diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md index 2c8fd39528..e55674234c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md @@ -50,10 +50,6 @@ You'll need to enable the live response capability in the [Advanced features set >[!WARNING] >Allowing the use of unsigned scripts may increase your exposure to threats. - - > [!ÏMPORTANT] - > The option to upload a file to the library is only available to those with the appropriate RBAC permissions. The button is greyed out for users with only delegated permissions. - Running unsigned scripts is generally not recommended as it can increase your exposure to threats. If you must use them however, you'll need to enable the setting in the [Advanced features settings](advanced-features.md) page. - **Ensure that you have the appropriate permissions**
@@ -61,6 +57,9 @@ You'll need to enable the live response capability in the [Advanced features set Depending on the role that's been granted to you, you can run basic or advanced live response commands. Users permission are controlled by RBAC custom role. + > [!IMPORTANT] + > The option to upload a file to the library is only available to those with the appropriate RBAC permissions. The button is greyed out for users with only delegated permissions. + ## Live response dashboard overview When you initiate a live response session on a machine, a dashboard opens. The dashboard provides information about the session such as: