deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #5059 from baardhermansen/patch-10

Browse Source 
Update understand-applocker-rules-and-enforcement-setting-inheritance…
This commit is contained in:
Daniel Simpson
2019-09-27 10:59:19 -07:00
committed by GitHub
parent 31d1e5fa7c f327a95b3f
commit f8e9c9aaee
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
View File

@ -30,7 +30,9 @@ Rule enforcement is applied only to collections of rules, not individual rules.
Group Policy merges AppLocker policy in two ways: Group Policy merges AppLocker policy in two ways:
- **Rules.** Group Policy does not overwrite or replace rules that are already present in a linked Group Policy Object (GPO). For example, if the current GPO has 12 rules and a linked GPO has 50 rules, 62 rules are applied to all computers that receive the AppLocker policy. - **Rules.** Group Policy does not overwrite or replace rules that are already present in a linked Group Policy Object (GPO). For example, if the current GPO has 12 rules and a linked GPO has 50 rules, 62 rules are applied to all computers that receive the AppLocker policy.
>**Important:**  When determining whether a file is permitted to run, AppLocker processes rules in the following order:
> [!IMPORTANT]
> When determining whether a file is permitted to run, AppLocker processes rules in the following order:
1. **Explicit deny.** An administrator created a rule to deny a file. 1. **Explicit deny.** An administrator created a rule to deny a file.
2. **Explicit allow.** An administrator created a rule to allow a file. 2. **Explicit allow.** An administrator created a rule to allow a file.