+            url: ltsc/whats-new-windows-11-2024.md                
           - text: What's new in Windows 10 Enterprise LTSC 2021
             url: ltsc/whats-new-windows-10-2021.md
           - text: What's new in Windows 10 Enterprise LTSC 2019
@@ -69,6 +73,7 @@ landingContent:
             url: ltsc/whats-new-windows-10-2016.md
           - text: What's new in Windows 10 Enterprise LTSC 2015
             url: ltsc/whats-new-windows-10-2015.md
+      
 
   - title: Deprecated features
     linkLists:
diff --git a/windows/whats-new/ltsc/overview.md b/windows/whats-new/ltsc/overview.md
index 5fb5127bcf..1ac5c31aeb 100644
--- a/windows/whats-new/ltsc/overview.md
+++ b/windows/whats-new/ltsc/overview.md
@@ -1,6 +1,6 @@
 ---
-title: Windows 10 Enterprise LTSC overview
-description: An overview of the Windows 10 long-term servicing channel (LTSC).
+title: Windows Enterprise LTSC overview
+description: An overview of the Windows long-term servicing channel (LTSC).
 ms.service: windows-client
 author: mestew
 ms.author: mstewart
@@ -8,15 +8,17 @@ manager: aaroncz
 ms.localizationpriority: low
 ms.topic: overview
 ms.subservice: itpro-fundamentals
-ms.date: 07/09/2024
+ms.date: 10/01/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 Enterprise LTSC</a>
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 Enterprise LTSC</a>
 ---
 
-# Windows 10 Enterprise LTSC
+# Windows Enterprise LTSC
 
-This article provides general information about the Windows 10 Enterprise long-term servicing channel (LTSC). For more information about the features in each available version of the Windows 10 LTSC, see the following articles:
+This article provides general information about the Windows Enterprise long-term servicing channel (LTSC). For more information about the features in each available version of the Windows LTSC, see the following articles:
 
+- [What's New in Windows 11 Enterprise LTSC 2024](whats-new-windows-11-2024.md)
 - [What's New in Windows 10 Enterprise LTSC 2021](whats-new-windows-10-2021.md)
 - [What's New in Windows 10 Enterprise LTSC 2019](whats-new-windows-10-2019.md)
 - [What's New in Windows 10 Enterprise LTSC 2016](whats-new-windows-10-2016.md)
@@ -24,10 +26,11 @@ This article provides general information about the Windows 10 Enterprise long-t
 
 ## The long-term servicing channel (LTSC)
 
-The following table summarizes equivalent feature update versions of Windows 10 LTSC and general availability channel (GA channel) releases:
+The following table summarizes equivalent feature update versions of Windows LTSC and general availability channel (GA channel) releases:
 
 | LTSC release | Equivalent GA channel release | Availability date |
 | --- | --- | --- |
+| Windows 11 Enterprise LTSC 2024  | Windows 11, Version 24H2 | 10/01/2024 |
 | Windows 10 Enterprise LTSC 2021  | Windows 10, Version 21H2 | 11/16/2021 |
 | Windows 10 Enterprise LTSC 2019  | Windows 10, Version 1809 | 11/13/2018 |
 | Windows 10 Enterprise LTSC 2016  | Windows 10, Version 1607 | 8/2/2016 |
@@ -36,10 +39,10 @@ The following table summarizes equivalent feature update versions of Windows 10
 > [!NOTE]
 > The long-term servicing channel was previously called the long-term servicing branch (LTSB). All references to LTSB are changed in this article to LTSC for consistency, even though the name of previous versions might still be displayed as LTSB.
 
-With the LTSC servicing model, you can delay receiving *feature* updates and instead only receive monthly *quality* updates on devices. Features from Windows 10 that could be updated with new functionality, including Microsoft Edge and in-box Windows apps, are also not included. Feature updates are offered in new LTSC releases every several years instead of every few months. You can choose to install them as in-place upgrades, or even skip releases, what's best for your business requirements. Microsoft is committed to providing bug fixes and security patches for each LTSC release during the extended LTSC servicing lifecycle. Always check your individual LTSC release to verify its servicing lifecycle. For more information, see [release information](/windows/release-health/release-information), or search the [product lifecycle information](/lifecycle/products/) page.
+With the LTSC servicing model, you can delay receiving *feature* updates and instead only receive monthly *quality* updates on devices. Features from Windows 10 and 11 that could be updated with new functionality, including Microsoft Edge and in-box Windows apps, are also not included. Feature updates are offered in new LTSC releases every several years instead of every few months. You can choose to install them as in-place upgrades, or even skip releases, what's best for your business requirements. Microsoft is committed to providing bug fixes and security patches for each LTSC release during the extended LTSC servicing lifecycle. Always check your individual LTSC release to verify its servicing lifecycle. For more information, see [release information](/windows/release-health/release-information), or search the [product lifecycle information](/lifecycle/products/) page.
 
 > [!IMPORTANT]
-> The long-term servicing channel isn't intended for deployment on most or all the PCs in an organization. The LTSC edition of Windows 10 provides a deployment option for special-purpose devices and environments. These devices typically do a single important task and don't need feature updates as frequently as other devices in the organization. These devices are also typically not heavily dependent on support from external apps and tools. Since the feature set for LTSC doesn't change for the lifetime of the release, over time there might be some external tools that don't continue to provide legacy support. For more information, see [LTSC: What is it, and when it should be used](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181).
+> The long-term servicing channel isn't intended for deployment on most or all the PCs in an organization. The LTSC edition of Windows provides a deployment option for special-purpose devices and environments. These devices typically do a single important task and don't need feature updates as frequently as other devices in the organization. These devices are also typically not heavily dependent on support from external apps and tools. Since the feature set for LTSC doesn't change for the lifetime of the release, over time there might be some external tools that don't continue to provide legacy support. For more information, see [LTSC: What is it, and when it should be used](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181).
 
 For more information about Windows 10 servicing, see [Overview of Windows as a service](/windows/deployment/update/waas-overview).
 
@@ -47,4 +50,4 @@ For more information about Windows 10 servicing, see [Overview of Windows as a s
 
 - [What's new in Windows](../index.yml): See what's new in other versions of Windows.
 
-- [Windows 10 release information](/windows/release-health/release-information): Windows 10 current versions by servicing option.
+- [Windows release information](/windows/release-health/release-information): Current versions of Windows by servicing option.
diff --git a/windows/whats-new/ltsc/whats-new-windows-11-2024.md b/windows/whats-new/ltsc/whats-new-windows-11-2024.md
new file mode 100644
index 0000000000..3fbb4a3529
--- /dev/null
+++ b/windows/whats-new/ltsc/whats-new-windows-11-2024.md
@@ -0,0 +1,174 @@
+---
+title: What's new in Windows 11 Enterprise long-term servicing channel (LTSC) 2024
+manager: aaroncz
+ms.author: mstewart
+description: New and updated IT Pro content about new features in Windows 11 Enterprise long-term servicing channel (LTSC) 2024.
+ms.service: windows-client
+author: mestew
+ms.localizationpriority: high
+ms.topic: reference
+ms.subservice: itpro-fundamentals
+ms.date: 10/01/2024
+appliesto:
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/" target="_blank">Windows 11 Enterprise LTSC 2024</a>
+---
+
+# What's new in Windows 11 Enterprise LTSC 2024
+
+This article lists some of the new and updated features and content that is of interest to IT Pros for Windows 11 Enterprise long-term servicing channel (LTSC) 2024, compared to Windows 10 Enterprise LTSC 2021. For a brief description of the LTSC servicing channel and associated support, see [Windows Enterprise LTSC](overview.md). <!--8891336-->
+
+
+Windows 11 Enterprise LTSC 2024 builds on Windows 10 Enterprise LTSC 2021, adding premium features such as advanced protection against modern security threats and comprehensive device management, app management, and control capabilities. 
+
+The Windows 11 Enterprise LTSC 2024 release includes the cumulative enhancements provided in Windows 11 versions 21H2, 22H2, 23H2, and 24H2. Details about these enhancements are provided below.
+
+## Lifecycle
+
+Windows 11 Enterprise LTSC 2024 was first available on October 1, 2024. Features in Windows 11 Enterprise LTSC 2024 are similar to Windows 11, version 24H2.The LTSC release is [intended for special use devices](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181). Support for LTSC by apps and tools, such as in-box apps and Microsoft Store, that are designed for the general availability channel release of Windows might be limited.
+
+> [!IMPORTANT]
+> Windows 11 Enterprise LTSC 2024 has a 5 year lifecycle. ([IoT Enterprise LTSC](/windows/iot/iot-enterprise/whats-new/windows-iot-enterprise-ltsc) continues to have a [10 year lifecycle](/lifecycle/products/windows-11-iot-enterprise-ltsc-2024)). Windows 11 Enterprise LTSC 2024 follows the [Fixed Lifecycle Policy](/lifecycle/policies/fixed).
