update images

windows/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md

@@ -35,7 +35,6 @@ When you investigate a specific machine, you'll see:
 - Alerts related to this machine
 - Machine timeline
 
-[TAKEN FROM MOCK ONLY!! JOEY: UPDATE WITH ACTUAL WHEN READY!!]
 ![Image of machine details page](images/atp-machine-view-ata.png)
 
 The machine details, ATA alerts, total logged on users, and machine reporting sections display various attributes about the machine.
@@ -85,6 +84,7 @@ Use the search bar to look for specific timeline events. Harness the power of us
     - User
     - IP
     - URL
+
 -	**Informational level** – Click the drop-down button to filter by the following levels:
     - Detections mode: displays Windows ATP Alerts and detections
     -	Behaviors mode: displays "detections" and selected events of interest
@@ -93,9 +93,10 @@ Use the search bar to look for specific timeline events. Harness the power of us
 - **Event type** - Click the drop-down button to filter by the following levels:
     - Windows Defender ATP alerts
     - Windows Defender AV alerts
+    - Device Guard events
+    - Exploit Guard events
+    - SmartScreen events
     - Response actions
-  - AppGuard related events
-  - Windows Defender Device Guard events
     - Process events
     - Network events
     - File events