+
+<!--For more information about the lifecycle for this release, see [The next Windows 10 long-term servicing channel (LTSC) release](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-next-windows-10-long-term-servicing-channel-ltsc-release/ba-p/2147232). -->
+
+
+
+## Accessibility
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Windows accessibility** </br> [22H2][22H2] | Improvements for people with disabilities: system-wide live captions, Focus sessions, voice access, and more natural voices for Narrator.</br> For more information, see:</br>&nbsp;&nbsp;• [New accessibility features coming to Windows 11](https://blogs.windows.com/windowsexperience/2022/05/10/new-accessibility-features-coming-to-windows-11/)</br>&nbsp;&nbsp;• [How inclusion drives innovation in Windows 11](https://blogs.windows.com/windowsexperience/?p=177554)</br>&nbsp;&nbsp;• [Accessibility information for IT professionals](/windows/configuration/windows-10-accessibility-for-itpros). |
+| **Braille displays**  </br> [23H2][23H2] <!--7579823-->        | Braille displays work seamlessly and reliably across multiple screen readers, improving the end user experience. We also added support for new braille displays and new braille input and output languages in Narrator. For more information, see [Accessibility information for IT professionals](/windows/configuration/windows-accessibility-for-ITPros). |
+| **Narrator improvements**  </br> [23H2][23H2] <!--kb5019509--> | Scripting functionality was added to Narrator. Narrator includes more natural voices. For more information, see [Complete guide to Narrator](https://support.microsoft.com/topic/e4397a0d-ef4f-b386-d8ae-c172f109bdb1).<!--8138352, 8138357--> |
+| **Bluetooth &#174; LE audio support for assistive devices** </br> [24H2][24H2] | Windows has taken a significant step forward in accessibility by supporting the use of assistive hearing devices equipped with the latest Bluetooth &#174; Low Energy Audio technology. For more information, see [Using hearing devices with your Windows 11 PC](https://support.microsoft.com/topic/fcb566e7-13c3-491a-ad5b-8219b098d647). |
+|  **Remote Desktop Connection improvements** </br> [24H2][24H2] | The Remote Desktop Connection setup window (mstsc.exe) follows the text scaling settings under **Settings** > **Accessibility** > **Text size**. Remote Desktop Connection supports zoom options of 350, 400, 450, and 500%. |
+
+
+## Applications
+
+
+| Feature </br> [Release]| Description |
+| --- | --- |
+| **Internet Explorer** | Internet Explorer (IE) is no longer available in Windows 11 Enterprise LTSC 2024. However, you can use IE Mode if a website needs Internet Explorer. For more information, see [Internet Explorer (IE) Mode](/deployedge/edge-ie-mode) |
+| **Microsoft Edge** </br> [21H2][21H2] | The Microsoft Edge browser is the default browser. For information about configuring Microsoft Edge on Windows, see [Configure Microsoft Edge policy settings on Windows devices](/deployedge/configure-microsoft-edge). |
+| **File Explorer** </br> [23H2][23H2]/[24H2][24H2] <!--kb5019509--> | **Tabs**: </br> File Explorer includes tabs to help you organize your File Explorer sessions. </br> **Context menu**: </br> Support for creating 7-zip and TAR archives.  </br> **Compress to** > **Additional options** allows you to compress individual files with gzip, BZip2, xz, or Zstandard </br>Labels were added to the context menu icons for actions like copy, paste, delete, and rename.|
+| **Registry Editor** </br> Search </br> [24H2][24H2] | The Registry Editor supports limiting a search to the currently selected key and its descendants |
+| **Remote Desktop** </br> Connection improvements </br> [24H2][24H2] | The Remote Desktop Connection setup window (mstsc.exe) follows the text scaling settings under **Settings** > **Accessibility** > **Text size**, provides zoom options of 350, 400, 450, and 500%, and improves the connection bar design |
+| **Sudo for Windows** </br> [24H2][24H2] | Sudo for Windows is a new way for users to run elevated commands (as an administrator) directly from an unelevated console session. For more information, see [Sudo for Windows](/windows/sudo/). |
+
+## Developer
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Arm64EC (Emulation Compatible)** | Code built as Arm64EC is interoperable with x64 code running under emulation within the same process. The Arm64EC code in the process runs with native performance, while any x64 code runs using emulation that comes built-in with Windows 11. For more information, see [Arm64EC - Build and port apps for native performance on Arm](/windows/arm/arm64ec)|
+| **Power Grid Forecast** </br> [24H2][24H2] | The [Power Grid Forecast API](/uwp/api/windows.devices.power.powergridforecast) was introduced. App developers can minimize environmental impact by shifting background workloads to times when renewable energy is available to the local grid. Forecast data isn't available globally and quality of data varies by region. |
+| **Energy saver notification callback** </br> [24H2][24H2] | Added an energy saver notification callback setting GUID to represent the new energy saver experience. Apps can subscribe to the energy saver status and can implement different behaviors to optimize energy or performance depending on the current energy saver status. For more information, see [Power Setting GUIDs](/windows/win32/power/power-setting-guids) |
+| **Effective Power Mode** </br> [24H2][24H2] | Extended the [Effective Power Mode API](/windows/win32/api/powersetting/ne-powersetting-effective_power_mode) to interpret the new energy saver levels when determining the returned effective power mode. |
+
+## Management
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Microsoft Intune** </br> [21H2][21H2] | Microsoft Intune is a mobile application management (MAM) and mobile device management (MDM) provider. It helps manage devices, and manage apps on devices in your organization. You configure policies, and then deploy these policies to users and groups. You can create and deploy policies that install apps, configure device features, enforce PIN requirements, block compromised devices, and more. </br></br>  If you use Group Policy to manage your Windows 10 devices, then you can also use Group Policy to manage Windows 11 devices. In Intune, there are [administrative templates](/mem/intune/configuration/administrative-templates-windows) and the [settings catalog](/mem/intune/configuration/settings-catalog) that include many of the same policies. [Group Policy analytics](/mem/intune/configuration/group-policy-analytics) analyze your on-premises group policy objects. |
+| **Control Windows Update notifications** </br> [22H2][22H2] | You can now block user notifications for Windows Updates during active hours. This setting is especially useful for organizations that want to prevent Windows Update notifications from occurring during business hours. For more information, see [Control restart notifications](/windows/deployment/update/waas-restart#control-restart-notifications).|
+| **Organization name in update notifications** </br> [22H2][22H2] |The organization name now appears in the Windows Update notifications when Windows clients are associated with a Microsoft Entra ID tenant. For more information, see [Display organization name in Windows Update notifications](/windows/deployment/update/waas-wu-settings#bkmk_display-name). |
+| **Start menu layout** </br> [22H2][22H2] | New Configuration Service Providers (CSPs) for customizing the start menu layout. These CSPs allow you to hide the app list and disable context menus. For more information, see [Supported configuration service provider (CSP) policies for Windows 11 Start menu](/windows/configuration/supported-csp-start-menu-layout-windows#existing-windows-csp-policies-that-windows-11-supports). |
+| **Restricted User Experience** </br> [23H2][23H2] <!--6444738--> | Restricted User Experience (formerly Multi-App Kiosk Mode) supports the creation of a controlled user experience while maintaining the familiar look and feel of the Windows 11 desktop. Ideal for shared devices that require access to more than one app, admins can configure a curated experience to limit distractions and potential tampering points while focusing the experience around the device's dedicated purpose. |
+| **Declared configuration protocol** </br> [23H2][23H2] <!--7771694 --> | Declared configuration protocol is a new protocol for device configuration management based on a desired state model and uses OMA-DM SyncML protocol. It allows the server to provide the device with a collection of settings for a specific scenario, and the device to handle the configuration request and maintain its state. For more information, see [What is the declared configuration protocol](/windows/client-management/declared-configuration).|
+| **Control File Explorer Home Recommended section** </br> [23H2][23H2] <!--8092554, DisableGraphRecentItems, WIP.23475, WIP.23403-->|  Configure the Recommended section added to File Explorer Home for users signed into Windows with a Microsoft Entra ID account. For more information, see [DisableGraphRecentItems](/windows/client-management/mdm/policy-csp-fileexplorer#disablegraphrecentitems).</br> To configure using Local Group Policy Editor, see `Computer Configuration\Administrative Templates\Windows Components\File Explorer\Turn off files from Office.com in Quick Access View`.|
+| **Taskbar Button Policies**  </br> [23H2][23H2] <!--07525381, 8092554, WIP.25252--> | Policies to customize taskbar buttons were added to provide you with more control over the taskbar search experience across your organization. For more information, see [Supported taskbar CSPs](/windows/configuration/supported-csp-taskbar-windows).|
+| **Control Start Menu Recommended section**  </br> [23H2][23H2] <!--8092554, WIP.23475-->| Configure the Recommended section of the Start Menu, which displays personalized website recommendations. For more information, see [HideRecoPersonalizedSites](/windows/client-management/mdm/policy-csp-start). </br>To configure using Local Group Policy Editor, see `Computer Configuration\Administrative Templates\Start Menu and Taskbar\Remove Personalized Website Recommendations from the Recommended section in the Start Menu`.|
+| **Sudo for Windows** </br> [24H2][24H2] | Sudo for Windows is a new way for users to run elevated commands (as an administrator) directly from an unelevated console session. For more information, see [Sudo for Windows](/windows/sudo/). |
+
+## Networking
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Wi-Fi 7 consumer access points** </br> [24H2][24H2] | Support for Wi-Fi 7 consumer access points offers unprecedented speed, reliability, and efficiency for wireless devices.  For more information, see the Wi-Fi 7 announcements from [Wi-Fi Alliance](https://www.wi-fi.org/discover-wi-fi/wi-fi-certified-7) and the [Windows Insider](https://blogs.windows.com/windows-insider/2024/02/22/announcing-windows-11-insider-preview-build-26063-canary-channel/). |
+| **Windows location improvements** </br> [24H2][24H2] | New controls were added to help manage which apps have access to the list of Wi-Fi networks around you, which could be used to determine your location. You can view and modify which apps can access the list of Wi-Fi networks from **Settings** > **Privacy & security** > **Location**. A new prompt appears the first time an app attempts to access your location or Wi-Fi information. Developers can use the [Changes to API behavior for Wi-Fi access and location](/windows/win32/nativewifi/wi-fi-access-location-changes) article to learn about API surfaces impacted by this change. |
+
+## Security
+
+The security and privacy features in Windows 11 are similar to Windows 10. Security for your devices starts with the hardware, and includes OS security, application security, and user & identity security. There are features available in the Windows OS to help in these areas. For a more comprehensive view, including Zero Trust, see [Windows security](/windows/security/).
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Windows Security app** </br> [21H2][21H2] | Windows Security app is an easy-to-use interface, and combines commonly used security features. For example, your get access to virus & threat protection, firewall & network protection, account protection, and more. For more information, see [the Windows Security app](/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center). |
+| **Security baselines** </br> [21H2][21H2] | Security baselines include security settings that are already configured, and ready to be deployed to your devices. If you don't know where to start, or it's too time consuming to go through all the settings, then you should look at Security Baselines. For more information, see [Windows security baselines](/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines). |
+| **Microsoft Defender Antivirus** </br> [21H2][21H2] | Microsoft Defender Antivirus helps protect devices using next-generation security. When used with Microsoft Defender for Endpoint, your organization gets strong endpoint protection, and advanced endpoint protection & response. If you use Intune to manage devices, then you can create policies based on threat levels in Microsoft Defender for Endpoint. For more information, see:</br>&nbsp;&nbsp;• [Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows)</br>&nbsp;&nbsp;• [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint)</br>&nbsp;&nbsp;• [Enforce compliance for Microsoft Defender for Endpoint](/mem/intune/protect/advanced-threat-protection) |
+| **Application Security** </br> [21H2][21H2] | The Application Security features help prevent unwanted or malicious code from running, isolate untrusted websites & untrusted Office files, protect against phishing or malware websites, and more. For more information, see  [Windows application security](/windows/security/apps). |
+| **Microsoft Pluton** </br> [22H2][22H2] | Pluton, designed by Microsoft and built by silicon partners,  is a secure crypto-processor built into the CPU. Pluton provides security at the core to ensure code integrity and the latest protection with updates delivered by Microsoft through Windows Update. Pluton protects credentials, identities, personal data, and encryption keys. Information is harder to be removed even if an attacker installed malware or has complete physical possession. For more information, see [Microsoft Pluton security processor](/windows/security/information-protection/pluton/microsoft-pluton-security-processor). |
+| **Enhanced Phishing Protection** </br> [22H2][22H2] | Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect Microsoft passwords against phishing and unsafe usage. Enhanced Phishing Protection works alongside Windows security protections to help protect sign-in passwords. For more information, see:</br>&nbsp;&nbsp;• [Enhanced Phishing Protection in Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen)</br>&nbsp;&nbsp;• [Protect passwords with enhanced phishing protection](https://aka.ms/EnhancedPhishingProtectionBlog) in the Windows IT Pro blog. |
+| **Smart App Control** </br> [22H2][22H2] | Smart App Control adds significant protection from malware, including new and emerging threats, by blocking apps that are malicious or untrusted. Smart App Control helps block unwanted apps that affect performance, display unexpected ads, offer extra software you didn't want, and other things you don't expect. For more information, see [Smart App Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control#wdac-and-smart-app-control). |
+| **Credential Guard** </br> [22H2][22H2] | Credential Guard, enabled by default, uses Virtualization-based security (VBS) to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks like pass the hash and pass the ticket. For more information, see [Configure Credential Guard](/windows/security/identity-protection/credential-guard/configure).|
+| **Malicious and vulnerable driver blocking** </br> [22H2][22H2] | The vulnerable driver blocklist is automatically enabled on devices when Smart App Control is enabled and for clean installs of Windows. For more information, see [recommended block rules](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules#microsoft-vulnerable-driver-blocklist).|
+| **Security hardening and threat protection** </br> [22H2][22H2] | Enhanced support with Local Security Authority (LSA) to prevent code injection that could compromise credentials. For more information, see [Configuring Additional LSA Protection](/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json). |
+| **Personal Data Encryption (PDE)** </br> [22H2][22H2] | [Personal Data Encryption (PDE)](/windows/security/operating-system-security/data-protection/personal-data-encryption/) is a security feature that provides file-based data encryption capabilities to Windows. PDE utilizes Windows Hello for Business to link data encryption keys with user credentials. When a user signs in to a device using Windows Hello for Business, decryption keys are released, and encrypted data is accessible to the user. |
+| **Passkeys in Windows** </br> [23H2][23H2] <!--8138341--> | Windows provides a native experience for passkey management. You can use the Settings app to view and manage passkeys saved for apps or websites. For more information, see [Support for passkeys in Windows](/windows/security/identity-protection/passkeys). |
+| **Windows passwordless experience** </br> [23H2][23H2] <!--8138336--> | Windows passwordless experience is a security policy that promotes a user experience without passwords on [Microsoft Entra](https://www.microsoft.com/security/business/microsoft-entra?ef_id=_k_910ee369e9a812f6048b86296a6a402c_k_&OCID=AIDcmmdamuj0pc_SEM__k_910ee369e9a812f6048b86296a6a402c_k_&msclkid=910ee369e9a812f6048b86296a6a402c) joined devices. </br>When the policy is enabled, certain Windows authentication scenarios don't offer users the option to use a password, helping organizations and preparing users to gradually move away from passwords. For more information, see [Windows passwordless experience](/windows/security/identity-protection/passwordless-experience/). |
+| **Web sign-in for Windows** </br> [23H2][23H2] <!--8344016--> | You can enable a web-based sign-in experience on [Microsoft Entra](https://www.microsoft.com/security/business/microsoft-entra?ef_id=_k_910ee369e9a812f6048b86296a6a402c_k_&OCID=AIDcmmdamuj0pc_SEM__k_910ee369e9a812f6048b86296a6a402c_k_&msclkid=910ee369e9a812f6048b86296a6a402c) joined devices, unlocking new sign-in options, and capabilities. For more information, see [Web sign-in for Windows](/windows/security/identity-protection/web-sign-in). |
+| **Federated sign-in** </br> [23H2][23H2] <!--7593916, 7593946--> | Federated sign-in is a great way to simplify the sign-in process for your users: instead of having to remember a username and password defined in [Microsoft Entra](https://www.microsoft.com/security/business/microsoft-entra?ef_id=_k_910ee369e9a812f6048b86296a6a402c_k_&OCID=AIDcmmdamuj0pc_SEM__k_910ee369e9a812f6048b86296a6a402c_k_&msclkid=910ee369e9a812f6048b86296a6a402c) ID, they can sign-in using their existing credentials from the federated identity provider. For more information, see [Configure federated sign-in for Windows devices](/education/windows/federated-sign-in). |
+| **Windows Hello for Business authentication improvement** </br> [23H2][23H2] <!--7771685--> | Peripheral face and fingerprint sensors can be used for Windows Hello for Business authentication on devices where Enhanced Sign-in Security (Secure Biometrics) enabled at the factory. For more information, see [Common questions about Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-faq). |
+| **App Control for Business** </br> [24H2][24H2]<!--8223790--> | Customers can now use App Control for Business (formerly called Windows Defender Application Control) and its next-generation capabilities to protect their digital property from malicious code. With App Control for Business, IT teams can configure what runs in a business environment through Microsoft Intune or other MDMs in the admin console, including setting up Intune as a managed installer. For more information, see [Application Control for Windows](/windows/security/application-security/application-control/app-control-for-business/appcontrol).|
+| **Local Security Authority (LSA) protection enablement** </br> [24H2][24H2]| An audit occurs for incompatibilities with [LSA protection](/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection) for a period of time, starting with this upgrade. If incompatibilities aren't detected, LSA protection is automatically enabled. You can check and change the enablement state of LSA protection in the Windows Security application under the **Device Security** > **Core Isolation** page. In the event log, [LSA protection logs](/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection#identify-plug-ins-and-drivers-that-lsassexe-fails-to-load) whether programs are blocked from loading into LSA. |
+| **Rust in the Windows kernel** </br> [24H2][24H2] | There's a new implementation of [GDI region](/windows/win32/gdi/regions) in `win32kbase_rs.sys`. Since Rust offers advantages in reliability and security over traditional programs written in C/C++, you'll continue to see more use of it in the kernel. |
+| **SHA-3 support** </br> [24H2][24H2] | Support for the SHA-3 family of hash functions and SHA-3 derived functions (SHAKE, cSHAKE, KMAC) was added. The SHA-3 family of algorithms is the latest standardized hash functions by the National Institute of Standards and Technology (NIST). Support for these functions is enabled through the Windows [CNG](/windows/win32/seccng/cng-portal) library. | 
+| **Windows Local Admin Password Solution (LAPS)** </br> [24H2][24H2] | Windows Local Administrator Password Solution (Windows LAPS) is a Windows feature that automatically manages and backs up the password of a local administrator account on your Microsoft Entra joined or Windows Server Active Directory-joined devices. Windows LAPS is the successor for the now deprecated legacy Microsoft LAPS product. For more information, see [What is Windows LAPS?](/windows-server/identity/laps/laps-overview)|
+| **Windows&nbsp;LAPS** </br> Automatic account management </br> [24H2][24H2] | [Windows Local Administrator Password Solution (LAPS)](/windows-server/identity/laps/laps-overview) has a new automatic account management feature. Admins can configure Windows LAPS to:</br>&nbsp;&nbsp;• Automatically create the managed local account</br>&nbsp;&nbsp;• Configure name of account</br>&nbsp;&nbsp;• Enable or disable the account</br>&nbsp;&nbsp;• Randomize the name of the account |
+| **Windows&nbsp;LAPS** </br> Policy improvements </br> [24H2][24H2]| &nbsp;&nbsp;• Added passphrase settings for the [PasswordComplexity](/windows/client-management/mdm/laps-csp#policiespasswordcomplexity) policy </br> &nbsp;&nbsp;• Use [PassphraseLength](/windows/client-management/mdm/laps-csp#policiespassphraselength) to control the number of words in a new passphrase </br> &nbsp;&nbsp;• Added an improved readability setting for the [PasswordComplexity](/windows/client-management/mdm/laps-csp#policiespasswordcomplexity) policy, which generates passwords without using characters that are easily confused with another character. For example, the number <kbd>0</kbd> and the letter <kbd>O</kbd> aren't used in the password since the characters can be confused. </br>&nbsp;&nbsp;• Added the `Reset the password, logoff the managed account, and terminate any remaining processes` setting to the [PostAuthenticationActions](/windows/client-management/mdm/laps-csp#policiespostauthenticationactions) policy. The event logging messages that are emitted during post-authentication-action execution were also expanded, to give insights into exactly what was done during the operation. |
+| **Windows&nbsp;LAPS** </br> Image rollback detection </br> [24H2][24H2] | Image rollback detection was introduced for LAPS. LAPS can detect when a device was rolled back to a previous image. When a device is rolled back, the password in Active Directory might not match the password on the device that was rolled back. This new feature adds an Active Directory attribute, `msLAPS-CurrentPasswordVersion`, to the [Windows LAPS schema](/windows-server/identity/laps/laps-technical-reference#mslaps-currentpasswordversion). This attribute contains a random GUID that Windows LAPS writes every time a new password is persisted in Active Directory, followed by saving a local copy. During every processing cycle, the GUID stored in `msLAPS-CurrentPasswordVersion` is queried and compared to the locally persisted copy. If the GUIDs are different, the password is immediately rotated. To enable this feature, you need to run the latest version of the [Update-LapsADSchema PowerShell cmdlet](/powershell/module/laps/update-lapsadschema). |
+| **Windows protected print mode** </br> [24H2][24H2] | Windows protected print mode (WPP) enables a modern print stack which is designed to work exclusively with [Mopria certified printers](https://mopria.org/certified-products). For more information, see [What is Windows protected print mode (WPP)](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/a-new-modern-and-secure-print-experience-from-windows/ba-p/4002645) and [Windows Insider WPP announcement](https://blogs.windows.com/windows-insider/2023/12/13/announcing-windows-11-insider-preview-build-26016-canary-channel/). |
+| **SMB signing requirement changes** </br> [24H2][24H2] | [SMB signing is now required](/windows-server/storage/file-server/smb-signing) by default for all connections. SMB signing ensures every message contains a signature generated using session key and cipher suite. The client puts a hash of the entire message into the signature field of the SMB header. If anyone changes the message itself later on the wire, the hash won't match and SMB knows that someone tampered with the data. It also confirms to sender and receiver that they are who they say they are, breaking relay attacks. For more information about SMB signing being required by default, see [https://aka.ms/SMBSigningOBD](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-signing-required-by-default-in-windows-insider/ba-p/3831704). |
+| **SMB client encryption** </br> [24H2][24H2] | SMB now supports [requiring encryption](/windows-server/storage/file-server/configure-smb-client-require-encryption) on all outbound SMB client connections. Encryption of all outbound SMB client connections enforces the highest level of network security and brings management parity to SMB signing, which allows both client and server requirements. With this new option, administrators can mandate that all destination servers use SMB 3 and encryption, and if missing those capabilities, the client won't connect. For more information about this change, see [https://aka.ms/SmbClientEncrypt](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-client-encryption-mandate-now-supported-in-windows-insider/ba-p/3964037). |
+| **SMB signing and encryption auditing** </br> [24H2][24H2] | Administrators can now [enable auditing](/windows-server/storage/file-server/smb-signing-overview#smb-signing-and-encryption-auditing) of the SMB server and client for support of SMB signing and encryption. This shows if a third-party client or server doesn't support SMB encryption or signing. The SMB signing and encryption auditing settings can be modified in Group Policy or through PowerShell. |
+| **SMB alternative client and server ports** </br> [24H2][24H2] | The SMB client now supports connecting to an SMB server over TCP, QUIC, or RDMA using [alternative network ports](/windows-server/storage/file-server/smb-ports) to the hardcoded defaults. However, you can only connect to alternative ports if the SMB server is configured to support listening on that port. Starting in [Windows Server Insider build 26040](https://techcommunity.microsoft.com/t5/windows-server-insiders/announcing-windows-server-preview-build-26040/m-p/4040858), the SMB server now supports listening on an alternative network port for SMB over QUIC. Windows Server doesn't support configuring alternative SMB server TCP ports, but some third parties do. For more information about this change, see [https://aka.ms/SMBAlternativePorts](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-alternative-ports-now-supported-in-windows-insider/ba-p/3974509). |
+| **SMB NTLM blocking exception list** </br> [24H2][24H2] |The SMB client now supports [blocking NTLM](/windows-server/storage/file-server/smb-ntlm-blocking) for remote outbound connections. With this new option, administrators can intentionally block Windows from offering NTLM via SMB and specify exceptions for NTLM usage. An attacker who tricks a user or application into sending NTLM challenge responses to a malicious server will no longer receive any NTLM data and can't brute force, crack, or pass hashes. This change adds a new level of protection for enterprises without a requirement to entirely disable NTLM usage in the OS. For more information about this change, see [https://aka.ms/SmbNtlmBlock](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-ntlm-blocking-now-supported-in-windows-insider/ba-p/3916206). |
+| **SMB dialect management** </br> [24H2][24H2] | The SMB server now supports controlling which [SMB 2 and 3 dialects](/windows-server/storage/file-server/manage-smb-dialects) it negotiates. With this new option, an administrator can remove specific SMB protocols from use in the organization, blocking older, less secure, and less capable Windows devices and third parties from connecting. For example, admins can specify to only use SMB 3.1.1, the most secure dialect of the protocol. For more information about this change, see [https://aka.ms/SmbDialectManage](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-dialect-management-now-supported-in-windows-insider/ba-p/3916368).| 
+| **SMB over QUIC client access control** </br> [24H2][24H2] | [SMB over QUIC](/windows-server/storage/file-server/smb-over-quic), which introduced an alternative to TCP and RDMA, supplies secure connectivity to edge file servers over untrusted networks like the Internet. QUIC has significant advantages, the largest being mandatory certificate-based encryption instead of relying on passwords. SMB over QUIC [client access control](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control) improves the existing SMB over QUIC feature. Administrators now have more options for SMB over QUIC such as: </br>&nbsp;&nbsp;• [Specifying which clients](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control#grant-individual-clients) can access SMB over QUIC servers. This gives organizations more protection but doesn't change the Windows authentication used to make the SMB connection or the end user experience. </br>&nbsp;&nbsp;• [Disabling SMB over QUIC](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control#disable-smb-over-quic) for client with Group Policy and PowerShell </br>&nbsp;&nbsp;• [Auditing client connection events](/windows-server/storage/file-server/smb-over-quic#smb-over-quic-client-auditing) for SMB over QUIC </br></br> For more information about these changes, see [https://aka.ms/SmbOverQUICCAC](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control). |
+| **SMB firewall rule changes** </br> [24H2][24H2] | The Windows Firewall [default behavior has changed](/windows-server/storage/file-server/smb-secure-traffic#updated-firewall-rules-preview). Previously, creating an SMB share automatically configured the firewall to enable the rules in the **File and Printer Sharing** group for the given firewall profiles. Now, Windows automatically configures the new **File and Printer Sharing (Restrictive)** group, which no longer contains inbound NetBIOS ports 137-139. </br></br> This change enforces a higher degree of default of network security and brings SMB firewall rules closer to the Windows Server **File Server** role behavior, which only opens the minimum ports needed to connect and manage sharing. Administrators can still configure the **File and Printer Sharing** group if necessary as well as modify this new firewall group, these are just default behaviors. For more information about this change, see [https://aka.ms/SMBfirewall](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-firewall-rule-changes-in-windows-insider/ba-p/3974496). For more information about SMB network security, see [Secure SMB Traffic in Windows Server](/windows-server/storage/file-server/smb-secure-traffic). |
+
+## Servicing
+
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+| **Windows Updates and Delivery optimization** </br> [21H2][21H2] | Delivery optimization helps reduce bandwidth consumption. It shares the work of downloading the update packages with multiple devices in your deployment. Windows 11 updates are smaller, as they only pull down source files that are different. You can create policies that configure delivery optimization settings. For example, set the maximum upload and download bandwidth, set caching sizes, and more. For more information, see:</br>&nbsp;&nbsp;• [Delivery Optimization for Windows updates](/windows/deployment/update/waas-delivery-optimization)</br>&nbsp;&nbsp;• [Installation & updates](https://support.microsoft.com/topic/2f9c1819-310d-48a7-ac12-25191269903c#PickTab=Windows_11)</br>&nbsp;&nbsp;• [Manage updates in Windows](https://support.microsoft.com/topic/643e9ea7-3cf6-7da6-a25c-95d4f7f099fe)|
+| **Control Windows Update notifications** </br> [22H2][22H2] | You can now block user notifications for Windows Updates during active hours. This setting is especially useful for organizations that want to prevent Windows Update notifications from occurring during business hours. For more information, see [Control restart notifications](/windows/deployment/update/waas-restart#control-restart-notifications).|
+| **Organization name in update notifications** |The organization name now appears in the Windows Update notifications when Windows clients are associated with a Microsoft Entra ID tenant. For more information, see [Display organization name in Windows Update notifications](/windows/deployment/update/waas-wu-settings#bkmk_display-name). |
+| **Checkpoint cumulative updates** </br> [24H2][24H2] | Windows quality updates are provided as cumulative updates throughout the life cycle of a Windows release. Checkpoint cumulative updates introduce periodic baselines that reduce the size of future cumulative updates making the distribution of monthly quality updates more efficient. For more information, see [https://aka.ms/CheckpointCumulativeUpdates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-windows-11-checkpoint-cumulative-updates/ba-p/4182552). |
+
+## User Experience
+
+| Feature </br> [Release] | Description |
+| --- | --- |
+|  **High Efficiency Video Coding (HEVC) support**  </br> [22H2] | HEVC is designed to take advantage of hardware capabilities on some newer devices to support 4K and Ultra HD content. For devices that don't have hardware support for HEVC videos, software support is provided, but the playback experience might vary based on the video resolution and your devices performance. |
+| **Task Manager**  </br> [22H2][22H2]/[23H2][23H2] | A new command bar was added to each page to give access to common actions. Task Manager matches the system wide theme configured in Windows Settings. Added an efficiency mode that allows you to limit the resource usage of a process. </br> <!--kb5019509--> Process filtering, theme settings, and the ability to opt out of efficiency mode notification were added to Task Manager. |
+| **Taskbar overflow menu**  </br> [23H2][23H2] | The taskbar offers an entry point to a menu that shows all of your overflowed apps in one spot.<!--kb5019509--> |
+| **Taskbar Optimize for touch**  </br> [23H2][23H2] | Taskbar touch optimization is available for devices that can be used as a tablet. Once enabled, the user can switch between a collapsed taskbar, saving screen space, and an expanded taskbar, optimized for touch. The taskbar changes to this optimized version when you disconnect or fold back the keyboard on a 2-in-1 device. To enable or disable this feature on a tablet capable device, go to Settings > Personalization > Taskbar > Taskbar behaviors. See also [February 28, 2023 - KB5022913](https://support.microsoft.com/kb/5022913)  |
+| **Windows Ink as input** </br> [23H2][23H2] | Windows Ink allows users to handwrite directly onto most editable fields <!--8092554, WIP.23481-->|
+| **Uninstall Win32 app** </br> [23H2][23H2] | Selecting Uninstall for a Win32 app from the right-click menu uses the Installed Apps page in Settings rather than Programs and Features in Control Panel.<!--[February 28, 2023 - KB5022913](https://support.microsoft.com/topic/3e38c0d9-924d-4f3f-b0b6-3bd49b2657b9) --> For more information, see [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310)  |
+| **Dev Drive** </br> [23H2][23H2] | Dev Drive is a new form of storage volume available to improve performance for key developer workloads. For more information, see [Set up a Dev Drive on Windows 11](/windows/dev-drive/) and [September 2023 - KB5030310](https://support.microsoft.com/kb/5030310). |
+
+
+## Features Removed
+
+Each version of Windows client adds new features and functionality. Occasionally, [features and functionality are removed](/windows/whats-new/removed-features), often because a newer option was added. For a list of features no longer in active development that might be removed in a future release, see [deprecated features](/windows/whats-new/deprecated-features). The following features are removed in Windows 11 Enterprise LTSC 2024: 
+
+| Feature | Description |
+|---------|-------------|
+| **WordPad** </br> [24H2][24H2]| WordPad is removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. <!--8254696, 8494641--> |
+| **Alljoyn** </br> [24H2][24H2] | Microsoft's implementation of AllJoyn, which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) is retired.<!--8396030--> |
+
+## Related links
+
+- [Windows Enterprise LTSC overview](overview.md)
+- [Windows 11 requirements](/windows/whats-new/windows-11-requirements)
+- [Plan for Windows 11](/windows/whats-new/windows-11-plan)
+- [Prepare for Windows 11](/windows/whats-new/windows-11-prepare)
+- [Release information](/windows/release-health/windows11-release-information)
+
+
+[21H2]: ..\windows-11-overview.md
+[22H2]: ..\whats-new-windows-11-version-22H2.md
+[23H2]: ..\whats-new-windows-11-version-23h2.md 
+[24H2]: ..\whats-new-windows-11-version-24H2.md
diff --git a/windows/whats-new/removed-features.md b/windows/whats-new/removed-features.md
index d7f6ed956b..7d8297fb4a 100644
--- a/windows/whats-new/removed-features.md
+++ b/windows/whats-new/removed-features.md
@@ -8,7 +8,7 @@ ms.author: mstewart
 manager: aaroncz
 ms.topic: reference
 ms.subservice: itpro-fundamentals
-ms.date: 03/11/2024
+ms.date: 08/23/2024
 ms.collection: 
   - highpri
   - tier1
@@ -38,6 +38,8 @@ The following features and functionalities have been removed from the installed
 
 |Feature    |  Details and mitigation  | Support removed |
 | ----------- | --------------------- | ------ |
+| WordPad <!--8254696, 8494641--> |  WordPad is removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt.  If you're a developer and need information about the affected binaries, see [Resources for deprecated features](deprecated-features-resources.md#wordpad). | October 1, 2024 |
+| Alljoyn <!--8396030-->| Microsoft's implementation of AllJoyn, which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) is retired. [AllJoyn](https://openconnectivity.org/technology/reference-implementation/alljoyn/), sponsored by AllSeen Alliance, was an open source discovery and communication protocol for Internet of Things scenarios such as turning on/off lights or reading temperatures. AllSeen Alliance promoted the AllJoyn project from 2013 until 2016 when it merged with the Open Connectivity Foundation (OCF), the sponsors of [Iotivity.org](https://iotivity.org/), another protocol for Internet of Things scenarios. Customers should refer to the [Iotivity.org](https://iotivity.org/) website for alternatives such as [Iotivity Lite](https://github.com/iotivity/iotivity-lite) or [Iotivity](https://github.com/iotivity/iotivity). | October 1, 2024 |
 | Update Compliance | Update Compliance, a cloud-based service for the Windows client, is retired. This service has been replaced with [Windows Update for Business reports](/windows/deployment/update/wufb-reports-overview), which provides reporting on client compliance with Microsoft updates from the Azure portal.<!--7748874--> | March 31, 2023 |
 | Store uploader tool <!--7297297-->| Support has been removed for the store uploader tool. This tool is included in the Windows SDK only. The endpoint for the tool has been removed from service and the files will be removed from the SDK in the next release. | November 2022 |
 | Internet Explorer 11 | The Internet Explorer 11 desktop application is [retired and out of support](https://aka.ms/IEJune15Blog) as of June 15, 2022 for certain versions of Windows 10. You can still access older, legacy sites that require Internet Explorer with Internet Explorer mode in Microsoft Edge. [Learn how](https://aka.ms/IEmodewebsite). The Internet Explorer 11 desktop application will progressively redirect to the faster, more secure Microsoft Edge browser, and will ultimately be disabled via Windows Update. [Disable IE today](/deployedge/edge-ie-disable-ie11). | June 15, 2022 |
diff --git a/windows/whats-new/whats-new-windows-11-version-24h2.md b/windows/whats-new/whats-new-windows-11-version-24h2.md
new file mode 100644
index 0000000000..5c492a24d8
--- /dev/null
+++ b/windows/whats-new/whats-new-windows-11-version-24h2.md
@@ -0,0 +1,246 @@
+---
+title: What's new in Windows 11, version 24H2 for IT pros
+description: Learn more about what's new in Windows 11 version 24H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more.
+manager: aaroncz
+ms.service: windows-client
+ms.author: mstewart
+author: mestew
+ms.localizationpriority: medium
+ms.topic: reference
+ms.collection:
+  - highpri
+  - tier2
+ms.subservice: itpro-fundamentals
+ms.date: 07/09/2024
+appliesto:
+  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 24H2</a>
+---
+
+# What's new in Windows 11, version 24H2
+<!--8631988-->
+Windows 11, version 24H2 is a feature update for Windows 11. It includes all features and fixes in previous cumulative updates to Windows 11, version 23H2. This article lists the new and updated features IT Pros should know. 
+
+>**Looking for consumer information?** See [Windows 11 2024 update](https://support.microsoft.com/topic/93c5c27c-f96e-43c2-a08e-5812d92f220d#windowsupdate=26100).
+
+Windows 11, version 24H2 follows the [Windows 11 servicing timeline](/lifecycle/faq/windows#windows-11):
+
+- **Windows 11 Pro**: Serviced for 24 months from the release date.
+- **Windows 11 Enterprise**: Serviced for 36 months from the release date.
+
+<!--<isEnablementPackage> Devices updating from Windows 11, version 23H2 use an enablement package. Most the files for the 24H2 update already exist on Windows 11, version 23H2 devices that have a recent monthly security update installed. Many of the new features are already enabled on Windows 11, version 23H2 clients. However, some features are just in an inactive and dormant state because they are under [temporary enterprise feature control](temporary-enterprise-feature-control.md). These new features remain dormant until they're turned on through the enablement package, a small, quick-to-install switch that activates all of the Windows 11, version 24H2 features. -->
+
+Devices must be running Windows 11, version 23H2 or 22H2 with the May 2024 nonsecurity preview update, or a later update, installed in order to update to version 24H2. Windows 11, version 24H2 is a full OS swap so it isn't available as an enablement package. Windows 10 devices can be upgraded to to Windows 11, version 24H2 using the same familiar processes, policies, and management solutions you used to originally deploy Windows 10.
+
+Windows 11, version 24H2 is available through Windows Server Update Services (including Configuration Manager), Windows Update for Business, and the Volume Licensing Service Center (VLSC). For more information, see [How to get the Windows 11, version 24H2 update](https://aka.ms/how-to-get-24H2). Review the [Windows 11, version 24H2 Windows IT Pro blog post](https://aka.ms/new-in-24H2) to discover information about available deployment resources such as the [Windows Assessment  and Deployment Kit (Windows ADK)](/windows-hardware/get-started/adk-install).
+
+
+To learn more about the status of the update rollout, known issues, and new information, see [Windows release health](/windows/release-health/).
+
+## Features no longer under temporary enterprise control
+
+[Temporary enterprise feature control](temporary-enterprise-feature-control.md) temporarily turns off certain features that were introduced during monthly cumulative updates for managed Windows 11 devices. For the purposes of temporary enterprise control, a system is considered managed if it's configured to get updates from Windows Update for Business or [Windows Server Update Services (WSUS)](/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus). Clients that get updates from Microsoft Configuration Manager and Microsoft Intune are considered managed since their updates ultimately come from WSUS or Windows Updates for Business.
+
+There aren't any features under temporary enterprise control between Windows 11, version 23H2 and Windows 11, version 24H2. For a list of features that were under temporary enterprise control between Windows 11, version 22H2 and Windows 11, version 23H2, see, [Windows 11 features behind temporary enterprise feature control](temporary-enterprise-feature-control.md).
+<!--
+| Feature | KB article where the feature was introduced | 
+|---|---|
+| PLACEHOLDER | [February 28, 2023 - KB5022913](https://support.microsoft.com/kb/5022913)  | 
+-->
+
+
+## Checkpoint cumulative updates
+<!--8769182--> 
+Microsoft is introducing checkpoint cumulative updates, a new servicing model that enables devices running Windows 11, version 24H2 or later to save time, bandwidth and hard drive space when getting features and security enhancements via the latest cumulative update. Previously, the cumulative updates contained all changes to the binaries since the last release to manufacturing (RTM) version. The size of the cumulative updates could grow large over time since RTM was used as the baseline for each update.
+
+With checkpoint cumulative updates, the update file level differentials are based on a previous cumulative update instead of the RTM release. Cumulative updates that serve as a checkpoint will be released periodically. Using a checkpoint rather than RTM means the subsequent update packages are smaller, which makes downloads and installations faster. Using a checkpoint also means that in order for a device to install the latest cumulative update, the installation of a prerequisite cumulative update might be required. For more information about checkpoint cumulative updates, see [https://aka.ms/CheckpointCumulativeUpdates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-windows-11-checkpoint-cumulative-updates/ba-p/4182552).
+
+## Features exclusive to Copilot+ PCs in 24H2
+
+Copilot+ PCs are a new class of Windows 11 AI PCs that are powered by a neural processing unit (NPU) that can perform more than 40 trillion operations per second (TOPS). The following features are exclusive to [Copilot+ PCs](https://www.microsoft.com/windows/copilot-plus-pcs) in Windows 11, version 24H2: 
+
+- Live Captions allow you to translate audio and video content into English subtitles from 44 languages. For more information, see [Use live captions to better understand audio](https://support.microsoft.com/topic/b52da59c-14b8-4031-aeeb-f6a47e6055df).
+- Windows Studio Effects is the collective name of AI-powered video call and audio effects that are available on Copilot+ PCs and select Windows 11 devices with compatible NPUs. Windows Studio Effects automatically improves lighting and cancels noises during video calls. For more information, see [Windows Studio Effects](https://support.microsoft.com/topic/273c1fa8-2b3f-41b1-a587-7cc7a24b62d8).
+- Cocreator in Paint allows you to create amazing artwork with the help of AI. Enter a text prompt, start drawing in Paint, and Cocreator generates artwork based on what you're drawing. For more information, see [Cocreator in Paint](https://support.microsoft.com/topic/53857513-e36c-472d-8d4a-adbcd14b2e54)
+- Auto Super Resolution (Auto SR) is the first AI-powered super resolution solution built into an operating system, making games automatically play smoother with higher resolution details. For more information, see [Automatic Super Resolution](https://support.microsoft.com/topic/5d6d95fa-cc02-4673-b62c-2c50f06385aa).
+- Image Creator and Restyle Image in the Microsoft Photos app lets you reimagine your photos or create new images with the assistance of AI. For more information, see [Microsoft Photos Restyle Image and Image Creator](https://support.microsoft.com/topic/6c352e99-d954-49c9-84cd-b7cacd018868).
+
+## Features added to Windows 11 since version 23H2
+
+New features and enhancements were introduced to Windows 11, version 23H2 periodically to provide continuous innovation for Windows 11. These features and enhancements use the normal update servicing channels you're already familiar with. At first, new features are introduced with an optional nonsecurity preview release and gradually rolled out to clients. These new features are released later as part of a monthly security update release. For more information about continuous innovation, see [Update release cycle for Windows clients](/windows/deployment/update/release-cycle#continuous-innovation-for-windows-11).
+
+Some of the features were released within the past year's continuous innovation updates and carry forward into the 24H2 annual feature update include:
+
+### Server Message Block (SMB) protocol changes
+
+#### SMB signing and encryption
+
+The following changes were made for SMB signing and encryption:
+
+- **SMB signing requirement changes**: In Windows 11, version 24H2 on the Home, Pro, Education, and Enterprise editions, [SMB signing is now required](/windows-server/storage/file-server/smb-signing) by default for all connections. SMB signing ensures every message contains a signature generated using session key and cipher suite. The client puts a hash of the entire message into the signature field of the SMB header. If anyone changes the message itself later on the wire, the hash won't match and SMB knows that someone tampered with the data. It also confirms to sender and receiver that they are who they say they are, breaking relay attacks. For more information about SMB signing being required by default, see [https://aka.ms/SMBSigningOBD](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-signing-required-by-default-in-windows-insider/ba-p/3831704).
+
+- **SMB client encryption**: SMB now supports [requiring encryption](/windows-server/storage/file-server/configure-smb-client-require-encryption) on all outbound SMB client connections. Encryption of all outbound SMB client connections enforces the highest level of network security and brings management parity to SMB signing, which allows both client and server requirements. With this new option, administrators can mandate that all destination servers use SMB 3 and encryption, and if missing those capabilities, the client won't connect. For more information about this change, see [https://aka.ms/SmbClientEncrypt](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-client-encryption-mandate-now-supported-in-windows-insider/ba-p/3964037).
+
+- **SMB signing and encryption auditing**: Administrators can now [enable auditing](/windows-server/storage/file-server/smb-signing-overview#smb-signing-and-encryption-auditing) of the SMB server and client for support of SMB signing and encryption. This shows if a third-party client or server doesn't support SMB encryption or signing. The SMB signing and encryption auditing settings can be modified in Group Policy or through PowerShell. 
+
+#### SMB alternative client and server ports
+
+The SMB client now supports connecting to an SMB server over TCP, QUIC, or RDMA using [alternative network ports](/windows-server/storage/file-server/smb-ports) to the hardcoded defaults. However, you can only connect to alternative ports if the SMB server is configured to support listening on that port. Starting in [Windows Server Insider build 26040](https://techcommunity.microsoft.com/t5/windows-server-insiders/announcing-windows-server-preview-build-26040/m-p/4040858), the SMB server now supports listening on an alternative network port for SMB over QUIC. Windows Server doesn't support configuring alternative SMB server TCP ports, but some third parties do. For more information about this change, see [https://aka.ms/SMBAlternativePorts](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-alternative-ports-now-supported-in-windows-insider/ba-p/3974509).
+
+
+#### SMB NTLM blocking exception list
+
+The SMB client now supports [blocking NTLM](/windows-server/storage/file-server/smb-ntlm-blocking) for remote outbound connections. With this new option, administrators can intentionally block Windows from offering NTLM via SMB and specify exceptions for NTLM usage. An attacker who tricks a user or application into sending NTLM challenge responses to a malicious server will no longer receive any NTLM data and can't brute force, crack, or pass hashes. This change adds a new level of protection for enterprises without a requirement to entirely disable NTLM usage in the OS.
+
+For more information about this change, see [https://aka.ms/SmbNtlmBlock](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-ntlm-blocking-now-supported-in-windows-insider/ba-p/3916206).
+
+#### SMB dialect management
+
+The SMB server now supports controlling which [SMB 2 and 3 dialects](/windows-server/storage/file-server/manage-smb-dialects) it negotiates. With this new option, an administrator can remove specific SMB protocols from use in the organization, blocking older, less secure, and less capable Windows devices and third parties from connecting. For example, admins can specify to only use SMB 3.1.1, the most secure dialect of the protocol.
+
+For more information about this change, see [https://aka.ms/SmbDialectManage](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-dialect-management-now-supported-in-windows-insider/ba-p/3916368).
+
+
+#### SMB over QUIC
+
+[SMB over QUIC](/windows-server/storage/file-server/smb-over-quic), which introduced an alternative to TCP and RDMA, supplies secure connectivity to edge file servers over untrusted networks like the Internet. QUIC has significant advantages, the largest being mandatory certificate-based encryption instead of relying on passwords. SMB over QUIC [client access control](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control) improves the existing SMB over QUIC feature.
+
+Administrators now have more options for SMB over QUIC such as: 
+
+- [Specifying which clients](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control#grant-individual-clients) can access SMB over QUIC servers. This gives organizations more protection but doesn't change the Windows authentication used to make the SMB connection or the end user experience.
+- [Disabling SMB over QUIC](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control#disable-smb-over-quic) for client with Group Policy and PowerShell
+- [Auditing client connection events](/windows-server/storage/file-server/smb-over-quic#smb-over-quic-client-auditing) for SMB over QUIC
+
+For more information about these changes, see [https://aka.ms/SmbOverQUICCAC](/windows-server/storage/file-server/configure-smb-over-quic-client-access-control).
+
+#### SMB firewall rule changes
+
+The Windows Firewall [default behavior has changed](/windows-server/storage/file-server/smb-secure-traffic#updated-firewall-rules-preview). Previously, creating an SMB share automatically configured the firewall to enable the rules in the **File and Printer Sharing** group for the given firewall profiles. Now, Windows automatically configures the new **File and Printer Sharing (Restrictive)** group, which no longer contains inbound NetBIOS ports 137-139.
+
+This change enforces a higher degree of default of network security and brings SMB firewall rules closer to the Windows Server **File Server** role behavior, which only opens the minimum ports needed to connect and manage sharing. Administrators can still configure the **File and Printer Sharing** group if necessary as well as modify this new firewall group, these are just default behaviors.
+
+For more information about this change, see [https://aka.ms/SMBfirewall](https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-firewall-rule-changes-in-windows-insider/ba-p/3974496). For more information about SMB network security, see [Secure SMB Traffic in Windows Server](/windows-server/storage/file-server/smb-secure-traffic).
+
+### Local Security Authority (LSA) protection enablement on upgrade
+
+[LSA protection](/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection) helps protect against theft of secrets and credentials used for logon by preventing unauthorized code from running in the LSA process and by preventing dumping of process memory. An audit occurs for incompatibilities with LSA protection for a period of time, starting with this upgrade. If incompatibilities aren't detected, LSA protection is automatically enabled. You can check and change the enablement state of LSA protection in the Windows Security application under the **Device Security** > **Core Isolation** page. In the event log, LSA protection records whether programs are blocked from loading into LSA. If you would like to check if something was blocked, review the [logging](/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection#identify-plug-ins-and-drivers-that-lsassexe-fails-to-load).
+
+ 
+### Remote Mailslot protocol disabled by default
+
+[Remote Mailslot protocol](/openspecs/windows_protocols/ms-mail/47ac910f-1dec-4791-8486-9b3e8fd542da) was [deprecated](deprecated-features.md#deprecated-features) in November 2023 and is now disabled by default starting in Windows 11, version 24H2. For more information on Remote Mailslots, see [About Mailslots](/windows/win32/ipc/about-mailslots).
+
+### Local Administrator Password Solution (LAPS) improvements
+
+[LAPS](/windows-server/identity/laps/laps-overview) has a new automatic account management feature. IT admins can configure Windows LAPS to:
+- Automatically create the managed local account
+- Configure name of account
+- Enable or disable the account
+- Randomize the name of the account
+
+LAPS has the following policy improvements:
+
+- Added passphrase settings for the [PasswordComplexity](/windows/client-management/mdm/laps-csp#policiespasswordcomplexity) policy
+   - Use [PassphraseLength](/windows/client-management/mdm/laps-csp#policiespassphraselength) to control the number of words in a new passphrase
+- Added an improved readability setting for the [PasswordComplexity](/windows/client-management/mdm/laps-csp#policiespasswordcomplexity) policy, which generates passwords without using characters that are easily confused with another character. For example, the zero and the letter O aren't used in the password since the characters can be confused.
+- Added the `Reset the password, logoff the managed account, and terminate any remaining processes` setting to the [PostAuthenticationActions](/windows/client-management/mdm/laps-csp#policiespostauthenticationactions) policy. The event logging messages that are emitted during post-authentication-action execution were also expanded, to give insights into exactly what was done during the operation.
+
+Image rollback detection was introduced for LAPS. LAPS can detect when a device was rolled back to a previous image. When a device is rolled back, the password in Active Directory might not match the password on the device that was rolled back. This new feature adds an Active Directory attribute, `msLAPS-CurrentPasswordVersion`, to the [Windows LAPS schema](/windows-server/identity/laps/laps-technical-reference#mslaps-currentpasswordversion). This attribute contains a random GUID that Windows LAPS writes every time a new password is persisted in Active Directory, followed by saving a local copy. During every processing cycle, the GUID stored in `msLAPS-CurrentPasswordVersion` is queried and compared to the locally persisted copy. If the GUIDs are different, the password is immediately rotated. To enable this feature, you need to run the latest version of the [Update-LapsADSchema PowerShell cmdlet](/powershell/module/laps/update-lapsadschema). 
+
+### Rust in the Windows kernel
+
+There's a new implementation of [GDI region](/windows/win32/gdi/regions) in `win32kbase_rs.sys`. Since Rust offers advantages in reliability and security over traditional programs written in C/C++, you'll continue to see more use of it in the kernel.
+
+### Personal Data Encryption (PDE) for folders
+
+PDE for folders is a security feature where the contents of the known Windows folders (Documents, Desktop and Pictures) are protected using a user authenticated encryption mechanism. Windows Hello is the user authentication used to provide the keys for encrypting user data in the folders. PDE for folders can be [enabled from a policy in Intune](/mem/intune/protect/endpoint-security-disk-encryption-policy). IT admins can select all of the folders, or a subset, then apply the policy to a group of users in their organization.
+PDE for Folders settings is available on Intune under **Endpoint Security** > **Disk encryption**.
+
+For more information about PDE, see [PDE overview](/windows/security/operating-system-security/data-protection/personal-data-encryption)
+
+
+### Windows protected print mode
+
+Windows protected print mode enables devices to print using only the Windows modern print stack, which is designed for [Morpia certified printers](https://mopria.org/certified-products). With Morpia certified printers, there's no longer a need to rely on third-party software installers. To enable Windows protected print mode:
+- Go to **Settings** > **Bluetooth & Devices** > **Printers & scanners**, then choose **Setup** under **Windows protected print mode**
+- Enable the **Configure Windows protected print** policy in Group Policy under **Computer Configuration** > **Administrative Templates** > **Printers**
+
+### SHA-3 support
+
+Support for the SHA-3 family of hash functions and SHA-3 derived functions (SHAKE, cSHAKE, KMAC) was added. The SHA-3 family of algorithms are the latest standardized hash functions by the National Institute of Standards and Technology (NIST). Support for these functions is enabled through the Windows [CNG](/windows/win32/seccng/cng-portal) library.
+
+- **Supported SHA-3 hash functions**: SHA3-256, SHA3-384, SHA3-512 (SHA3-224 isn't supported)
+
+- **Supported SHA-3 HMAC algorithms**: HMAC-SHA3-256, HMAC-SHA3-384, HMAC-SHA3-512
+
+- **Supported SHA-3 derived algorithms**: extendable-output functions (XOF) (SHAKE128, SHAKE256), customizable XOFs (cSHAKE128, cSHAKE256), and KMAC (KMAC128, KMAC256, KMACXOF128, KMACXOF256).
+
+### App Control for Business
+<!--8223790-->
+Customers can now use App Control for Business (formerly called Windows Defender Application Control) and its next-generation capabilities to protect their digital property from malicious code. With App Control for Business, IT teams can configure what runs in a business environment through Microsoft Intune or other MDMs in the admin console, including setting up Intune as a managed installer. For more information, see [Application Control for Windows](/windows/security/application-security/application-control/app-control-for-business/appcontrol).
+
+### Wi-Fi 7 support
+<!--8850300-->
+Support  for Wi-Fi 7 was added for consumer access points. Wi-Fi 7, also known as IEEE 802.11be Extremely High Throughput (EHT) is the latest Wi-Fi technology that offers unprecedented speed, reliability, and efficiency for your wireless devices. For more information about Wi-Fi 7, see the [Wi-Fi Alliance announcement](https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-introduces-wi-fi-certified-7).
+
+### Bluetooth &#174; LE audio support for assistive devices
+
+Customers who use these assistive hearing devices are now able to directly pair, stream audio, take calls, and control audio presets when they use an LE Audio-compatible PC. Users who have Bluetooth LE Audio capable assistive hearing devices can determine if their PC is LE Audio-compatible, set up, and manage their devices via **Settings** > **Accessibility** > **Hearing devices**. For more information, see [Using hearing devices with your Windows 11 PC](https://support.microsoft.com/topic/fcb566e7-13c3-491a-ad5b-8219b098d647).  
+
+### Windows location improvements
+
+New controls were added to help manage which apps have access to the list of Wi-Fi networks around you, which could be used to determine your location.
+- You can view and modify which apps can access the list of Wi-Fi networks from **Settings** > **Privacy & security** > **Location**.
+- A new prompt appears the first time an app attempts to access your location or Wi-Fi information.
+   - The prompt also notifies when an app unexpectedly requests access to location services so that you can deny it.
+   - If you grant permission, apps that use location or Wi-Fi information now appear in **Recent activity** on the **Location** settings page, and the location icon is displayed in the taskbar while the app is in-use.
+   - To hide these prompts when location has been turned off, turn off **Notify when apps request location** on the **Location** settings page.
+- Developers can use the [Changes to API behavior for Wi-Fi access and location](/windows/win32/nativewifi/wi-fi-access-location-changes) article to learn about API surfaces impacted by this change.
+
+### Sudo for Windows
+
+Sudo for Windows is a new way for users to run elevated commands (as an administrator) directly from an unelevated console session. The sudo command can be configured to run in three different modes:
+
+- **In a new window**: The elevated command runs in a new window. This mode is similar to the behavior of the `runas /user:admin` command.
+- **With input disabled**: Runs the elevated process in the current window, but with the input handle closed. This means that the elevated process won't be able to receive input from the current console window.
+- **Inline**: Runs the elevated process in the current window and the process is able to receive input from the current console session. This mode is most similar to the sudo experience on other platforms.
+
+It's recommended that you review the security considerations for each mode here before [enabling the sudo command](/windows/sudo/#how-to-enable-sudo-for-windows) on your machine. For more information, see [Sudo for Windows](/windows/sudo/).
+
+### Enable optional updates
+<!--7991583-->
+In addition to the monthly cumulative update, optional updates are available to provide new features and nonsecurity changes. Most optional updates are released on the fourth Tuesday of the month, known as optional nonsecurity preview releases. Optional updates can also include features that are gradually rolled out, known as controlled feature rollouts (CFRs). Installation of optional updates isn't enabled by default for devices that receive updates using Windows Update for Business. However, you can enable optional updates for devices by using the **Enable optional updates** policy. For more information about optional content, see [Enable optional updates](/windows/deployment/update/waas-configure-wufb#enable-optional-updates).
+
+### Remote Desktop Connection improvements
+
+Remote Desktop Connection has the following improvements:
+- The Remote Desktop Connection setup window (mstsc.exe) follows the text scaling settings under **Settings** > **Accessibility** > **Text size**. 
+- Remote Desktop Connection supports zoom options of 350, 400, 450, and 500%
+- Improvements to the connection bar design
+
+
+### Additional features
+<!--notable UX items for IT pros from other updates-->
+
+- **File Explorer**: The following changes were made to File Explorer context menu:
+  - Support for creating 7-zip and TAR archives
+  - **Compress to** > **Additional options** allows you to compress individual files with gzip, BZip2, xz, or Zstandard 
+  - Labels were added to the context menu icons for actions like copy, paste, delete, and rename
+- **OOBE improvement**: when you need to connect to a network and there's no Wi-Fi drivers, you're given an *Install drivers* option to install drivers that are already downloaded
+- **Registry Editor**: The Registry Editor supports limiting a search to the currently selected key and its descendants
+- **Task Manager**: The Task Manager settings page has [Mica material](/windows/apps/design/style/mica) and a redesigned icon 
+
+
+### Developer APIs
+
+The following developer APIs were added or updated:
+
+- Introduced the [Power Grid Forecast API](/uwp/api/windows.devices.power.powergridforecast). App developers can minimize environmental impact by shifting background workloads to times when renewable energy is available to the local grid. Forecast data isn't available globally and quality of data may vary by region.
+- Added an energy saver notification callback setting GUID to represent the new energy saver experience. Apps can subscribe to the energy saver status by passing the appropriate GUID to the PowerSettingRegisterNotification API and can implement different behaviors to optimize energy or performance depending on the current energy saver status. For more information, see [Power Setting GUIDs](/windows/win32/power/power-setting-guids)
+- Extended the [Effective Power Mode API](/windows/win32/api/powersetting/ne-powersetting-effective_power_mode) to interpret the new energy saver levels when determining the returned effective power mode.
+
+## Features removed in Windows 11, version 24H2
+
+The following [deprecated features](deprecated-features.md) are [removed](removed-features.md) in Windows 11, version 24H2:
+
+- **WordPad**: WordPad is removed from all editions of Windows starting in Windows 11, version 24H2 and Windows Server 2025. <!--8254696, 8494641-->
+- **Alljoyn**: Microsoft's implementation of AllJoyn, which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) is retired.<!--8396030-->